story #15455 feat: upgrade CAS 6 to 7 #3439

Regzox · 2025-12-19T15:31:24Z

No description provided.

vitam-prg · 2025-12-19T15:47:37Z

Checkmarx One – Scan Summary & Details – 127c6bb9-f8cc-49dd-9d4a-7dad1a1e7575

New Issues (110)

Checkmarx found the following issues in this Pull Request

More results are available on the CxOne platform

Fixed Issues (64)

Great job! The following issues were fixed in this Pull Request

Severity	Issue	Source File / Package
	~~CVE-2022-1471~~	Maven-org.yaml:snakeyaml-1.31
	~~CVE-2022-31692~~	Maven-org.springframework.security:spring-security-core-5.7.3
	~~CVE-2023-20873~~	Maven-org.springframework.boot:spring-boot-actuator-autoconfigure-2.7.3
	~~CVE-2023-34034~~	Maven-org.springframework.security:spring-security-config-5.7.3
	~~CVE-2023-34034~~	Maven-org.springframework.security:spring-security-web-5.7.3
	~~CVE-2024-38821~~	Maven-org.springframework.security:spring-security-web-5.7.3
	~~CVE-2022-31690~~	Maven-org.springframework.security:spring-security-web-5.7.3
	~~CVE-2022-40152~~	Maven-com.fasterxml.woodstox:woodstox-core-6.2.6
	~~CVE-2022-42003~~	Maven-com.fasterxml.jackson.core:jackson-databind-2.13.4
	~~CVE-2022-45688~~	Maven-org.json:json-20160810
	~~CVE-2022-45689~~	Maven-org.json:json-20160810
	~~CVE-2022-45690~~	Maven-org.json:json-20160810
	~~CVE-2023-1370~~	Maven-net.minidev:json-smart-2.4.8
	~~CVE-2023-2976~~	Maven-com.google.guava:guava-30.1.1-jre
	~~CVE-2023-31582~~	Maven-org.bitbucket.b_c:jose4j-0.8.0
	~~CVE-2023-33265~~	Maven-com.hazelcast:hazelcast-5.1.3
	~~CVE-2023-34620~~	Maven-org.hjson:hjson-3.0.0
	~~CVE-2023-38286~~	Maven-org.thymeleaf:thymeleaf-3.0.15.RELEASE
	~~CVE-2023-39685~~	Maven-org.hjson:hjson-3.0.0
	~~CVE-2023-45859~~	Maven-com.hazelcast:hazelcast-5.1.3
	~~CVE-2023-45860~~	Maven-com.hazelcast:hazelcast-sql-5.1.3
	~~CVE-2023-45860~~	Maven-com.hazelcast:hazelcast-5.1.3
	~~CVE-2023-46120~~	Maven-com.rabbitmq:amqp-client-5.15.0
	~~CVE-2023-5072~~	Maven-org.json:json-20160810
	~~CVE-2023-51775~~	Maven-org.bitbucket.b_c:jose4j-0.8.0
	~~CVE-2023-52428~~	Maven-com.nimbusds:nimbus-jose-jwt-9.24.3
	~~CVE-2024-21634~~	Maven-software.amazon.ion:ion-java-1.0.2
	~~CVE-2024-22257~~	Maven-org.springframework.security:spring-security-core-5.7.3
	~~CVE-2024-29371~~	Maven-org.bitbucket.b_c:jose4j-0.8.0
	~~CVE-2025-22235~~	Maven-org.springframework.boot:spring-boot-actuator-autoconfigure-2.7.3
	~~CVE-2025-48734~~	Maven-commons-beanutils:commons-beanutils-1.9.4
	~~CVE-2025-52999~~	Maven-com.fasterxml.jackson.core:jackson-core-2.13.4
	~~Cx08fcacc9-cb99~~	Maven-org.json:json-20160810
	~~Cx2906ba70-607a~~	Maven-org.json:json-20160810
	~~Cx78f40514-81ff~~	Maven-commons-collections:commons-collections-3.2.2
	~~Cx8bc13cba-30bf~~	Maven-org.bitbucket.b_c:jose4j-0.8.0
	~~Cxdb5a1032-eda2~~	Maven-org.json:json-20160810
	~~CVE-2021-28170~~	Maven-org.glassfish.web:el-impl-2.2
	~~CVE-2022-22976~~	Maven-org.springframework.security:spring-security-crypto-5.6.1
	~~CVE-2022-38752~~	Maven-org.yaml:snakeyaml-1.31
	~~CVE-2022-41854~~	Maven-org.yaml:snakeyaml-1.31
	~~CVE-2023-20861~~	Maven-org.springframework:spring-expression-5.3.22
	~~CVE-2023-20862~~	Maven-org.springframework.security:spring-security-web-5.7.3
	~~CVE-2023-20862~~	Maven-org.springframework.security:spring-security-config-5.7.3
	~~CVE-2023-20863~~	Maven-org.springframework:spring-expression-5.3.22
	~~CVE-2023-33264~~	Maven-com.hazelcast:hazelcast-5.1.3
	~~CVE-2023-34055~~	Maven-org.springframework.boot:spring-boot-actuator-2.7.3
	~~CVE-2023-34462~~	Maven-io.netty:netty-handler-4.1.80.Final
	~~CVE-2023-44483~~	Maven-org.apache.santuario:xmlsec-2.3.0
	~~CVE-2024-38808~~	Maven-org.springframework:spring-expression-5.3.22
	~~CVE-2024-47535~~	Maven-io.netty:netty-common-4.1.80.Final
	~~Privacy_Violation~~	/api/api-iam/iam-client-legacy/src/main/java/fr/gouv/vitamui/iam/client/CasRestClient.java: 193
	~~Privacy_Violation~~	/api/api-iam/iam-client-legacy/src/main/java/fr/gouv/vitamui/iam/client/CasRestClient.java: 153
	~~Privacy_Violation~~	/api/api-iam/iam-client-legacy/src/main/java/fr/gouv/vitamui/iam/client/CasRestClient.java: 153
	~~Privacy_Violation~~	/api/api-iam/iam-client-legacy/src/main/java/fr/gouv/vitamui/iam/client/CasRestClient.java: 153
	~~Privacy_Violation~~	/api/api-iam/iam-client-legacy/src/main/java/fr/gouv/vitamui/iam/client/CasRestClient.java: 153
	~~Privacy_Violation~~	/api/api-iam/iam-client-legacy/src/main/java/fr/gouv/vitamui/iam/client/CasRestClient.java: 153
	~~Privacy_Violation~~	/api/api-iam/iam-client-legacy/src/main/java/fr/gouv/vitamui/iam/client/CasRestClient.java: 153
	~~Privacy_Violation~~	/api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/Pac4jClientBuilder.java: 105
	~~Privacy_Violation~~	/api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/Pac4jClientBuilder.java: 106
	~~Privacy_Violation~~	/api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/Pac4jClientBuilder.java: 88
	~~CVE-2020-8908~~	Maven-com.google.guava:guava-30.1.1-jre
	~~Heap_Inspection~~	/cas/cas-server/src/main/java/fr/gouv/vitamui/cas/webflow/actions/TriggerChangePasswordAction.java: 72
	~~Heap_Inspection~~	/cas/cas-server/src/main/java/fr/gouv/vitamui/cas/webflow/actions/I18NSendPasswordResetInstructionsAction.java: 197

