Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
springJoe GrandjaSPRING:512A6EDB5FF647D089FEF32E7751C62B
HistoryApr 21, 2022 - 9:00 a.m.

CVE report published for Spring Security OAuth

2022-04-2109:00:00
Joe Grandja
spring.io
17

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

JSON

We have released Spring Security OAuth 2.5.2 to address the following CVE report.

This vulnerability exposes OAuth 2.0 Client applications only.

Please review the information in the CVE report and upgrade immediately.

Related

veracode 1
cnvd 1
prion 1
osv 2
cve 1
ibm 2
github 1
jvn 1
oracle 2
veracode
veracode
Denial Of Service (DoS)
2022-04-22 01:30:09
cnvd
cnvd
Pivotal Spring Security Oauth Resource Management Error Vulnerability
2022-04-24 00:00:00
prion
prion
Authorization
2022-04-21 19:15:00
osv
osv
CVE-2022-22969
2022-04-21 19:15:08
Denial of service in Spring Security OAuth2
2022-04-22 00:00:33
cve
cve
CVE-2022-22969
2022-04-21 19:15:00
ibm
ibm
Security Bulletin: Spring Security OAuth Affects IBM Partner Engagement Manager (CVE-2022-22969)
2022-09-22 19:15:13
Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities including remote code execution in Apache Log4j 1.x
2022-08-03 16:43:35
github
github
Denial of service in Spring Security OAuth2
2022-04-22 00:00:33
jvn
jvn
JVN#15317878: Spring Security OAuth (spring-security-oauth2) vulnerable to denial-of-service (DoS)
2022-05-20 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2024
2024-01-16 00:00:00
Oracle Critical Patch Update Advisory - July 2022
2022-07-19 00:00:00

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

JSON
Related for SPRING:512A6EDB5FF647D089FEF32E7751C62B
veracode1cnvd1prion1osv2cve1ibm2github1jvn1oracle2