Browse all 8 CVE security advisories affecting apereo. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Apereo develops open-source software for higher education, including the Sakai collaboration and learning management platform. Historically, vulnerabilities have commonly included remote code execution, cross-site scripting, and privilege escalation, often stemming from input validation flaws and misconfigurations. While no major public security incidents have been widely documented, the project's 8 recorded CVEs highlight ongoing security challenges typical of web applications handling sensitive academic data. The software's complex architecture and extensive customization options may introduce additional attack surfaces, requiring careful implementation and regular security updates to mitigate risks in educational environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-3986 | Apereo CAS CasConfigurationMetadataServerController.java redos — CASCWE-1333 | 4.3 | Medium | 2025-04-27 |
| CVE-2025-3985 | Apereo CAS ResponseEntity redos — CASCWE-1333 | 2.7 | Low | 2025-04-27 |
| CVE-2025-3984 | Apereo CAS Groovy Code RegisteredServiceSimpleFormController.java saveService code injection — CASCWE-94 | 5.0 | Medium | 2025-04-27 |
| CVE-2024-11209 | Apereo CAS 2FA login improper authentication — CASCWE-287 | 6.3 | Medium | 2024-11-14 |
| CVE-2024-11208 | Apereo CAS login session expiration — CASCWE-613 | 3.7 | Low | 2024-11-14 |
| CVE-2024-11207 | Apereo CAS login redirect — CASCWE-601 | 4.3 | Medium | 2024-11-14 |
| CVE-2023-28857 | LDAP password leak in Apereo CAS - GHSL-2023-009 — CASCWE-200 | 4.0 | Medium | 2023-06-27 |
| CVE-2022-39369 | Service Hostname Discovery Exploitation in phpCAS — phpCASCWE-99 | 8.0 | High | 2022-11-01 |
This page lists every published CVE security advisory associated with apereo. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.