Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

maven

org.springframework.security:spring-security-config

maven

Spring Security

View on github.com · View on repo1.maven.org

Security Advisories for org.springframework.security:spring-security-config in maven

High
about 2 months ago

Spring Security Doesn't Correctly Include Servlet Path in Path Matching of XML Authorization Rules GSA_kwCzR0hTQS00dnJjLWo4NWMtNTk4Y84ABVkm

maven org.springframework.security:spring-security-config
High
about 2 months ago

Spring Security Doesn't Correctly Include Servlet Path in Path Matching of HttpSecurity#securityMatchers GSA_kwCzR0hTQS00d3JnLTh3cGMtaDkyM84ABVko

maven org.springframework.security:spring-security-config
Potential
High
9 months ago

Spring Security annotation detection mechanism has authorization bypass GSA_kwCzR0hTQS04djVxLXJoZjMtanBobc4ABMNs

maven org.springframework.security:spring-security-core
Potential
Critical
about 1 year ago

Spring Security authorization bypass for method security annotations on private methods GSA_kwCzR0hTQS05cHA1LTljN2ctNHI4M84ABIMg

maven org.springframework.security:spring-security-aspects
Potential
Moderate
about 1 year ago

Spring Security Vulnerable to Authorization Bypass via Security Annotations GSA_kwCzR0hTQS1oaDNtLWc0cWotNDgzNc4ABF1D

maven org.springframework.security:spring-security-core
Potential
High
about 1 year ago

Spring Security Does Not Enforce Password Length GSA_kwCzR0hTQS1tZzgzLWM3Z3EtcnY1Y84ABFqL

maven org.springframework.security:spring-security-crypto
Potential
Critical
over 1 year ago

Spring Security vulnerable to Authorization Bypass of Static Resources in WebFlux Applications GSA_kwCzR0hTQS1jNHE1LTZjODItM3Fwd84ABAtL

maven org.springframework.security:spring-security-web
Potential
High
about 2 years ago

Erroneous authentication pass in Spring Security GSA_kwCzR0hTQS1mM2poLXF2bTQtbWczOc4AA6FU

maven org.springframework.security:spring-security-core
Potential
High
over 2 years ago

Broken Access Control in Spring Security With Direct Use of isFullyAuthenticated GSA_kwCzR0hTQS13M3c2LTI2ZjItcDQ3NM4AA5YR

maven org.springframework.security:spring-security-core
Moderate
over 2 years ago

Spring Security's spring-security.xsd file is world writable GSA_kwCzR0hTQS05Z3A4LTZjZzgtN2gzNM4AA5Ey

maven org.springframework.security:spring-security-config
Critical
almost 3 years ago

Access Control Bypass in Spring Security GSA_kwCzR0hTQS0zaDZmLWc1ZjMtZ2M0d84AA0zc

maven org.springframework.security:spring-security-config
High
almost 3 years ago

Spring Security's authorization rules can be misconfigured when using multiple servlets GSA_kwCzR0hTQS00dnByLXhmcnAtY2o2NM4AA0xl

maven org.springframework.security:spring-security-config
Potential
Moderate
about 4 years ago

Integer overflow in BCrypt class in Spring Security GSA_kwCzR0hTQS13eDU0LTMyNzgtbTVnNM4AAgbg

maven org.springframework.security:spring-security-core
Potential
High
about 4 years ago

Improper Authentication in Spring Security GSA_kwCzR0hTQS1ndjl2LWMzNzUtaHZtZ83mmg

maven org.springframework.security:spring-security-core
Potential
High
almost 5 years ago

Resource Exhaustion in Spring Security MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc5amctZ3Znci0zNTRt

maven org.springframework.security:spring-security-oauth2-client, org.springframework.security:spring-security-core
Potential
High
about 5 years ago

Privilege escalation in spring security MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdxMjgtaDV2Zy04cHJ4

maven org.springframework.security:spring-security-web
Potential
Critical
almost 6 years ago

Authorization Bypass in Spring Security MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdtdjQtNXc3Ni12cDln

maven org.springframework.security:spring-security-core
Potential
High
over 7 years ago

Spring Security vulnerable to Authorization Bypass MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI3eHctcDh2Ni05ampy

maven org.springframework.security:spring-security-oauth2-jose, org.springframework.security:spring-security-core
Potential
High
over 7 years ago

Spring Security and Spring Framework may not recognize certain paths that should be protected MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThjcnYtNDlmci0yaDZq

maven org.springframework.security:spring-security-core, org.springframework:spring-core

Filter by Severity

High 12 Critical 4 Moderate 3