An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner.
[
{
"product": "php-pear-CAS",
"vendor": "Jasig Project",
"versions": [
{
"status": "affected",
"version": "1.2.2"
}
]
}
]