PKSA-pc52-dbxt-c1w6 Security Advisory
-
[HIGH] league/oauth2-server key exposed in exception message when passing as a string and providing an invalid pass phrase
PKSA-pc52-dbxt-c1w6 CVE-2023-37260 GHSA-wj7q-gjg8-3cpm
Affected package: league/oauth2-server
Affected version: >=8.5.0,<8.5.3|>=8.3.2,<8.4.2
Reported by:
GitHub