Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • C
Access Restriction Bypass		org.springframework.security:spring-security-cas[3.2.0,3.2.5.RELEASE)[3.1.0,3.1.7.RELEASE)Maven25 Dec 2016
  • M
Authorization Bypass		org.springframework.security:spring-security-config[,5.7.14)[5.8.0,5.8.16)[6.2.0,6.2.8)[6.3.0,6.3.5)Maven20 Nov 2024
  • M
Missing Authorization		org.springframework.security:spring-security-config[6.3.0,6.3.2)Maven20 Aug 2024
  • M
Incorrect Permission Assignment for Critical Resource		org.springframework.security:spring-security-config[5.7.9,5.7.11)[5.8.4,5.8.7)[6.0.4,6.0.7)[6.1.1,6.1.4)Maven19 Sept 2023
  • C
Access Control Bypass		org.springframework.security:spring-security-config[5.6.0,5.6.12)[5.7.0,5.7.10)[5.8.0,5.8.5)[6.0.0,6.0.5)[6.1.0,6.1.2)Maven18 Jul 2023
  • H
Improper Authorization		org.springframework.security:spring-security-config[5.8.0,5.8.5)[6.0.0,6.0.5)[6.1.0,6.1.2)Maven18 Jul 2023
  • M
Session Fixation		org.springframework.security:spring-security-config[5.7.0,5.7.8)[5.8.0,5.8.3)[6.0.0,6.0.3)Maven20 Apr 2023
  • M
Access Restriction Bypass		org.springframework.security:spring-security-config[4.1.0.RELEASE, 4.1.5.RELEASE)[4.2.0.RELEASE, 4.2.4.RELEASE)[5.0.0.RELEASE, 5.0.3.RELEASE)Maven17 Mar 2018
  • H
Authentication Bypass		org.springframework.security:spring-security-config[3.2.0.RELEASE,4.1.1.RELEASE)Maven11 Jul 2016
  • C
Missing Authentication for Critical Function		org.springframework.security:spring-security-core[6.4.0,6.4.6)Maven20 May 2025
  • M
Incorrect Authorization		org.springframework.security:spring-security-core[6.4.0,6.4.4)Maven20 Mar 2025
  • M
Authorization Bypass		org.springframework.security:spring-security-core[,5.7.14)[5.8.0,5.8.16)[6.2.0,6.2.8)[6.3.0,6.3.5)Maven20 Nov 2024
  • H
Improper Access Control		org.springframework.security:spring-security-core[,5.7.12)[5.8.0,5.8.11)[6.0.0,6.0.10)[6.1.0,6.1.8)[6.2.0,6.2.3)Maven18 Mar 2024
  • H
Authentication Bypass		org.springframework.security:spring-security-core[6.1.0,6.1.7)[6.2.0,6.2.2)Maven20 Feb 2024
  • M
Integer Overflow or Wraparound		org.springframework.security:spring-security-core[3.1.0.RELEASE,5.4.11)Maven18 May 2022
  • M
Privilege Escalation		org.springframework.security:spring-security-core[5.4.0, 5.4.4)[5.3.0.RELEASE, 5.3.8.RELEASE)[,5.2.9.RELEASE)Maven21 Feb 2021
  • M
Cryptographic Weakness		org.springframework.security:spring-security-core[5.3.0.RELEASE, 5.3.2.RELEASE)[5.2.0.RELEASE, 5.2.4.RELEASE)[5.1.0.RELEASE, 5.1.10.RELEASE)[5.0.0.RELEASE, 5.0.16.RELEASE)[4.2.0.RELEASE, 4.2.16.RELEASE)Maven22 May 2020
  • H
Improper Authentication		org.springframework.security:spring-security-core[4.2.0.RELEASE,4.2.13.RELEASE)Maven21 Jun 2019
  • L
Insecure Randomness		org.springframework.security:spring-security-core[4.2.0.RELEASE, 4.2.12.RELEASE)[5.0.0.RELEASE, 5.0.12.RELEASE)[5.1.0.RELEASE, 5.1.5.RELEASE)Maven5 Apr 2019
  • H
Deserialization of Untrusted Data		org.springframework.security:spring-security-core[4.2.0.RELEASE,4.2.3.RELEASE)Maven20 Sept 2017
  • H
Authentication Bypass		org.springframework.security:spring-security-core[3.2.0.RELEASE,3.2.2.RELEASE)[3.1.0.RELEASE,3.1.6.RELEASE)Maven25 Dec 2016
  • M
Information Exposure		org.springframework.security:spring-security-core[,2.0.8.RELEASE)[3.0.0.RELEASE,3.0.8.RELEASE)[3.1.0.RELEASE,3.1.3.RELEASE)Maven25 Dec 2016
  • M
Access Restriction Bypass		org.springframework.security:spring-security-core[2.0.0.RELEASE,2.0.6.RELEASE)[3.0.0..RELEASE,3.0.4.RELEASE)Maven10 Jun 2015
  • M
Improper Authentication		org.springframework.security:spring-security-core[,2.0.7.RELEASE)[3.0.0.RELEASE,3.0.6.RELEASE)Maven8 Sept 2014
  • M
Arbitrary Code Execution		org.springframework.security:spring-security-core[2.0.0,2.0.7.RELEASE)[3.0.0.RELEASE,3.0.6.RELEASE)Maven8 Sept 2014
  • M
Access Restriction Bypass		org.springframework.security:spring-security-core[2.0.0.RELEASE,2.0.7.RELEASE)[3.0.0.RELEASE,3.0.6.RELEASE)Maven8 Sept 2014
  • H
Improper Privilege Management		org.springframework.security-spring-security-crypto*rhel:1029 Apr 2025
  • M
Timing Attack		org.springframework.security:spring-security-crypto[6.3.8,6.3.9)[6.4.4,6.4.5)Maven23 Apr 2025
  • C
Authentication Bypass by Primary Weakness		org.springframework.security:spring-security-crypto[,6.3.8)[6.4.0,6.4.4)Maven20 Mar 2025
  • M
Authorization Bypass		org.springframework.security:spring-security-crypto[,5.7.14)[5.8.0,5.8.16)[6.2.0,6.2.8)[6.3.0,6.3.5)Maven20 Nov 2024