spring Spring Security Vulnerabilities
Spring Spring Security vulnerabilities.
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Authorization Bypass in Spring Security Affects Spring Framework
CVE-2026-22754SpringSpring Security7.5HIGHSecurity Vulnerability in Spring Security from Spring Framework
CVE-2026-22753SpringSpring Security7.5HIGHImplementation Flaw in Spring Security's JWT Decoding Features
CVE-2026-22748SpringSpring Security5.3MEDIUMVulnerability in Spring Security Affects User Authentication
CVE-2026-22747SpringSpring Security6.8MEDIUMTiming Attack Bypass Vulnerability in Spring Security Products
CVE-2026-22746SpringSpring Security3.7LOWTime-of-Check Time-of-Use Vulnerability in Spring Security by Pivotal
CVE-2026-22751SpringSpring Security4.8MEDIUMAuthentication Bypass Vulnerability in Spring Boot Applications by Spring
CVE-2026-22733SpringSpring Security8.2HIGHTiming Attack Vulnerability in DaoAuthenticationProvider by Spring
CVE-2025-22234SpringSpring Security5.3MEDIUMAuthorization Bypass in Spring Security Aspects for Private Methods by Spring
CVE-2025-41232SpringSpring Security9.1CRITICALAuthorization Bypass Vulnerability in Spring Security by Pivotal Software
CVE-2025-22223SpringSpring SecurityπΎπ‘5.3MEDIUMPassword Validation Flaw in Spring Framework Affects BCryptPasswordEncoder
CVE-2025-22228SpringSpring Security7.4HIGHAuthorization Rules May Not Work Properly Due to Locale-Dependent Exceptions in Java
CVE-2024-38827Spring By Vmware ...Spring Security4.8MEDIUMMissing Authorization Vulnerability in Spring Security 6.3.0 and 6.3.1
CVE-2024-38810SpringSpring Security7.5HIGHBroken Access Control Vulnerability in Spring Security
CVE-2024-22234SpringSpring Security7.4HIGHDictionary attack with Spring Security queryable text encryptor
CVE-2020-5408Spring By VmwareSpring Security6.5MEDIUMSignature Wrapping Vulnerability with spring-security-saml2-service-provider
CVE-2020-5407Spring By VmwareSpring Security8.8HIGHPlaintextPasswordEncoder authenticates encoded passwords that are null
CVE-2019-11272SpringSpring Security7.3HIGHOpen Redirector in spring-security-oauth2
CVE-2019-11269SpringSpring Security Oauth4.2MEDIUMInsecure Randomness When Using a SecureRandom Instance Constructed by Spring Security
CVE-2019-3795SpringSpring Security3.8LOWOpen Redirect in spring-security-oauth2
CVE-2019-3778SpringSpring Security OauthπΎπ‘EPSS 14%6.5MEDIUMAuthorization Bypass During JWT Issuer Validation with spring-security
CVE-2018-15801Spring By PivotalSpring Security3.3LOW