Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Use of a Broken or Risky Cryptographic Algorithm in packbackbooks/lti-1-3-php-library
Vulnerability Description
LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the function used to generate random nonces was not sufficiently cryptographically complex. Users should upgrade to version 5.0 to receive a patch. There are currently no known workarounds.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Vulnerability Type
使用已被攻破或存在风险的密码学算法
Vulnerability Title
LTI 1.3 Tool Library 安全特征问题漏洞
Vulnerability Description
LTI 1.3 Tool Library是用于在 PHP 中构建 IMS 认证的 LTI 1.3 工具提供程序的库。 LTI 1.3 Tool Library 5.0之前版本存在安全特征问题漏洞,该漏洞源于LTI 1.3 Tool Library是一个用于在PHP中构建IMS认证的LTI 1.3工具提供商的库。在5.0版本之前,用于生成随机nonces的函数在密码学上不够复杂。用户应该升级到5.0版本以获得一个补丁。
CVSS Information
N/A
Vulnerability Type
N/A