Closed phpukr closed 7 months ago
Kudos, SonarCloud Quality Gate passed!
0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells
No Coverage information
2.8% Duplication
Yes, aware of that, we've got a dependabot alert.
Currently looking at the impact, as it is a major version upgrade..
First indications are 3.x is not compatible.
A simple login doesn't work anymore, but since Auth doesn't use Crypt, I think it may be related to session encryption.
Updated Crypt to use PHPSecLib 3.
Thanks for reporting it.
phpseclib < 3.0.34 vulnerable to denial of service