Lucene search
K

8 matches found

EUVD
EUVD
added 2026/06/10 12:31 a.m.9 views

EUVD-2026-35887

An attacker able to influence values in RelyingPartyRegistration may be able to run arbitrary code on HTML forms generated by Spring Security filters. Affected versions: Spring Security 5.7.0 through 5.7.23; 5.8.0 through 5.8.25; 6.3.0 through 6.3.16; 6.4.0 through 6.4.16; 6.5.0 through 6.5.10;...

7.6CVSS5.8AI score0.00204EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/04/21 7:17 p.m.8 views

app.valuationcontrol:library (>=0.5.8 <=0.5.9), at.aimon.ops:aimon-ops-api (>=0.0.1 <=0.0.2) +3054 more potentially affected by CVE-2026-22751 via org.springframework.security:spring-security-core (>=6.4.0 <=6.5.1)

org.springframework.security:spring-security-core MAVEN version =6.4.0, =0.5.8, =0.0.1, =55.v51410e712e0c, =1.5.4.RELEASE, =2.0.0, =2.0.0, =2.0.0, =2.0.1, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.1.18 and more Source cves: CVE-2026-22751 Source advisory:...

4.8CVSS5.7AI score0.00124EPSS
Exploits0
EUVD
EUVD
added 2026/03/20 12:31 a.m.5 views

EUVD-2026-13349

Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endpoint that requires authentication is declared under the path used by the CloudFoundry Actuator endpoints. This issue affects Spring Security: from 4.0.0 through 4.0.3, from...

8.2CVSS5.8AI score0.0036EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/20 12:31 a.m.5 views

Spring Boot has an Authentication Bypass under Actuator CloudFoundry endpoints

Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endpoint that requires authentication is declared under the path used by the CloudFoundry Actuator endpoints. This issue affects Spring Security: from 4.0.0 through 4.0.3, from...

8.2CVSS5.8AI score0.0036EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/03/19 11:29 p.m.20 views

CVE-2026-22733 Authentication Bypass under Actuator CloudFoundry endpoints

Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endpoint that requires authentication is declared under the path used by the CloudFoundry Actuator endpoints. This issue affects Spring Security: from 4.0.0 through 4.0.3, from...

8.2CVSS0.0036EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/19 11:29 p.m.5 views

CVE-2026-22733

Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endpoint that requires authentication is declared under the path used by the CloudFoundry Actuator endpoints. This issue affects Spring Security: from 4.0.0 through 4.0.3, from...

8.2CVSS5.8AI score0.0036EPSS
Exploits0References2Affected Software1
vulnersOsv
vulnersOsv
added 2023/07/18 6:30 p.m.13 views

cc.chensoul.nacos:nacos-distribution (=2.5.2), com.buession.security:buession-security-spring (>=3.0.0 <=3.0.1) +262 more potentially affected by CVE-2023-34035 via org.springframework.security:spring-security-config (>=5.8.0 <=5.8.4)

org.springframework.security:spring-security-config MAVEN version =5.8.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =5.12.0, =5.12.0, =1.48.0, =1.48.0, =1.48.0, =4.5.0, =4.5.0, =4.5.0, =6.5.0, =4.5.0, =4.5.1 and more Source cves: CVE-2023-34035 Source advisory: OSV:GHSA-4VPR-XFRP-CJ64...

7.3CVSS6.7AI score0.00568EPSS
Exploits1
CNNVD
CNNVD
added 2021/02/19 12:0 a.m.5 views

Vmware VMware Spring Security Permission License and Access Control Issues Vulnerability

Vmware VMware Spring Security is a suite of security frameworks from Vmware that provide illustrative security protections for Spring-based applications. A vulnerability exists in VMware Spring Security with privilege permission and access control issues. The vulnerability stems from an attacker...

9CVSS7AI score0.03197EPSS
Exploits0References25
Rows per page
Query Builder