PyPi: Simple-Otp

PVE-2022-51326

Safety vulnerability ID: 51326

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Oct 03, 2022 Updated at Dec 09, 2022

Advisory

Simple-otp 0.1.1 uses hmac.compare_digest to avoid timing attacks. https://github.com/no…

[This advisory has been limited. Please create a free account to view the full advisory.]

Affected package

simple-otp

Latest version: 0.1.1

A simple OTP Generation and Verification Library which works without a Database or Cache

Affected versions

Fixed versions

Vulnerability changelog

Security - Use hmac.compare_digest instead of plain == by [Compro-Prasad](https://github.…

[This text has been limited. Please create a free account to view the full text.]

Resources