📚 CVE-2010-10006 | michaelliao jopenid prior 1.08 OpenIdManager.java getAuthentication timing discrepancy
A vulnerability, which was classified as problematic, was found in michaelliao jopenid. Affected is the function
getAuthentication of the file JOpenId/src/org/expressme/openid/OpenIdManager.java. The manipulation leads to observable timing discrepancy.
This vulnerability is traded as CVE-2010-10006. The attack needs to be initiated within the local network. There is no exploit available.
It is recommended to upgrade the affected component. ...