VIR Vulnerability Intelligence Relay

Package impact

java Maven / org.springframework.security:spring-security-core

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2014-3527 critical 9.8 9.8 9y ago Authorization Bypass in Spring Security javavmware
CVE-2011-2894 medium 6.8 15y ago Spring Framework and Spring Security vulnerable to Deserialization of Untrusted Data javavmware
CVE-2011-2731 medium 5.1 14y ago Concurrent Execution using Shared Resource with Improper Synchronization in Spring Security javavmware
CVE-2012-5055 medium 5.0 14y ago Exposure of Sensitive Information to an Unauthorized Actor in Spring Security javavmware
CVE-2010-3700 medium 5.0 16y ago Authentication Bypass Using an Alternate Path or Channel in SpringSource Spring Security and Acegi Security javavmwareibm
CVE-2026-22751 medium 4.8 4.8 1mo ago Spring Security Core has a TOCTOU race condition when One-Time Token login with JdbcOneTimeTokenService is configured javavmware
CVE-2011-2732 medium 4.3 14y ago Improper Control of Generation of Code in Spring Security javavmware
CVE-2025-41248 unknown 8mo ago Spring Security annotation detection mechanism has authorization bypass java
CVE-2025-41232 unknown 1y ago Spring Security authorization bypass for method security annotations on private methods java
CVE-2025-22223 unknown 1y ago Spring Security Vulnerable to Authorization Bypass via Security Annotations java
CVE-2024-38810 unknown 2y ago Spring Security Missing Authorization vulnerability java
CVE-2024-22257 unknown 2y ago Erroneous authentication pass in Spring Security java
CVE-2022-22978 unknown 4y ago Authorization bypass in Spring Security java
CVE-2020-5408 unknown 6y ago Insufficient Entropy in Spring Security java
CVE-2020-5407 unknown 6y ago Signature wrapping vulnerability in Spring Security java
CVE-2018-15801 unknown 8y ago Spring Security vulnerable to Authorization Bypass java