Timing side-channel in HMAC verification via memcmp() in crypto_hmac.cc leads to potential MAC forgery

Disclosed: 2026-03-30 16:42:57 By x_probe To nodejs

Medium

Vulnerability Details

No vulnerability description provided or it is restricted.

Actions

View on HackerOne

Report Stats

Report ID: 3533945
State: Closed
Substate: resolved
Upvotes: 1

Share this report