4 matches found
EUVD-2020-0522
Malware in sbrugna...
cryptacular: excessive memory allocation during a decode operation
CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within the header of encoded data...
be.kuleuven.ccis.util:jwt (=1.0.0), com.buession.cas:buession-cas-core (=1.1.0) +417 more potentially affected by CVE-2020-7226 via org.cryptacular:cryptacular (>=1.2.0 <=1.2.3)
org.cryptacular:cryptacular MAVEN version =1.2.0, =0.8, =0.10, =0.10, =0.10, =0.8, =0.8, =0.8, =0.9, =0.9.4 and more Source cves: CVE-2020-7226 Source advisory: OSV:GHSA-X64G-4XX9-FH6X...
br.com.absoftware.gerabook:gerabook (>=1.1 <=1.2), cloud.altemista.fwk.framework:cloud-altemistafwk-documentation (=3.1.0.RELEASE) +477 more potentially affected by CVE-2020-7226 via org.cryptacular:cryptacular (>=1.0 <=1.1.3)
org.cryptacular:cryptacular MAVEN version =1.0, =1.1, =3.0.0.RELEASE, =3.0.0.RELEASE, =3.0.0.RELEASE, =3.0.0.RELEASE, =1.4.0.0, =0.7.0.1, =1.0.0, =3.0.0, =5.0.0, =2.2.4, =2.2.4, =2.2.4, =2.3.19 - com.exacttarget:fuelsdk =1.1.0 and more Source cves: CVE-2020-7226 Source advisory:...