Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

maven

org.springframework.security:spring-security-web

maven

Spring Security

View on github.com · View on repo1.maven.org

Security Advisories for org.springframework.security:spring-security-web in maven

Moderate
about 2 months ago

Spring Security Vulnerable to Unauthorized User Impersonation when Using X.509 Client Certificates GSA_kwCzR0hTQS0yanJnLXJmNXgtNTY4Z84ABVkj

maven org.springframework.security:spring-security-web
Critical
3 months ago

Spring Security HTTP Headers Are not Written Under Some Conditions GSA_kwCzR0hTQS1tZjkyLTQ3OXgtMzM3M84ABT4d

maven org.springframework.security:spring-security-web
Potential
High
9 months ago

Spring Security annotation detection mechanism has authorization bypass GSA_kwCzR0hTQS04djVxLXJoZjMtanBobc4ABMNs

maven org.springframework.security:spring-security-core
Potential
Critical
about 1 year ago

Spring Security authorization bypass for method security annotations on private methods GSA_kwCzR0hTQS05cHA1LTljN2ctNHI4M84ABIMg

maven org.springframework.security:spring-security-aspects
Potential
Moderate
about 1 year ago

Spring Security Vulnerable to Authorization Bypass via Security Annotations GSA_kwCzR0hTQS1oaDNtLWc0cWotNDgzNc4ABF1D

maven org.springframework.security:spring-security-core
Potential
High
about 1 year ago

Spring Security Does Not Enforce Password Length GSA_kwCzR0hTQS1tZzgzLWM3Z3EtcnY1Y84ABFqL

maven org.springframework.security:spring-security-crypto
Critical
over 1 year ago

Spring Security vulnerable to Authorization Bypass of Static Resources in WebFlux Applications GSA_kwCzR0hTQS1jNHE1LTZjODItM3Fwd84ABAtL

maven org.springframework.security:spring-security-web
Potential
High
about 2 years ago

Erroneous authentication pass in Spring Security GSA_kwCzR0hTQS1mM2poLXF2bTQtbWczOc4AA6FU

maven org.springframework.security:spring-security-core
Potential
High
over 2 years ago

Broken Access Control in Spring Security With Direct Use of isFullyAuthenticated GSA_kwCzR0hTQS13M3c2LTI2ZjItcDQ3NM4AA5YR

maven org.springframework.security:spring-security-core
Potential
Moderate
over 2 years ago

Spring Security's spring-security.xsd file is world writable GSA_kwCzR0hTQS05Z3A4LTZjZzgtN2gzNM4AA5Ey

maven org.springframework.security:spring-security-config
Potential
Moderate
about 4 years ago

Integer overflow in BCrypt class in Spring Security GSA_kwCzR0hTQS13eDU0LTMyNzgtbTVnNM4AAgbg

maven org.springframework.security:spring-security-core
Potential
High
about 4 years ago

Improper Authentication in Spring Security GSA_kwCzR0hTQS1ndjl2LWMzNzUtaHZtZ83mmg

maven org.springframework.security:spring-security-core
Potential
High
almost 5 years ago

Resource Exhaustion in Spring Security MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc5amctZ3Znci0zNTRt

maven org.springframework.security:spring-security-oauth2-client, org.springframework.security:spring-security-core
High
about 5 years ago

Privilege escalation in spring security MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdxMjgtaDV2Zy04cHJ4

maven org.springframework.security:spring-security-web
Potential
Critical
over 5 years ago

Authorization Bypass in Spring Security MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdtdjQtNXc3Ni12cDln

maven org.springframework.security:spring-security-core
Potential
High
over 7 years ago

Spring Security vulnerable to Authorization Bypass MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI3eHctcDh2Ni05ampy

maven org.springframework.security:spring-security-oauth2-jose, org.springframework.security:spring-security-core
Potential
High
over 7 years ago

Spring Security and Spring Framework may not recognize certain paths that should be protected MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThjcnYtNDlmci0yaDZq

maven org.springframework.security:spring-security-core, org.springframework:spring-core

Filter by Severity

High 9 Moderate 4 Critical 4