web-auth/webauthn-lib

Packagist2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting web-auth/webauthn-libpage 1 of 1

CVE-2024-39912MEDIUMCVSS 5.3EG 5.3✓ Fixed in 4.9.0
2024-07-15
vulnerable: 4.5.0 ... 4.8.7 (26 versions)
web-auth/webauthn-lib is an open source set of PHP libraries and a Symfony bundle to allow developers to integrate that authentication mechanism into their web applications. The ProfileBasedRequestOptionsBuilder method returns allowedCrede…
CVE-2026-30964MEDIUMCVSS 5.4EG 5.4✓ Fixed in 5.2.4
2026-03-10
vulnerable: 5.2.0, 5.2.1, 5.2.2, 5.2.3
web-auth/webauthn-lib is an open source set of PHP libraries and a Symfony bundle to allow developers to integrate that authentication mechanism into their web applications. Prior to 5.2.4, when allowed_origins is configured, CheckAllowedO…

Check whether web-auth/webauthn-lib is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for web-auth/webauthn-lib CVEs against the assets you own.

Start Free Scan →