How severe is CVE-2022-31158?

CVE-2022-31158 has a CVSS v3 score of 7.5 (HIGH).

CVE-2022-31158

Name: lti_1.3_tool_library
Author: packback

7.5HIGH

LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the Nonce Claim Value was not being validated against the nonce value sent in the

Publicado: 7/15/2022Atualizado: 11/21/2024

Descrição

LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the Nonce Claim Value was not being validated against the nonce value sent in the Authentication Request. Users should upgrade to version 5.0 to receive a patch. There are currently no known workarounds.

Análise IADesenvolvido por IA

Produtos Afetados

packbacklti_1.3_tool_library

Referências

https://github.com/packbackbooks/lti-1-3-php-library/security/advisories/GHSA-5p73-qg2v-383h
Third Party Advisory
https://github.com/packbackbooks/lti-1-3-php-library/security/advisories/GHSA-5p73-qg2v-383h
Third Party Advisory