Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 3 of 3 results


CVE-2022-39369

Medium priority

Some fixes available 4 of 9

phpCAS is an authentication library that allows PHP applications to easily authenticate users via a Central Authentication Service (CAS) server. The phpCAS library uses HTTP headers to determine the service URL used to validate...

3 affected packages

moodle, ocsinventory-server, php-cas

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
moodle Not in release Not in release Not in release Ignored Ignored
ocsinventory-server Not affected Fixed Not affected Not affected Ignored
php-cas Not affected Fixed Fixed Ignored Fixed
Show less packages

CVE-2014-4172

Medium priority
Ignored

A URL parameter injection vulnerability was found in the back-channel ticket validation step of the CAS protocol in Jasig Java CAS Client before 3.3.2, .NET CAS Client before 1.0.2, and phpCAS before 1.3.3 that allow remote...

1 affected packages

php-cas

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
php-cas Not affected Not affected
Show less packages

CVE-2017-1000071

Low priority
Vulnerable

Jasig phpCAS version 1.3.4 is vulnerable to an authentication bypass in the validateCAS20 function when configured to authenticate against an old CAS server.

1 affected packages

php-cas

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
php-cas Not affected Not affected Not affected Vulnerable Vulnerable
Show less packages