CVE-2020-7226HIGHCVSS 7.5fixed in 1.1.4·≥ 1.2.0, < 1.2.42020-01-24
CVE-2020-7226 [HIGH] CWE-770 CVE-2020-7226: CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attacke
CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within the header of encoded data.
nvd