The SimpleSAML_Auth_TimeLimitedToken class in SimpleSAMLphp 1.14.14 and earlier allows attackers with access to a secret token to extend its validity period by manipulating the prepended time offset.
Related bugs and status
CVE-2017-12867 (Candidate)
is related to these bugs: