[LOW] An error during signature verification can be treated as a successful verification.

PKSA-nh5k-9wsp-k4zd GHSA-9wrw-p9rm-r782

Affected version: <2.10.4

Reported by:
GitHub, FriendsOfPHP/security-advisories

[MEDIUM] Vulnerability to Response Wrapping attacks resulting in a malicious user gaining unauthorized access to a system.

PKSA-4x6t-byc2-3fqx CVE-2016-1000253 GHSA-g48f-pgwh-wwxx

Affected version: <2.10.0

Reported by:
GitHub, FriendsOfPHP/security-advisories