Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • H
Authentication Bypass		org.springframework.security:spring-security-saml2-service-provider[5.3.0.RELEASE,5.3.2.RELEASE)[5.2.0.RELEASE,5.2.4.RELEASE)Maven13 May 2020
  • M
Authorization Bypass		org.springframework.security:spring-security-taglibs[,5.7.14)[5.8.0,5.8.16)[6.2.0,6.2.8)[6.3.0,6.3.5)Maven20 Nov 2024
  • M
Authorization Bypass		org.springframework.security:spring-security-web[,5.7.14)[5.8.0,5.8.16)[6.2.0,6.2.8)[6.3.0,6.3.5)Maven20 Nov 2024
  • C
Missing Authorization		org.springframework.security:spring-security-web[,5.7.13)[5.8.0,5.8.15)[6.0.0,6.2.7)[6.3.0,6.3.4)Maven28 Oct 2024
  • H
Authentication Bypass		org.springframework.security:spring-security-web[6.1.0,6.1.7)[6.2.0,6.2.2)Maven20 Feb 2024
  • M
Session Fixation		org.springframework.security:spring-security-web[5.7.0,5.7.8)[5.8.0,5.8.3)[6.0.0,6.0.3)Maven20 Apr 2023
  • H
Authorization Bypass		org.springframework.security:spring-security-web[5.6.0, 5.6.9)[5.7.0, 5.7.5)Maven1 Nov 2022
  • H
Authorization Bypass		org.springframework.security:spring-security-web[,5.4.11)[5.5.0,5.5.7)[5.6.0,5.6.4)Maven18 May 2022
  • L
Timing Attack		org.springframework.security:spring-security-web[,5.2.9.RELEASE)[5.3.0,5.3.7)[5.4.0,5.4.3)Maven7 May 2021
  • M
Access Restriction Bypass		org.springframework.security:spring-security-web[4.1.0.RELEASE, 4.1.5.RELEASE)[4.2.0.RELEASE, 4.2.4.RELEASE)[5.0.0.RELEASE, 5.0.3.RELEASE)Maven17 Mar 2018
  • H
Security Bypass		org.springframework.security:spring-security-web[3.2.0.RELEASE,3.2.10.RELEASE)[4.0.0.RELEASE,4.1.4.RELEASE)[4.2.0.RELEASE,4.2.1.RELEASE)Maven28 Dec 2016
  • H
Authentication Bypass		org.springframework.security:spring-security-web[3.2.0.RELEASE,4.1.1.RELEASE)Maven11 Jul 2016
  • M
Access Restriction Bypass		org.springframework.security:spring-security-web[3.0.0.RELEASE,3.0.4.RELEASE)Maven10 Jun 2015
  • M
Arbitrary Code Execution		org.springframework.security:spring-security-web[3.0.0.RELEASE,3.0.6.RELEASE)Maven8 Sept 2014
  • M
Information Exposure		org.springframework.session:spring-session-core[3.0.0,3.0.1)Maven14 Apr 2023
  • H
Cross-site Request Forgery (CSRF)		org.springframework.social:spring-social-core[1.0.0.RELEASE,1.1.3.RELEASE)Maven10 Nov 2015
  • M
Arbitrary Code Execution		org.springframework:spring[2.5,2.5.6.SEC02)Maven18 Jun 2010
  • H
Relative Path Traversal		org.springframework:spring-beans[,6.2.10)Maven19 Aug 2025
  • M
Denial of Service (DoS)		org.springframework:spring-beans[,5.2.22.RELEASE)[5.3.0,5.3.20)Maven12 May 2022
  • C
Remote Code Execution (RCE)		org.springframework:spring-beans[ ,5.2.20)[5.3.0, 5.3.18)Maven30 Mar 2022
  • M
Arbitrary Code Execution		org.springframework:spring-beans[2.5,2.5.6.SEC02)[3.0.0.RELEASE,3.0.3.RELEASE)Maven18 Jun 2010
  • L
Improper Handling of Case Sensitivity		org.springframework:spring-context[6.1.0,6.1.20)[6.2.0,6.2.7)Maven16 May 2025
  • L
Improper Handling of Case Sensitivity		org.springframework:spring-context[,6.1.14)Maven18 Oct 2024
  • L
Improper Handling of Case Sensitivity		org.springframework:spring-context[,5.2.21)[5.3.0, 5.3.19)Maven14 Apr 2022
  • L
Denial of Service (DoS)		org.springframework:spring-context[3.2.13.RELEASE,3.2.14.RELEASE)[4.1.6.RELEASE,4.1.7.RELEASE)Maven6 Nov 2015
  • H
Incorrect Authorization		org.springframework:spring-core[,6.2.11)Maven17 Sept 2025
  • L
Improper Handling of Case Sensitivity		org.springframework:spring-core[,6.1.14)Maven18 Oct 2024
  • H
Uncontrolled Resource Consumption ('Resource Exhaustion')		org.springframework:spring-core[6.0.15,6.0.16)[6.1.2,6.1.3)Maven22 Jan 2024
  • M
Improper Input Validation		org.springframework:spring-core[,5.2.19.RELEASE)[5.3.0,5.3.14)Maven6 Jan 2022
  • M
Improper Output Neutralization for Logs		org.springframework:spring-core[5.3.0,5.3.12)[,5.2.18)Maven27 Oct 2021