Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All Vulnerabilities
APPLICATION
Cargo
cocoapods
Composer
Conan
Go
hex
Maven
npm
NuGet
pip
pub
RubyGems
Swift
Unmanaged (C/C++)
OPERATING SYSTEM
All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
MinimOS
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi
Report a new vulnerability
VULNERABILITY
AFFECTS
TYPE
PUBLISHED
M
Authorization Bypass
org.springframework.security:spring-security-core
[,5.7.14)
[5.8.0,5.8.16)
[6.2.0,6.2.8)
[6.3.0,6.3.5)
Maven
20 Nov 2024
H
Improper Access Control
org.springframework.security:spring-security-core
[,5.7.12)
[5.8.0,5.8.11)
[6.0.0,6.0.10)
[6.1.0,6.1.8)
[6.2.0,6.2.3)
Maven
18 Mar 2024
H
Authentication Bypass
org.springframework.security:spring-security-core
[6.1.0,6.1.7)
[6.2.0,6.2.2)
Maven
20 Feb 2024
M
Integer Overflow or Wraparound
org.springframework.security:spring-security-core
[3.1.0.RELEASE,5.4.11)
Maven
18 May 2022
M
Privilege Escalation
org.springframework.security:spring-security-core
[5.4.0, 5.4.4)
[5.3.0.RELEASE, 5.3.8.RELEASE)
[,5.2.9.RELEASE)
Maven
21 Feb 2021
M
Cryptographic Weakness
org.springframework.security:spring-security-core
[5.3.0.RELEASE, 5.3.2.RELEASE)
[5.2.0.RELEASE, 5.2.4.RELEASE)
[5.1.0.RELEASE, 5.1.10.RELEASE)
[5.0.0.RELEASE, 5.0.16.RELEASE)
[4.2.0.RELEASE, 4.2.16.RELEASE)
Maven
22 May 2020
H
Improper Authentication
org.springframework.security:spring-security-core
[4.2.0.RELEASE,4.2.13.RELEASE)
Maven
21 Jun 2019
L
Insecure Randomness
org.springframework.security:spring-security-core
[4.2.0.RELEASE, 4.2.12.RELEASE)
[5.0.0.RELEASE, 5.0.12.RELEASE)
[5.1.0.RELEASE, 5.1.5.RELEASE)
Maven
5 Apr 2019
H
Deserialization of Untrusted Data
org.springframework.security:spring-security-core
[4.2.0.RELEASE,4.2.3.RELEASE)
Maven
20 Sept 2017
H
Authentication Bypass
org.springframework.security:spring-security-core
[3.2.0.RELEASE,3.2.2.RELEASE)
[3.1.0.RELEASE,3.1.6.RELEASE)
Maven
25 Dec 2016
M
Information Exposure
org.springframework.security:spring-security-core
[,2.0.8.RELEASE)
[3.0.0.RELEASE,3.0.8.RELEASE)
[3.1.0.RELEASE,3.1.3.RELEASE)
Maven
25 Dec 2016
M
Access Restriction Bypass
org.springframework.security:spring-security-core
[2.0.0.RELEASE,2.0.6.RELEASE)
[3.0.0..RELEASE,3.0.4.RELEASE)
Maven
10 Jun 2015
M
Improper Authentication
org.springframework.security:spring-security-core
[,2.0.7.RELEASE)
[3.0.0.RELEASE,3.0.6.RELEASE)
Maven
8 Sept 2014
M
Arbitrary Code Execution
org.springframework.security:spring-security-core
[2.0.0,2.0.7.RELEASE)
[3.0.0.RELEASE,3.0.6.RELEASE)
Maven
8 Sept 2014
M
Access Restriction Bypass
org.springframework.security:spring-security-core
[2.0.0.RELEASE,2.0.7.RELEASE)
[3.0.0.RELEASE,3.0.6.RELEASE)
Maven
8 Sept 2014
H
Improper Privilege Management
org.springframework.security-spring-security-crypto
*
rhel:10
29 Apr 2025
M
Timing Attack
org.springframework.security:spring-security-crypto
[6.3.8,6.3.9)
[6.4.4,6.4.5)
Maven
23 Apr 2025
C
Authentication Bypass by Primary Weakness
org.springframework.security:spring-security-crypto
[,6.3.8)
[6.4.0,6.4.4)
Maven
20 Mar 2025
M
Authorization Bypass
org.springframework.security:spring-security-crypto
[,5.7.14)
[5.8.0,5.8.16)
[6.2.0,6.2.8)
[6.3.0,6.3.5)
Maven
20 Nov 2024
M
Integer Overflow or Wraparound
org.springframework.security:spring-security-crypto
[,5.5.7)
[5.6.0,5.6.4)
Maven
18 May 2022
M
Cryptographic Weakness
org.springframework.security:spring-security-crypto
[5.3.0.RELEASE, 5.3.2.RELEASE)
[5.2.0.RELEASE, 5.2.4.RELEASE)
[5.1.0.RELEASE, 5.1.10.RELEASE)
[5.0.0.RELEASE, 5.0.16.RELEASE)
[4.2.0.RELEASE, 4.2.16.RELEASE)
Maven
22 May 2020
M
Authorization Bypass
org.springframework.security:spring-security-ldap
[,5.7.14)
[5.8.0,5.8.16)
[6.2.0,6.2.8)
[6.3.0,6.3.5)
Maven
20 Nov 2024
M
Authentication Bypass
org.springframework.security:spring-security-ldap
[,4.2.9.RELEASE)
[5.0.0.RELEASE, 5.0.9.RELEASE)
[5.1.0.RELEASE, 5.1.1.RELEASE)
Maven
6 Mar 2018
H
Authentication Bypass
org.springframework.security:spring-security-ldap
[3.2.0.RELEASE,3.2.2.RELEASE)
[3.1.0.RELEASE,3.1.6.RELEASE)
Maven
25 Dec 2016
M
Improper Authentication
org.springframework.security:spring-security-oauth2-authorization-server
[,1.0.6)
[1.1.0,1.1.6)
[1.2.0,1.2.3)
Maven
20 Mar 2024
M
Authorization Bypass
org.springframework.security:spring-security-oauth2-client
[,5.7.14)
[5.8.0,5.8.16)
[6.2.0,6.2.8)
[6.3.0,6.3.5)
Maven
20 Nov 2024
H
Authentication Bypass
org.springframework.security:spring-security-oauth2-client
[6.1.0,6.1.7)
[6.2.0,6.2.2)
Maven
20 Feb 2024
H
Privilege Escalation
org.springframework.security:spring-security-oauth2-client
[,5.4.11)
[5.6.0,5.6.9)
[5.7.0,5.7.5)
Maven
1 Nov 2022
M
Denial of Service (DoS)
org.springframework.security:spring-security-oauth2-client
[5.5.0, 5.5.1)
[5.4.0, 5.4.7)
[5.3.0.RELEASE, 5.3.10.RELEASE)
[5.2.0.RELEASE, 5.2.11.RELEASE)
Maven
28 Jun 2021
M
Authorization Bypass
org.springframework.security:spring-security-oauth2-jose
[5.1.0,5.1.2.RELEASE)
Maven
20 Dec 2018
