cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-38827,https://securityvulnerability.io/vulnerability/CVE-2024-38827,Authorization Rules May Not Work Properly Due to Locale-Dependent Exceptions in Java,The usage of String.toLowerCase() and String.toUpperCase() has some Locale dependent exceptions that could potentially result in authorization rules not working properly.,Spring By Vmware Tanzu,Spring Security,4.8,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-02T14:32:12.471Z,0
CVE-2023-34034,https://securityvulnerability.io/vulnerability/CVE-2023-34034,Security Bypass in Spring Security for WebFlux by Vendor Spring,"A mismatch in pattern matching between Spring Security and Spring WebFlux arises when using '**' as a pattern in the Spring Security configuration. This vulnerability could potentially allow for a security bypass, exposing applications to unauthorized access and other security risks. Developers and administrators are advised to review their configurations and apply the necessary mitigations as outlined by the vendor.",Vmware,Spring Security,9.8,CRITICAL,0.001829999964684248,false,,false,false,true,2023-12-02T10:51:39.000Z,true,false,false,,2023-07-19T15:15:00.000Z,0
CVE-2023-34035,https://securityvulnerability.io/vulnerability/CVE-2023-34035,Authorization Rule Misconfiguration in Spring Security by Pivotal Software,"Spring Security versions prior to 5.8.5, 6.0.5, and 6.1.2 contain a vulnerability that may allow for authorization rule misconfigurations. This primarily affects applications that utilize requestMatchers(String) with multiple servlets, including Spring MVC's DispatcherServlet. The application is at risk if it includes Spring MVC on the classpath and secures multiple servlets but does not restrict request matchers to only Spring MVC endpoints. Conversely, applications free of Spring MVC, or that secure only the DispatcherServlet with proper request matchers, are not affected.",Vmware,Spring Security,7.3,HIGH,0.0007699999841861427,false,,false,false,true,2023-08-01T21:15:01.000Z,true,false,false,,2023-07-18T16:15:00.000Z,0
CVE-2023-20862,https://securityvulnerability.io/vulnerability/CVE-2023-20862,Session Management Flaw in Spring Security Affects User Authentication,"In Spring Security, certain versions exhibit a flaw in the logout process that fails to effectively clear the security context when utilizing serialized versions. This issue can result in users remaining authenticated even after they attempt to log out. Specifically, it prevents the explicit saving of an empty security context, potentially allowing unauthorized access. Users are advised to upgrade to the appropriate patched versions—5.7.8 for 5.7.x, 5.8.3 for 5.8.x, and 6.0.3 for 6.0.x—to mitigate this vulnerability.",Vmware,Spring Security,6.3,MEDIUM,0.0005300000193528831,false,,false,false,false,,,false,false,,2023-04-19T00:00:00.000Z,0
CVE-2022-31690,https://securityvulnerability.io/vulnerability/CVE-2022-31690,Privilege Escalation Vulnerability in Spring Security by VMware,"Certain versions of Spring Security are vulnerable to privilege escalation that may arise when a malicious user modifies requests to the Authorization Server. If this server responds with an OAuth2 Access Token containing an empty scope list, it can result in unauthorized privileges for the attacker during token requests, leading to potential security breaches.",Vmware,Spring Security,8.1,HIGH,0.002409999957308173,false,,false,false,false,,,false,false,,2022-10-31T00:00:00.000Z,0
CVE-2022-22976,https://securityvulnerability.io/vulnerability/CVE-2022-22976,Integer Overflow Vulnerability in Spring Security by VMware,"The integer overflow vulnerability in Spring Security affects specified versions where the BCrypt class does not perform necessary salt rounds when configured with the maximum work factor. This flaw occurs due to an inadequately handled integer overflow, leading to potential security issues for applications that rely on password encoding. Users should update their Spring Security versions to the latest releases to mitigate risks.",Vmware,Spring Security,5.3,MEDIUM,0.0013099999632686377,false,,false,false,true,2022-05-10T16:36:13.000Z,true,false,false,,2022-05-19T14:50:46.000Z,0
CVE-2022-22978,https://securityvulnerability.io/vulnerability/CVE-2022-22978,Authorization Bypass Vulnerability in Spring Security Framework,"Certain versions of the Spring Security framework are vulnerable to an authorization bypass that arises from improper configuration of the RegexRequestMatcher. Specifically, applications utilizing regular expressions containing `.` may allow unauthorized access, particularly on specific servlet containers. To mitigate this risk, users are encouraged to upgrade to the latest patched versions of Spring Security and review their regex configurations.",Vmware,Spring Security,9.8,CRITICAL,0.0049299998208880424,false,,false,false,true,2024-05-17T16:26:54.000Z,true,false,false,,2022-05-19T00:00:00.000Z,0
CVE-2021-22119,https://securityvulnerability.io/vulnerability/CVE-2021-22119,Denial-of-Service Vulnerability in Spring Security by VMware,"Spring Security is vulnerable to a Denial-of-Service attack that can be triggered via the Authorization Request initiation in OAuth 2.0 Client Web and WebFlux applications. This vulnerability allows an attacker to send repeated requests for the Authorization Code Grant, potentially leading to resource exhaustion. Affected versions include Spring Security 5.5.x, 5.4.x, 5.3.x, and 5.2.x. Organizations are advised to update to the latest versions to mitigate this risk.",Vmware,Spring Security,7.5,HIGH,0.003909999970346689,false,,false,false,true,2021-11-02T15:16:24.000Z,true,false,false,,2021-06-29T16:15:05.000Z,0
CVE-2021-22112,https://securityvulnerability.io/vulnerability/CVE-2021-22112,Authorization Flaw in Spring Security by VMware,"Spring Security versions 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, and 5.2.x prior to 5.2.9.RELEASE, experience a vulnerability where the SecurityContext may fail to save properly if altered multiple times during a single request. This can allow a malicious application to exploit the flaw, potentially granting users elevated privileges beyond their intended scope. Developers are advised to upgrade to the latest versions to mitigate risks associated with unintended privilege escalation.",Vmware,Spring Security,8.8,HIGH,0.0026700000744313,false,,false,false,false,,,false,false,,2021-02-23T18:48:02.000Z,0
CVE-2020-5408,https://securityvulnerability.io/vulnerability/CVE-2020-5408,Dictionary attack with Spring Security queryable text encryptor,"Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16 use a fixed null initialization vector with CBC Mode in the implementation of the queryable text encryptor. A malicious user with access to the data that has been encrypted using such an encryptor may be able to derive the unencrypted values using a dictionary attack.",Spring By Vmware,Spring Security,6.5,MEDIUM,0.0013500000350177288,false,,false,false,false,,,false,false,,2020-05-14T18:15:00.000Z,0
CVE-2020-5407,https://securityvulnerability.io/vulnerability/CVE-2020-5407,Signature Wrapping Vulnerability with spring-security-saml2-service-provider,"Spring Security versions 5.2.x prior to 5.2.4 and 5.3.x prior to 5.3.2 contain a signature wrapping vulnerability during SAML response validation. When using the spring-security-saml2-service-provider component, a malicious user can carefully modify an otherwise valid SAML response and append an arbitrary assertion that Spring Security will accept as valid.",Spring By Vmware,Spring Security,8.8,HIGH,0.01155999954789877,false,,false,false,false,,,false,false,,2020-05-13T00:00:00.000Z,0
CVE-2017-4995,https://securityvulnerability.io/vulnerability/CVE-2017-4995,,"An issue was discovered in Pivotal Spring Security 4.2.0.RELEASE through 4.2.2.RELEASE, and Spring Security 5.0.0.M1. When configured to enable default typing, Jackson contained a deserialization vulnerability that could lead to arbitrary code execution. Jackson fixed this vulnerability by blacklisting known ""deserialization gadgets."" Spring Security configures Jackson with global default typing enabled, which means that (through the previous exploit) arbitrary code could be executed if all of the following is true: (1) Spring Security's Jackson support is being leveraged by invoking SecurityJackson2Modules.getModules(ClassLoader) or SecurityJackson2Modules.enableDefaultTyping(ObjectMapper); (2) Jackson is used to deserialize data that is not trusted (Spring Security does not perform deserialization using Jackson, so this is an explicit choice of the user); and (3) there is an unknown (Jackson is not blacklisting it already) ""deserialization gadget"" that allows code execution present on the classpath. Jackson provides a blacklisting approach to protecting against this type of attack, but Spring Security should be proactive against blocking unknown ""deserialization gadgets"" when Spring Security enables default typing.",Vmware,Spring Security Spring Security 4.2.0.release 4.2.2.release And Spring Security 5.0.0.m1,8.1,HIGH,0.005080000031739473,false,,false,false,false,,,false,false,,2017-11-27T10:00:00.000Z,0
CVE-2016-9879,https://securityvulnerability.io/vulnerability/CVE-2016-9879,,"An issue was discovered in Pivotal Spring Security before 3.2.10, 4.1.x before 4.1.4, and 4.2.x before 4.2.1. Spring Security does not consider URL path parameters when processing security constraints. By adding a URL path parameter with an encoded ""/"" to a request, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path parameters in the Servlet Specification. Some Servlet containers include path parameters in the value returned for getPathInfo() and some do not. Spring Security uses the value returned by getPathInfo() as part of the process of mapping requests to security constraints. The unexpected presence of path parameters can cause a constraint to be bypassed. Users of Apache Tomcat (all current versions) are not affected by this vulnerability since Tomcat follows the guidance previously provided by the Servlet Expert group and strips path parameters from the value returned by getContextPath(), getServletPath(), and getPathInfo(). Users of other Servlet containers based on Apache Tomcat may or may not be affected depending on whether or not the handling of path parameters has been modified. Users of IBM WebSphere Application Server 8.5.x are known to be affected. Users of other containers that implement the Servlet specification may be affected.",Vmware,"Pivotal Spring Security Before 3.2.10, 4.1.x Before 4.1.4, And 4.2.x Before 4.2.1",7.5,HIGH,0.0012100000167265534,false,,false,false,false,,,false,false,,2017-01-06T22:00:00.000Z,0
CVE-2012-5055,https://securityvulnerability.io/vulnerability/CVE-2012-5055,,"DaoAuthenticationProvider in VMware SpringSource Spring Security before 2.0.8, 3.0.x before 3.0.8, and 3.1.x before 3.1.3 does not check the password if the user is not found, which makes the response delay shorter and might allow remote attackers to enumerate valid usernames via a series of login requests.",Vmware,Springsource Spring Security,,,0.002730000065639615,false,,false,false,false,,,false,false,,2012-12-05T17:55:00.000Z,0
CVE-2011-2732,https://securityvulnerability.io/vulnerability/CVE-2011-2732,,CRLF injection vulnerability in the logout functionality in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the spring-security-redirect parameter.,Vmware,Springsource Spring Security,,,0.0018899999558925629,false,,false,false,false,,,false,false,,2012-12-05T17:00:00.000Z,0
CVE-2011-2731,https://securityvulnerability.io/vulnerability/CVE-2011-2731,,"Race condition in the RunAsManager mechanism in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 stores the Authentication object in the shared security context, which allows attackers to gain privileges via a crafted thread.",Vmware,Springsource Spring Security,,,0.00279000005684793,false,,false,false,false,,,false,false,,2012-12-05T17:00:00.000Z,0
CVE-2011-2894,https://securityvulnerability.io/vulnerability/CVE-2011-2894,,"Spring Framework 3.0.0 through 3.0.5, Spring Security 3.0.0 through 3.0.5 and 2.0.0 through 2.0.6, and possibly other versions deserialize objects from untrusted sources, which allows remote attackers to bypass intended security restrictions and execute untrusted code by (1) serializing a java.lang.Proxy instance and using InvocationHandler, or (2) accessing internal AOP interfaces, as demonstrated using deserialization of a DefaultListableBeanFactory instance to execute arbitrary commands via the java.lang.Runtime class.",Vmware,"Spring Security,Spring Framework",,,0.015080000273883343,false,,false,false,true,2013-07-31T08:48:19.000Z,true,false,false,,2011-10-04T10:00:00.000Z,0