Maven package
org.apereo.cas/cas-server-webapp
pkg:maven/org.apereo.cas/cas-server-webapp
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-27178 | Hig | 7.5 | >= 5.3.0, < 5.3.16 | 5.3.16 | Oct 16, 2020 | Apereo CAS 5.3.x before 5.3.16, 6.x before 6.1.7.2, 6.2.x before 6.2.4, and 6.3.x before 6.3.0-RC4 mishandles secret keys with Google Authenticator for multifactor authentication. |
- affected >= 5.3.0, < 5.3.16fixed 5.3.16
Apereo CAS 5.3.x before 5.3.16, 6.x before 6.1.7.2, 6.2.x before 6.2.4, and 6.3.x before 6.3.0-RC4 mishandles secret keys with Google Authenticator for multifactor authentication.