Vulnerability Database
296,748
Total vulnerabilities in the database
CVE-2025-59058
Summary
HMAC signature comparison is not timing-safe and is vulnerable to timing attacks.
Details
SharedKey::sign() returns a Vec<u8> which has a non-constant-time equality implementation.
Hmac::finalize() returns a constant-time wrapper (CtOutput) which was discarded. Alternatively, Hmac has a constant-time verify() method.
The problem reported here is due to the following lines in SharedKey::sign() of the previous code:
let mut mac = HmacSha256::new_from_slice(key).unwrap();
mac.update(data);
Ok(mac.finalize().into_bytes().to_vec())
and the merged update changes the third line to directly verify with verify_slice.
Impact
Anyone who uses HS256 signature verification is vulnerably to Timing Attack that allows the attacker to forge a signature.
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime