Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.springframework.security/spring-security-cas@4.2.8.RELEASE
purl pkg:maven/org.springframework.security/spring-security-cas@4.2.8.RELEASE
Next non-vulnerable version 4.2.13.RELEASE
Latest non-vulnerable version 5.1.5.RELEASE
Risk 4.0
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-f3g5-hamr-6yar
Aliases:
CVE-2019-3795
GHSA-v2r2-7qm7-jj6v
Insufficient Entropy in PRNG Spring Security contain an insecure randomness vulnerability when using `SecureRandomFactoryBean#setSeed` to configure a `SecureRandom` instance. In order to be impacted, an honest application must provide a seed and make the resulting random material available to an attacker for inspection.
4.2.12.RELEASE
Affected by 1 other vulnerability.
5.0.12.RELEASE
Affected by 0 other vulnerabilities.
5.1.5.RELEASE
Affected by 0 other vulnerabilities.
VCID-pz7c-p4ze-kfhc
Aliases:
CVE-2019-11272
GHSA-v33x-prhc-gph5
PlaintextPasswordEncoder authenticates encoded passwords that are null Spring Security supports plain text passwords using `PlaintextPasswordEncoder`. a malicious user (or attacker) can authenticate using a password of `null`.
4.2.13.RELEASE
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T20:55:43.388225+00:00 GitLab Importer Affected by VCID-pz7c-p4ze-kfhc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.security/spring-security-cas/CVE-2019-11272.yml 38.4.0
2026-04-16T20:53:33.777170+00:00 GitLab Importer Affected by VCID-f3g5-hamr-6yar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.security/spring-security-cas/CVE-2019-3795.yml 38.4.0
2026-04-11T22:06:43.696560+00:00 GitLab Importer Affected by VCID-pz7c-p4ze-kfhc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.security/spring-security-cas/CVE-2019-11272.yml 38.3.0
2026-04-11T22:04:22.766606+00:00 GitLab Importer Affected by VCID-f3g5-hamr-6yar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.security/spring-security-cas/CVE-2019-3795.yml 38.3.0
2026-04-02T22:19:33.838508+00:00 GitLab Importer Affected by VCID-pz7c-p4ze-kfhc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.security/spring-security-cas/CVE-2019-11272.yml 38.1.0
2026-04-02T22:17:22.272885+00:00 GitLab Importer Affected by VCID-f3g5-hamr-6yar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.security/spring-security-cas/CVE-2019-3795.yml 38.1.0
2026-04-01T16:37:19.360563+00:00 GitLab Importer Affected by VCID-pz7c-p4ze-kfhc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.security/spring-security-cas/CVE-2019-11272.yml 38.0.0
2026-04-01T16:35:00.665902+00:00 GitLab Importer Affected by VCID-f3g5-hamr-6yar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.security/spring-security-cas/CVE-2019-3795.yml 38.0.0