CVE-2016-3124: Information leakage in sanitycheck

February 7, 2017 (updated October 2, 2018)

A remote attacker could learn information about the exact PHP version run by the affected system, allowing the search for vulnerabilities known to work with that version.

References

github.com/simplesamlphp/simplesamlphp/commit/952027dd7f794ff4b2d4f5eddf549c5b5070fa38
simplesamlphp.org/security/201603-01

Code Behaviors & Features

Detect and mitigate CVE-2016-3124 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →