Package impact
Maven / org.springframework.security:spring-security-web
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-22112 | high | — | 8.0 | 5y ago | Privilege escalation in spring security | |||
| CVE-2026-22747 | medium | — | 5.5 | 1mo ago | Spring Security Vulnerable to Unauthorized User Impersonation when Using X.509 Client Certificates | |||
| CVE-2026-22732 | unknown | — | — | 2mo ago | Spring Security HTTP Headers Are not Written Under Some Conditions | |||
| CVE-2024-38821 | unknown | — | — | 2y ago | Spring Security vulnerable to Authorization Bypass of Static Resources in WebFlux Applications | |||
| CVE-2022-22978 | unknown | — | — | 4y ago | Authorization bypass in Spring Security |