Packagist (Composer) package
league/oauth2-server
pkg:composer/league/oauth2-server
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-37260 | — | >= 8.3.2, < 8.4.2 | 8.4.2 | Jul 6, 2023 | league/oauth2-server is an implementation of an OAuth 2.0 authorization server written in PHP. Starting in version 8.3.2 and prior to version 8.5.3, servers that passed their keys to the CryptKey constructor as as string instead of a file path will have had that key included in a |
- CVE-2023-37260Jul 6, 2023affected >= 8.3.2, < 8.4.2fixed 8.4.2
league/oauth2-server is an implementation of an OAuth 2.0 authorization server written in PHP. Starting in version 8.3.2 and prior to version 8.5.3, servers that passed their keys to the CryptKey constructor as as string instead of a file path will have had that key included in a