Lucene search
+L

12 matches found

OSV
OSV
added 2026/07/08 3:2 p.m.14 views

ROOT-APP-MAVEN-CVE-2024-22257 CVE-2024-22257 in io.root.org.springframework.security:spring-security-core - Patched by Root

Root has patched CVE-2024-22257 in the io.root.org.springframework.security:spring-security-core package for Root:Maven. Multiple fixed versions available...

8.2CVSS6.5AI score0.00948EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/07 5:51 p.m.6 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in spring-security-core-5.8.5.jar

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of spring-security-core-5.8.5.jar Vulnerability Details CVEID:CVE-2024-22257 DESCRIPTION: In Spring Security, versions 5.7.x prior to 5.7.12, 5.8.x prior to 5.8.11, versions 6.0.x prior to 6.0.9, versions 6.1.x prior to 6.1.8...

8.2CVSS6.6AI score0.00948EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/07/18 12:0 a.m.36 views

Oracle MySQL Enterprise Monitor (Jul 2024 CPU)

The versions of MySQL Enterprise Monitor installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory. - Vulnerability in the MySQL Enterprise Monitor component Spring Security. A remote unauthenticated attacker could gain unauthorized access t...

8.2CVSS7.1AI score0.23072EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2024/05/27 12:0 a.m.28 views

Atlassian Jira Service Management Data Center and Server < 5.4.20 / 5.5.x < 5.12.7 / 5.13.x < 5.15.2 Broken Access Control (JSDSERVER-15307)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-15307 advisory. - In Spring Security, versions 5.7.x prior to 5.7.12, 5.8.x prior to 5.8.11, versions 6.0.x prior to...

8.2CVSS6.7AI score0.00948EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/06 4:53 p.m.49 views

Security Bulletin: VMware Tanzu Spring Framework is vulnerable to multiple security CVEs used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses VMWare Tanzu Spring Framework which is vulnerable to multiple security CVEs. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-22262 DESCRIPTION: VMware Tanzu Spring Framewo...

9.8CVSS8.8AI score0.32257EPSS
Exploits6Affected Software1
Circl
Circl
added 2024/03/18 4:26 p.m.3 views

CVE-2024-22257

creationtimestamp| type| source ---|---|--- 2024-03-18 16:26:47+00:00| seen| https://t.me/ctinow/210703 2024-03-18 16:26:55+00:00| seen| https://t.me/ctinow/210708 2024-03-18 19:06:23+00:00| seen| https://t.me/ctinow/210849 2025-02-13 19:16:36+00:00| published-proof-of-concept|...

8.2CVSS6.7AI score0.00948EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2024/03/18 3:30 p.m.3 views

africa.absa:inception-api (>=1.0.0 <=1.2.0), africa.absa:inception-codes-api (>=1.0.0 <=1.2.0) +9255 more potentially affected by CVE-2024-22257 via org.springframework.security:spring-security-core (>=2.0.0 <=5.7.11)

org.springframework.security:spring-security-core MAVEN version =2.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =4.4.0.0, =0.1.8, =0.1.6, =0.1.7 and more Source cves: CVE-2024-22257 Source advisory: OSV:GHSA-F3JH-QVM4-MG39...

8.2CVSS6.7AI score0.00948EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/03/18 3:30 p.m.6 views

cn.sparrowmini:sparrow-org-service (=0.0.1), cn.sparrowmini:sparrow-pem-service (=0.0.1) +435 more potentially affected by CVE-2024-22257 via org.springframework.security:spring-security-core (>=5.8.0 <=5.8.10)

org.springframework.security:spring-security-core MAVEN version =5.8.0, =1.48.0, =1.48.0, =1.48.0, =2.4.0, =2.4.0, =2.4.0, =3.7.0, =3.7.0, =3.7.0, =3.7.0, =1.3.1, =1.3.2 - com.gitlab.summer-cattle:cattle-addons-wechat-starter =0.0.5 - com.gitlab.summer-cattle:cattle-commons-web-mvc =0.0.6 and mor...

8.2CVSS7.1AI score0.00948EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/03/18 3:30 p.m.5 views

be.jidoka:jdk-keycloak-admin (>=2.0.0 <=2.2.0), be.personify.iam:personify-frontend (>=1.5.1.RELEASE <=1.5.2.RELEASE) +1607 more potentially affected by CVE-2024-22257 via org.springframework.security:spring-security-core (>=6.0.0 <=6.1.7)

org.springframework.security:spring-security-core MAVEN version =6.0.0, =2.0.0, =1.5.1.RELEASE, =1.1.0, =1.1.0, =1.1.4.2, =1.1.5 - cc.vihackerframework:vihacker-auth-starter =1.0.8.R - cc.vihackerframework:vihacker-common-starter =1.0.8.R - cc.vihackerframework:vihacker-log-starter =1.0.8.R -...

8.2CVSS6.6AI score0.00948EPSS
Exploits0
Wolfi
Wolfi
added 2024/03/18 3:15 p.m.126 views

CVE-2024-22257 vulnerabilities

Vulnerabilities for packages: jenkins...

8.2CVSS7.3AI score0.00948EPSS
Exploits0
Chainguard
Chainguard
added 2024/03/18 3:15 p.m.38 views

CVE-2024-22257 vulnerabilities

Vulnerabilities for packages: kayenta, kayenta-fips...

8.2CVSS6.5AI score0.00948EPSS
Exploits0
CVE
CVE
added 2024/03/18 2:18 p.m.432 views

CVE-2024-22257

CVE-2024-22257 refers to a broken access control in Spring Security where an application vulnerable if it directly uses AuthenticatedVoter.vote with a null Authentication. The entry lists affected versions: 5.7.x prior to 5.7.12, 5.8.x prior to 5.8.11, 6.0.x prior to 6.0.9, 6.1.x prior to 6.1.8, ...

8.2CVSS8AI score0.00948EPSS
Exploits0References3
Rows per page
Query Builder