Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All Vulnerabilities
APPLICATION
Cargo
cocoapods
Composer
Conan
Go
hex
Maven
npm
NuGet
pip
pub
RubyGems
Swift
Unmanaged (C/C++)
OPERATING SYSTEM
All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi
Report a new vulnerability
VULNERABILITY
AFFECTS
TYPE
PUBLISHED
M
Access Restriction Bypass
libspring-security-2.0-java
*
ubuntu:14.04
4 Oct 2011
M
Access Restriction Bypass
libspring-security-2.0-java
<2.0.7.RELEASE-1
debian:8
4 Oct 2011
M
Deserialization of Untrusted Data
org.amqphub.spring-amqp-10-jms-spring-boot-parent
*
rhel:8
27 Oct 2023
M
Deserialization of Untrusted Data
org.amqphub.spring-amqp-10-jms-spring-boot-parent
*
rhel:7
27 Oct 2023
M
Deserialization of Untrusted Data
org.amqphub.spring-amqp-10-jms-spring-boot-parent
*
rhel:9
27 Oct 2023
M
Rebind Flaw
org.apache.camel:camel-spring
[2.22.0,3.2.0)
Maven
14 May 2020
H
Cross-site Request Forgery (CSRF)
org.apache.cxf.fediz:fediz-spring
[1.2.4,1.3.0)
[1.3.2,1.3.3)
[1.4.0,1.4.3)
Maven
10 Dec 2017
H
Cross-site Request Forgery (CSRF)
org.apache.cxf.fediz:fediz-spring
[,1.2.4)
[1.3.0,1.3.2)
Maven
31 Aug 2017
H
Cross-site Request Forgery (CSRF)
org.apache.cxf.fediz:fediz-spring2
[,1.3.3)
[1.4.0,1.4.3)
Maven
10 Dec 2017
H
Cross-site Request Forgery (CSRF)
org.apache.cxf.fediz:fediz-spring2
[,1.2.4)
[1.3.0,1.3.2)
Maven
31 Aug 2017
H
Cross-site Request Forgery (CSRF)
org.apache.cxf.fediz:fediz-spring3
[,1.3.3)
[1.4.0,1.4.3)
Maven
10 Dec 2017
M
Deserialization of Untrusted Data
org.apache.james:james-server-spring
[,3.7.5)
[3.8.0,3.8.1)
Maven
28 Feb 2024
C
Access Restriction Bypass
org.apache.shenyu:shenyu-spring-boot-starter-client-apache-dubbo
[,2.4.2)
Maven
25 Jan 2022
M
Interpretation Conflict
org.apache.shiro:shiro-spring-boot-starter
[,1.11.0)
Maven
22 Jan 2023
C
Authentication Bypass
org.apache.shiro:shiro-spring-boot-web-starter
[0, 1.7.0)
Maven
10 Dec 2020
C
Use of Hard-coded Credentials
org.folio:mod-data-export-spring
[,3.0.0)
Maven
26 Jul 2023
M
Session Fixation
org.infinispan:infinispan-spring5-common
[,9.4.15.Final)
[10.0.0.Alpha1,10.0.0.Beta4)
Maven
2 Jan 2020
M
Session Fixation
org.infinispan:infinispan-spring5-embedded
[,9.4.15.Final)
[10.0.0.Alpha1,10.0.0.Beta4)
Maven
2 Jan 2020
M
Session Fixation
org.infinispan:infinispan-spring5-remote
[,9.4.15.Final)
[10.0.0.Alpha1,10.0.0.Beta4)
Maven
2 Jan 2020
H
Deserialization of Untrusted Data
org.springframework.amqp:spring-amqp
[1.0.0,2.4.17)
[3.0.0,3.0.10)
Maven
19 Oct 2023
M
Denial of Service (DoS)
org.springframework.amqp:spring-amqp
[2.2.0, 2.2.20)
[2.3.0, 2.3.12)
Maven
30 Nov 2021
M
Denial of Service (DoS)
org.springframework.amqp:spring-amqp
[2.3.0,2.3.11)
[,2.2.19)
Maven
27 Oct 2021
C
Man-in-the-Middle (MitM)
org.springframework.amqp:spring-amqp
[1.0.0.RELEASE, 1.7.10 .RELEASE)
[2.0.0.RELEASE, 2.0.6.RELEASE)
Maven
16 Sept 2018
C
Arbitrary Code Execution
org.springframework.amqp:spring-amqp
[1.5.6.RELEASE,1.5.7.RELEASE)
[1.6.10.RELEASE,1.6.11.RELEASE)
[1.7.3.RELEASE,1.7.4.RELEASE)
Maven
5 Nov 2017
C
Deserialization of Untrusted Data
org.springframework.amqp:spring-amqp
[,1.5.5)
Maven
12 Apr 2016
H
Cross-Site Request Forgery (CSRF)
org.springframework.batch:spring-batch-admin
[0,]
Maven
1 Apr 2018
M
Cross-site Scripting (XSS)
org.springframework.batch:spring-batch-admin
[0,]
Maven
1 Apr 2018
H
Cross-site Request Forgery (CSRF)
org.springframework.batch:spring-batch-admin
[,1.3.0.RELEASE)
Maven
5 Nov 2017
M
Cross-site Scripting (XSS)
org.springframework.batch:spring-batch-admin
[,1.3.0.RELEASE)
Maven
5 Nov 2017
M
Insecure Defaults
org.springframework.batch:spring-batch-core
[4.0.0.RELEASE, 4.2.3.RELEASE)
Maven
11 Jun 2020
