[HIGH] Incorrect signature validation

PKSA-4sdq-zyfs-21dr CVE-2018-7644 GHSA-923w-2xv2-7pr8

Affected package: simplesamlphp/saml2

Affected version: <1.10.5|>=2.0,<2.3.7|>=3.0,<3.1.3

Reported by:
GitHub, FriendsOfPHP/security-advisories