VYPR

Packagist (Composer) package

altcha-org/altcha

pkg:composer/altcha-org/altcha

Vulnerabilities (1)

  • CVE-2025-68113MedDec 16, 2025
    affected < 1.3.1fixed 1.3.1

    ALTCHA is privacy-first software for captcha and bot protection. A cryptographic semantic binding flaw in ALTCHA libraries allows challenge payload splicing, which may enable replay attacks. The HMAC signature does not unambiguously bind challenge parameters to the nonce, allowin