VYPR

Packagist (Composer) package

lightsaml/lightsaml

pkg:composer/lightsaml/lightsaml

Vulnerabilities (1)

  • CVE-2018-1000165HigApr 18, 2018
    affected < 1.3.5fixed 1.3.5

    LightSAML version prior to 1.3.5 contains a Incorrect Access Control vulnerability in signature validation in readers in src/LightSaml/Model/XmlDSig/ that can result in impersonation of any user from Identity Provider. This vulnerability appears to have been fixed in 1.3.5 and la