VYPR

Packagist (Composer) package

web-auth/webauthn-lib

pkg:composer/web-auth/webauthn-lib

Vulnerabilities (2)

  • CVE-2026-30964MedMar 10, 2026
    affected >= 5.2.0, < 5.2.4fixed 5.2.4

    web-auth/webauthn-lib is an open source set of PHP libraries and a Symfony bundle to allow developers to integrate that authentication mechanism into their web applications. Prior to 5.2.4, when allowed_origins is configured, CheckAllowedOrigins reduces URL-like values to their h

  • CVE-2024-39912MedJul 15, 2024
    affected >= 4.5.0, < 4.9.0fixed 4.9.0

    web-auth/webauthn-lib is an open source set of PHP libraries and a Symfony bundle to allow developers to integrate that authentication mechanism into their web applications. The ProfileBasedRequestOptionsBuilder method returns allowedCredentials without any credentials if no user