Tuesday, Aug 19, 2025

CAS Simple Multifactor Authentication Vulnerability Disclosure

 Disclosure of a security issue with the Apereo CAS software acting itself as an MFA provider.

Friday, Apr 11, 2025

CAS OAuth/OpenID Connect & WebAuthN Vulnerability Disclosure

 Disclosure of a security issue with the Apereo CAS software acting as an OAuth/OpenID Connect provider, or a as a multifactor authentication provider utilizing FIDO2/WebAuthN.

Wednesday, Jun 26, 2024

CAS OAuth/OpenID Connect Vulnerability Disclosure

 Disclosure of a security issue with the Apereo CAS software acting as an OAuth/OpenID Connect provider.

Saturday, May 18, 2024

CAS OAuth/OpenID Connect Vulnerability Disclosure

 Disclosure of a security issue with the Apereo CAS software acting as an OAuth/OpenID Connect provider.

Saturday, Mar 9, 2024

Apereo CAS is now on Develocity

 An overview of how Apereo CAS is using Gradle and Develocity to improve its build and test execution cycle.

Thursday, Sep 14, 2023

CAS OAuth/OpenID Connect Vulnerability Disclosure

 Disclosure of a security issue with the Apereo CAS software acting as an OAuth/OpenID Connect provider.

Wednesday, Aug 30, 2023

CAS Groovy Vulnerability Disclosure

 Disclosure of a security issue with the Apereo CAS software when using Groovy.

Friday, Jul 21, 2023

CAS OpenID Connect Vulnerability Disclosure

 Disclosure of a security issue with the Apereo CAS software acting as an OpenID Connect Provider.