Adiebler

**Name of the Vulnerable Software and Affected Versions** viafintech Barzahlen Payment Module PHP SDK versions up to 2.0.0 **Description** A vulnerability was found in the viafintech Barzahlen Payment Module PHP SDK, affecting the `verify` function of the file `src/Webhook.php`. The manipulation leads to observable timing discrepancy. The complexity of an attack is rather high, and the exploitability is difficult. **Recommendations** For viafintech Barzahlen Payment Module PHP SDK versions up to 2.0.0, upgrade to version 2.0.1 to address this issue. As a temporary workaround, consider disabling the `verify` function of the `src/Webhook.php` file until the patch is applied.