Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.springframework.security/spring-security-cas@4.2.12.RELEASE
purl pkg:maven/org.springframework.security/spring-security-cas@4.2.12.RELEASE
Next non-vulnerable version 4.2.13.RELEASE
Latest non-vulnerable version 5.1.5.RELEASE
Risk 4.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-pz7c-p4ze-kfhc
Aliases:
CVE-2019-11272
GHSA-v33x-prhc-gph5
PlaintextPasswordEncoder authenticates encoded passwords that are null Spring Security supports plain text passwords using `PlaintextPasswordEncoder`. a malicious user (or attacker) can authenticate using a password of `null`.
4.2.13.RELEASE
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-f3g5-hamr-6yar Insufficient Entropy in PRNG Spring Security contain an insecure randomness vulnerability when using `SecureRandomFactoryBean#setSeed` to configure a `SecureRandom` instance. In order to be impacted, an honest application must provide a seed and make the resulting random material available to an attacker for inspection. CVE-2019-3795
GHSA-v2r2-7qm7-jj6v

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T20:55:43.401260+00:00 GitLab Importer Affected by VCID-pz7c-p4ze-kfhc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.security/spring-security-cas/CVE-2019-11272.yml 38.4.0
2026-04-16T20:53:33.790820+00:00 GitLab Importer Fixing VCID-f3g5-hamr-6yar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.security/spring-security-cas/CVE-2019-3795.yml 38.4.0
2026-04-11T22:06:43.711202+00:00 GitLab Importer Affected by VCID-pz7c-p4ze-kfhc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.security/spring-security-cas/CVE-2019-11272.yml 38.3.0
2026-04-11T22:04:22.781248+00:00 GitLab Importer Fixing VCID-f3g5-hamr-6yar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.security/spring-security-cas/CVE-2019-3795.yml 38.3.0
2026-04-02T22:19:33.851538+00:00 GitLab Importer Affected by VCID-pz7c-p4ze-kfhc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.security/spring-security-cas/CVE-2019-11272.yml 38.1.0
2026-04-02T22:17:22.286544+00:00 GitLab Importer Fixing VCID-f3g5-hamr-6yar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.security/spring-security-cas/CVE-2019-3795.yml 38.1.0
2026-04-01T15:57:33.706002+00:00 GHSA Importer Affected by VCID-pz7c-p4ze-kfhc https://github.com/advisories/GHSA-v33x-prhc-gph5 38.0.0
2026-04-01T12:48:32.883220+00:00 GitLab Importer Affected by VCID-pz7c-p4ze-kfhc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.security/spring-security-cas/CVE-2019-11272.yml 38.0.0
2026-04-01T12:48:24.186174+00:00 GitLab Importer Fixing VCID-f3g5-hamr-6yar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.security/spring-security-cas/CVE-2019-3795.yml 38.0.0