org.apereo.cas:cas-server-support-simple-mfa@6.0.1 vulnerabilities
-
latest version
7.0.4.1
-
latest non vulnerable version
-
first published
6 years ago
-
latest version published
a month ago
-
licenses detected
- [6.0.0-RC1,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.apereo.cas:cas-server-support-simple-mfa package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.apereo.cas:cas-server-support-simple-mfa is an is package that allows Apereo CAS to act as a multifactor authentication provider on its own, issuing tokens and sending them to end-users via pre-defined communication channels such as email or text messages. Affected versions of this package are vulnerable to Insecure Randomness. A insecure source of randomness is used to generate all of its random values as it relies upon apache commons lang3 How to fix Insecure Randomness? Upgrade |
[,6.1.0-RC5)
|