Security Advisory

CVE-2020-7226

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-01-24 14:17:16

Last updated 2024-08-04 09:25:48

Assigner mitre

State PUBLISHED

Description

CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within the header of encoded data.

← Browse all CVEs View on cve.org ↗