GHSA-768m-5w34-2xf5

Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/07/GHSA-768m-5w34-2xf5/GHSA-768m-5w34-2xf5.json
Aliases
  • CVE-2022-31157
Published
2022-07-15T20:55:46Z
Modified
2022-07-25T19:25:08Z
Details

Impact

The function used to generate random nonces was not sufficiently cryptographically complex. As a result values may be predictable and tokens may be forgable.

Patches

Users should upgrade to version 5.0 immediately

Workarounds

None.

References

Affected packages

Packagist / packbackbooks/lti-1-3-php-library

packbackbooks/lti-1-3-php-library

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0
Fixed
5.0

Affected versions