A flaw in Node.js HMAC verification uses a non-constant-time comparison when validating user-provided signatures, potentially leaking timing information proportional to the number of matching bytes. Under certain threat models where high-resolution timing measurements are possible, this behavior could be exploited as a timing oracle to infer HMAC values. Node.js already provides timing-safe comparison primitives used elsewhere in the codebase, indicating this is an oversight rather than an intentional design decision. This vulnerability affects **20.x, 22.x, 24.x, and 25.x**.
| Vendor | Product | Versions |
|---|---|---|
| node.js | node.js | 20.20.1, 22.22.1, 24.14.0, 25.8.1, 4.0, 5.0, 6.0, 7.0, 8.0, 9.0, 10.0, 11.0, 12.0, 13.0, 14.0, 15.0, 16.0, 17.0, 18.0, 19.0, all supported release lines |
Downstream vendors/products affected by this vulnerability
| Vendor | Product | Source | Confidence |
|---|---|---|---|
| debian | debian linux | cert_advisory | 90% |
| open source | node.js | cert_advisory | 90% |
