[MEDIUM] The FIDO2/Webauthn Support for PHP library allows enumeration of valid usernames

PKSA-sjrk-y37x-n2ck CVE-2024-39912 GHSA-875x-g8p7-5w27

Affected version: >=4.5.0,<4.9.0

Reported by:
GitHub

[CRITICAL] Improper Access Control in Webauthn Framework

PKSA-tgdf-n8gt-ty6f CVE-2021-38299 GHSA-6whf-q6p5-84wg

Affected version: >=3.3.0,<3.3.4

Reported by:
GitHub