Name of the Vulnerable Software and Affected Versions: Adyen (affected versions not specified)

Description: The issue concerns the is valid hmac and is valid hmac notification methods, which are vulnerable to a timing attack. To mitigate this, it is recommended to compare the hash of the HMACs instead of directly comparing the HMACs.

Recommendations: For all affected versions, consider modifying the is valid hmac and is valid hmac notification methods to compare the hash of the HMACs instead of directly comparing the HMACs. At the moment, there is no information about a newer version that contains a fix for this vulnerability.