Use @Checkmarx to interact with Checkmarx PR Assistant.
Examples:
@Checkmarx how are you able to help me?
@Checkmarx rescan this PR

Regzox added this to the IT 163 milestone Dec 19, 2025

Regzox added the VAS VAS contribution label Dec 19, 2025

Regzox self-assigned this Dec 19, 2025

Regzox marked this pull request as draft December 19, 2025 15:32

Regzox force-pushed the story_15455 branch from 09f92da to f097c86 Compare January 9, 2026 15:56

Regzox added 12 commits January 9, 2026 16:56

story #15455 feat: upgrade CAS 6 to 7

4eaf53a

wip

24744d5

refactor: LoginPwdAuthenticationHandler

2ed0080

wip: add every bean from AppConfig

3159d7f

wip: integration

b5374e5

wip integration broken

24dbf34

wip integration broken

626c5ae

remove unused classes

ae8f280

fix tests or let todo

c3b537f

inject authorizers and spotlessss

79333dc

fix cast exception in tests

2212c53

update todo

913c13d

Regzox force-pushed the story_15455 branch from f097c86 to 913c13d Compare January 9, 2026 15:57

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

story #15455 feat: upgrade CAS 6 to 7 #3439

story #15455 feat: upgrade CAS 6 to 7 #3439

Uh oh!

Regzox commented Dec 19, 2025

Uh oh!

vitam-prg commented Dec 19, 2025 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

story #15455 feat: upgrade CAS 6 to 7 #3439

Are you sure you want to change the base?

story #15455 feat: upgrade CAS 6 to 7 #3439

Uh oh!

Conversation

Regzox commented Dec 19, 2025

Uh oh!

vitam-prg commented Dec 19, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

vitam-prg commented Dec 19, 2025 •

edited

Loading