How severe is CVE-2022-31158?

CVE-2022-31158 has a CVSS v3 score of 7.5 (HIGH).

CVE-2022-31158

Name: lti_1.3_tool_library
Author: packback

7.5HIGH

LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the Nonce Claim Value was not being validated against the nonce value sent in the

게시됨: 7/15/2022업데이트됨: 11/21/2024

설명

LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the Nonce Claim Value was not being validated against the nonce value sent in the Authentication Request. Users should upgrade to version 5.0 to receive a patch. There are currently no known workarounds.

AI 분석AI 기반

영향받는 제품

packbacklti_1.3_tool_library

참조

https://github.com/packbackbooks/lti-1-3-php-library/security/advisories/GHSA-5p73-qg2v-383h
Third Party Advisory
https://github.com/packbackbooks/lti-1-3-php-library/security/advisories/GHSA-5p73-qg2v-383h
Third Party Advisory