Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All Vulnerabilities
APPLICATION
Cargo
cocoapods
Composer
Go
hex
Maven
npm
NuGet
pip
pub
RubyGems
Swift
Unmanaged (C/C++)
OPERATING SYSTEM
All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi
Report a new vulnerability
VULNERABILITY
AFFECTS
TYPE
PUBLISHED
L
Access Restriction Bypass
libspring-java
<3.0.6.RELEASE-10
debian:9
23 Jan 2014
L
Access Restriction Bypass
libspring-java
<3.0.6.RELEASE-10
debian:13
23 Jan 2014
L
Access Restriction Bypass
libspring-java
<3.0.6.RELEASE-10
debian:13
23 Jan 2014
M
Improper Authentication
libspring-ldap-java
<1.3.1.RELEASE-4+deb7u1build0.14.04.1
ubuntu:14.04
27 Nov 2017
H
Improper Authentication
libspring-ldap-java
<1.3.1.RELEASE-5+deb8u1
debian:8
27 Nov 2017
H
Insufficiently Protected Credentials
libspring-security-2.0-java
<2.0.7.RELEASE-3+deb8u2
debian:8
24 Jul 2019
M
Insufficient Entropy in PRNG
libspring-security-2.0-java
<2.0.7.RELEASE-3+deb8u1
debian:8
9 Apr 2019
H
Insufficient Verification of Data Authenticity
libspring-security-2.0-java
*
debian:8
19 Dec 2018
M
Race Condition
libspring-security-2.0-java
<2.0.7.RELEASE-1
debian:8
5 Dec 2012
L
Information Exposure
libspring-security-2.0-java
*
ubuntu:14.04
5 Dec 2012
M
Arbitrary Code Injection
libspring-security-2.0-java
<2.0.7.RELEASE-1
debian:8
5 Dec 2012
M
Access Restriction Bypass
libspring-security-2.0-java
<2.0.7.RELEASE-1
debian:8
4 Oct 2011
M
Access Restriction Bypass
libspring-security-2.0-java
*
ubuntu:14.04
4 Oct 2011
M
Deserialization of Untrusted Data
org.amqphub.spring-amqp-10-jms-spring-boot-parent
*
rhel:9
27 Oct 2023
M
Deserialization of Untrusted Data
org.amqphub.spring-amqp-10-jms-spring-boot-parent
*
rhel:8
27 Oct 2023
M
Deserialization of Untrusted Data
org.amqphub.spring-amqp-10-jms-spring-boot-parent
*
rhel:7
27 Oct 2023
M
Rebind Flaw
org.apache.camel:camel-spring
[2.22.0,3.2.0)
Maven
14 May 2020
H
Cross-site Request Forgery (CSRF)
org.apache.cxf.fediz:fediz-spring
[1.2.4,1.3.0)
[1.3.2,1.3.3)
[1.4.0,1.4.3)
Maven
10 Dec 2017
H
Cross-site Request Forgery (CSRF)
org.apache.cxf.fediz:fediz-spring
[,1.2.4)
[1.3.0,1.3.2)
Maven
31 Aug 2017
H
Cross-site Request Forgery (CSRF)
org.apache.cxf.fediz:fediz-spring2
[,1.3.3)
[1.4.0,1.4.3)
Maven
10 Dec 2017
H
Cross-site Request Forgery (CSRF)
org.apache.cxf.fediz:fediz-spring2
[,1.2.4)
[1.3.0,1.3.2)
Maven
31 Aug 2017
H
Cross-site Request Forgery (CSRF)
org.apache.cxf.fediz:fediz-spring3
[,1.3.3)
[1.4.0,1.4.3)
Maven
10 Dec 2017
M
Deserialization of Untrusted Data
org.apache.james:james-server-spring
[,3.7.5)
[3.8.0,3.8.1)
Maven
28 Feb 2024
C
Access Restriction Bypass
org.apache.shenyu:shenyu-spring-boot-starter-client-apache-dubbo
[,2.4.2)
Maven
25 Jan 2022
M
Interpretation Conflict
org.apache.shiro:shiro-spring-boot-starter
[,1.11.0)
Maven
22 Jan 2023
C
Authentication Bypass
org.apache.shiro:shiro-spring-boot-web-starter
[0, 1.7.0)
Maven
10 Dec 2020
C
Use of Hard-coded Credentials
org.folio:mod-data-export-spring
[,3.0.0)
Maven
26 Jul 2023
M
Session Fixation
org.infinispan:infinispan-spring5-common
[,9.4.15.Final)
[10.0.0.Alpha1,10.0.0.Beta4)
Maven
2 Jan 2020
M
Session Fixation
org.infinispan:infinispan-spring5-embedded
[,9.4.15.Final)
[10.0.0.Alpha1,10.0.0.Beta4)
Maven
2 Jan 2020
M
Session Fixation
org.infinispan:infinispan-spring5-remote
[,9.4.15.Final)
[10.0.0.Alpha1,10.0.0.Beta4)
Maven
2 Jan 2020
