File: tests/Fixtures/php_security_advisories/security-advisories-master/kreait/firebase-php/CVE-2018-1000025.yaml

Recommend this page to a friend!

tests/Fixtures/php_security_advisories/security-advisories-master/kreait/firebase-php/CVE-2018-1000025.yaml

File:	`tests/Fixtures/php_security_advisories/security-advisories-master/kreait/firebase-php/CVE-2018-1000025.yaml`
Role:	Auxiliary data
Content type:	`text/plain`
Description:	Auxiliary data
Class:	PHP Security Checker Scan project packages to check for vulnerabilities
Author:	By Paras Malhotra
Last change:
Date:	3 years ago
Size:	`480 bytes`

Download

title:     Incorrect Access Control vulnerability in src/Firebase/Auth/IdTokenVerifier.php does not verify for token signature that can result in JWT with any email address and user ID could be forged from an actual token, or from thin air.
link:      https://github.com/kreait/firebase-php/releases/tag/3.8.1
cve:       CVE-2018-1000025
branches:
    master:
        time:     2018-01-16 10:51:00
        versions: ['>=3.2.0', '<3.8.1']
reference: composer://kreait/firebase-php

About us

Advertise on this site

For more information send a message to info at phpclasses dot org.

File: tests/Fixtures/php_security_advisories/security-advisories-master/kreait/firebase-php/CVE-2018-1000025.yaml

Contents