VYPR

Maven package

org.apereo.cas/cas-server-support-otp-mfa-core

pkg:maven/org.apereo.cas/cas-server-support-otp-mfa-core

Vulnerabilities (1)

  • CVE-2020-27178HigOct 16, 2020
    affected >= 5.3.0, < 5.3.16fixed 5.3.16

    Apereo CAS 5.3.x before 5.3.16, 6.x before 6.1.7.2, 6.2.x before 6.2.4, and 6.3.x before 6.3.0-RC4 mishandles secret keys with Google Authenticator for multifactor authentication.