Maven package
org.cryptacular/cryptacular
pkg:maven/org.cryptacular/cryptacular
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-7226 | — | < 1.1.4 | 1.1.4 | Jan 24, 2020 | CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within the header of en |
- CVE-2020-7226Jan 24, 2020affected < 1.1.4fixed 1.1.4
CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within the header of en