LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the function used to generate random nonces was not sufficiently cryptographically complex. Users should upgrade to version 5.0 to receive a patch. There are currently no known workarounds.
References
Link | Resource |
---|---|
https://github.com/packbackbooks/lti-1-3-php-library/security/advisories/GHSA-768m-5w34-2xf5 | Third Party Advisory |
Configurations
Information
Published : 2022-07-15 11:15
Updated : 2022-07-22 09:44
NVD link : CVE-2022-31157
Mitre link : CVE-2022-31157
JSON object : View
CWE
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
Products Affected
packback
- lti_1.3_tool_library