Описание
LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the function used to generate random nonces was not sufficiently cryptographically complex. Users should upgrade to version 5.0 to receive a patch. There are currently no known workarounds.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.0.0 (исключая)
cpe:2.3:a:packback:lti_1.3_tool_library:*:*:*:*:*:*:*:*
EPSS
Процентиль: 30%
0.00114
Низкий
7.5 High
CVSS3
Дефекты
CWE-327
CWE-330
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
LTI 1.3 Tool Library's function used to generate random nonces not sufficiently cryptographically complex before v5.0
EPSS
Процентиль: 30%
0.00114
Низкий
7.5 High
CVSS3
Дефекты
CWE-327
CWE-330