Page 4 of 16 results (0.002 seconds)

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

The SimpleSAML_Auth_TimeLimitedToken class in SimpleSAMLphp 1.14.14 and earlier allows attackers with access to a secret token to extend its validity period by manipulating the prepended time offset. La clase SimpleSAML_Auth_TimeLimitedToken en SimpleSAMLphp 1.14.14 y anteriores permite que atacantes con acceso a un token secreto extiendan su periodo de validez manipulando el offset de tiempo antepuesto. • https://lists.debian.org/debian-lts-announce/2017/12/msg00007.html https://simplesamlphp.org/security/201708-01 https://www.debian.org/security/2018/dsa-4127 • CWE-613: Insufficient Session Expiration •