Session fixation and authentication bypass (authcrypt module)

PKSA-2qjk-5gny-czwm CVE-2017-12868

Affected package: simplesamlphp/simplesamlphp

Affected version: >=1.14.12,<1.14.14

Reported by:
FriendsOfPHP/security-advisories