pkg:composer/kreait/firebase-php
Type
composer
Namespace
kreait
Name
firebase-php
Known advisories, vulnerabilities and fixes for firebase-php package.
High
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | >= 3.2.0, < 3.8.1 |
CVE-2018-1000025
|
PHP:KREAIT-FIREBASE-PHP-2018-1000025 | Incorrect Access Control vulnerability in src/Firebase/Auth/IdTokenVerifier.php does not verify for token signature that can result in JWT with any email address and user ID could be forged from an actual token, or from thin air. | high |
2018-01-16T10:51:00
(6 years ago) |