Package impact
Maven / org.springframework.security:spring-security-web
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-22747 | medium | — | 5.5 | 1mo ago | Spring Security Vulnerable to Unauthorized User Impersonation when Using X.509 Client Certificates | |
| CVE-2026-22732 | unknown | — | — | 2mo ago | Spring Security HTTP Headers Are not Written Under Some Conditions | |
| CVE-2024-38821 | unknown | — | — | 2y ago | Spring Security vulnerable to Authorization Bypass of Static Resources in WebFlux Applications | |
| CVE-2022-22978 | unknown | — | — | 4y ago | Authorization bypass in Spring Security |