Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • M
Access Restriction Bypass		org.springframework.security:spring-security-web[4.1.0.RELEASE, 4.1.5.RELEASE)[4.2.0.RELEASE, 4.2.4.RELEASE)[5.0.0.RELEASE, 5.0.3.RELEASE)Maven17 Mar 2018
  • H
Security Bypass		org.springframework.security:spring-security-web[3.2.0.RELEASE,3.2.10.RELEASE)[4.0.0.RELEASE,4.1.4.RELEASE)[4.2.0.RELEASE,4.2.1.RELEASE)Maven28 Dec 2016
  • H
Authentication Bypass		org.springframework.security:spring-security-web[3.2.0.RELEASE,4.1.1.RELEASE)Maven11 Jul 2016
  • M
Access Restriction Bypass		org.springframework.security:spring-security-web[3.0.0.RELEASE,3.0.4.RELEASE)Maven10 Jun 2015
  • M
Arbitrary Code Execution		org.springframework.security:spring-security-web[3.0.0.RELEASE,3.0.6.RELEASE)Maven8 Sept 2014
  • M
Information Exposure		org.springframework.session:spring-session-core[3.0.0,3.0.1)Maven14 Apr 2023
  • H
Cross-site Request Forgery (CSRF)		org.springframework.social:spring-social-core[1.0.0.RELEASE,1.1.3.RELEASE)Maven10 Nov 2015
  • M
Arbitrary Code Execution		org.springframework:spring[2.5,2.5.6.SEC02)Maven18 Jun 2010
  • H
Relative Path Traversal		org.springframework:spring-beans[,6.2.10)Maven19 Aug 2025
  • M
Denial of Service (DoS)		org.springframework:spring-beans[,5.2.22.RELEASE)[5.3.0,5.3.20)Maven12 May 2022
  • C
Remote Code Execution (RCE)		org.springframework:spring-beans[ ,5.2.20)[5.3.0, 5.3.18)Maven30 Mar 2022
  • M
Arbitrary Code Execution		org.springframework:spring-beans[2.5,2.5.6.SEC02)[3.0.0.RELEASE,3.0.3.RELEASE)Maven18 Jun 2010
  • L
Improper Handling of Case Sensitivity		org.springframework:spring-context[6.1.0,6.1.20)[6.2.0,6.2.7)Maven16 May 2025
  • L
Improper Handling of Case Sensitivity		org.springframework:spring-context[,6.1.14)Maven18 Oct 2024
  • L
Improper Handling of Case Sensitivity		org.springframework:spring-context[,5.2.21)[5.3.0, 5.3.19)Maven14 Apr 2022
  • L
Denial of Service (DoS)		org.springframework:spring-context[3.2.13.RELEASE,3.2.14.RELEASE)[4.1.6.RELEASE,4.1.7.RELEASE)Maven6 Nov 2015
  • L
Improper Handling of Case Sensitivity		org.springframework:spring-core[,6.1.14)Maven18 Oct 2024
  • H
Uncontrolled Resource Consumption ('Resource Exhaustion')		org.springframework:spring-core[6.0.15,6.0.16)[6.1.2,6.1.3)Maven22 Jan 2024
  • M
Improper Input Validation		org.springframework:spring-core[,5.2.19.RELEASE)[5.3.0,5.3.14)Maven6 Jan 2022
  • M
Improper Output Neutralization for Logs		org.springframework:spring-core[5.3.0,5.3.12)[,5.2.18)Maven27 Oct 2021
  • H
Access Restriction Bypass		org.springframework:spring-core[5.0.5.RELEASE, 5.0.6.RELEASE)Maven10 May 2018
  • M
Multipart Content Pollution		org.springframework:spring-core[4.3.0.RELEASE, 4.3.14.RELEASE)[5.0.0.RELEASE, 5.0.5.RELEASE)Maven9 Apr 2018
  • L
Denial of Service (DoS)		org.springframework:spring-core[3.2.8.RELEASE,3.2.14.RELEASE)[4.1.0.RELEASE,4.1.7.RELEASE)Maven6 Nov 2015
  • M
Access Restriction Bypass		org.springframework:spring-core[3.0.0.RELEASE,3.0.6.RELEASE)Maven8 Sept 2014
  • M
Directory Traversal		org.springframework:spring-core[3.0.0.RELEASE, 3.2.9.RELEASE)[4.0.0.RELEASE, 4.0.5.RELEASE)Maven5 Sept 2014
  • H
Expression Language Injection		org.springframework:spring-core[2.0.0, 2.5.6.SEC03)[3.0.0, 3.0.6)Maven9 Sept 2011
  • M
Arbitrary Code Execution		org.springframework:spring-core[2.5.0,2.5.6.SEC01)[3.0.0,3.0.2.RELEASE)Maven18 Jun 2010
  • M
Regular Expression Denial of Service (ReDoS)		org.springframework:spring-core[,2.5.6.SEC01)Maven22 Apr 2009
  • M
Allocation of Resources Without Limits or Throttling		org.springframework:spring-expression[5.3.0,5.3.39)Maven15 Aug 2024
  • M
Allocation of Resources Without Limits or Throttling		org.springframework:spring-expression[,5.2.24.RELEASE)[5.3.0,5.3.27)[6.0.0,6.0.8)Maven14 Apr 2023