Ecosyste.ms: OpenCollective

An open API service for software projects hosted on Open Collective.

github.com/yiisoft/yii2-authclient

Yii 2 authclient extension.
https://github.com/yiisoft/yii2-authclient

Low

GSA_kwCzR0hTQS13OHZoLXA3NGoteDl4cM4AA34Q

yii2-authclient vulnerable to possible timing attack on string comparison in OAuth1, OAuth2 and OpenID Connect implementation
Ecosystems: packagist
Packages: yiisoft/yii2-authclient
Source: github
Published: about 1 year ago

Moderate

GSA_kwCzR0hTQS1ydzU0LTY4MjYtYzhqNc4AA34O

yiisoft/yii2-authclient's Oauth2 PKCE implementation is vulnerable
Ecosystems: packagist
Packages: yiisoft/yii2-authclient
Source: github
Published: about 1 year ago