illuminate/auth Security Advisories for v5.4.19 (2)
-
[MEDIUM] Timing attack vector for remember me token
PKSA-8d9w-w38j-phd4 CVE-2017-14775 GHSA-c2v7-j5gq-wcq4
Affected version: >=4.1.26,<=4.1.31|>=4.2.0,<=4.2.22|>=5.0.0,<=5.0.35|>=5.1.0,<=5.1.46|>=5.2.0,<=5.2.45|>=5.3.0,<=5.3.31|>=5.4.0,<=5.4.36|>=5.5.0,<5.5.10
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[MEDIUM] Password reset phishing vulnerability
PKSA-mthy-14qm-t8rw CVE-2017-9303 GHSA-rc8x-jrrc-frfv
Affected version: >=5.3.0,<=5.3.31|>=5.4.0,<5.4.22
Reported by:
GitHub, FriendsOfPHP/security-advisories