Regular Expression Denial Of Service (ReDoS)

org.apereo.cas, cas-server-core-configuration-metadata-repository is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to improper processing of the "Name" argument without input validation, which allows remote attackers to trigger excessive backtracking and degra...

org.apereo.cas:cas-management-webapp-configuration (>=5.3.1 <=5.3.3), org.apereo.cas:cas-management-webapp-support (>=5.2.0-RC2 <=5.3.3) +214 more potentially affected by CVE-2019-10754 via org.apereo.cas:cas-server-core-services-api (>=5.2.0-RC2 <=6.1.0-RC4)

org.apereo.cas:cas-server-core-services-api MAVEN version =5.2.0-RC2, =5.3.1, =5.2.0-RC2, =5.3.1, =6.1.0-RC2, =6.0.0-RC4, =6.0.0-RC4, =5.2.0, =6.0.0, =5.2.0, =5.2.0, =5.3.0, =5.3.0, =5.2.0, =5.2.0, =5.2.0, =6.1.0-RC4 and more Source cves: CVE-2019-10754 Source advisory: OSV:GHSA-G24W-373R-5PXG...

com.buession.cas:buession-cas-captcha (>=2.0.0 <=2.2.1), com.buession.cas:buession-cas-oauth (>=2.3.0 <=2.3.2) +240 more potentially affected by CVE-2021-42567 via org.apereo.cas:cas-server-core-web (>=5.0.0 <=6.4.1)

org.apereo.cas:cas-server-core-web MAVEN version =5.0.0, =2.0.0, =2.3.0, =1.1.0, =1.1.0, =2.3.0, =1.2.0, =1.1.0, =1.1.0, =5.0.0, =5.0.0, =6.3.1, =6.1.7, =6.3.1, =6.3.1, =6.3.10 and more Source cves: CVE-2021-42567 Source advisory: OSV:GHSA-GFHX-JJWQ-63GV...