VYPR

Packagist (Composer) package

kreait/firebase-php

pkg:composer/kreait/firebase-php

Vulnerabilities (1)

  • CVE-2018-1000025HigFeb 9, 2018
    affected >= 3.2.0, < 3.8.1fixed 3.8.1

    Jerome Gamez Firebase Admin SDK for PHP version from 3.2.0 to 3.8.0 contains a Incorrect Access Control vulnerability in src/Firebase/Auth/IdTokenVerifier.php does not verify for token signature that can result in JWT with any email address and user ID could be forged from an act