Vmware Spring Security — known CVE vulnerabilities
Every CVE whose affected-product data names Vmware Spring Security, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (36)
CVE-2022-22978 — CVSS 9.8 (critical): In spring security versions prior to 5.4.11+, 5.5.7+ , 5.6.4+ and older unsupported versions, RegexRequestMatcher can easily be…
CVE-2014-3527 — CVSS 9.8 (critical): When using the CAS Proxy ticket authentication from Spring Security 3.1 to 3.2.4 a malicious CAS Service could trick another CAS Service…
CVE-2022-31692 — CVSS 9.8 (critical): Spring Security, versions 5.7 prior to 5.7.5 and 5.6 prior to 5.6.9 could be susceptible to authorization rules bypass via forward or…
CVE-2026-22732 — CVSS 9.1 (critical): When applications specify HTTP response headers for servlet applications using Spring Security, there is the possibility that the HTTP…
CVE-2023-34034 — CVSS 9.1 (critical): Using "**" as a pattern in Spring Security configuration for WebFlux creates a mismatch in pattern matching between Spring Security and…
CVE-2021-22112 — CVSS 8.8 (high): Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail…
CVE-2017-4995 — CVSS 8.1 (high): An issue was discovered in Pivotal Spring Security 4.2.0.RELEASE through 4.2.2.RELEASE, and Spring Security 5.0.0.M1. When configured to…
CVE-2022-31690 — CVSS 8.1 (high): Spring Security, versions 5.7 prior to 5.7.5, and 5.6 prior to 5.6.9, and older unsupported versions could be susceptible to a privilege…
CVE-2026-41003 — CVSS 7.6 (high): An attacker able to influence values in RelyingPartyRegistration may be able to run arbitrary code on HTML forms generated by Spring…
CVE-2026-40988 — CVSS 7.5 (high): An application using spring-security-saml2-service-provider and the REDIRECT binding for SAML 2.0 Login or Logout may be vulnerable to a…
CVE-2016-5007 — CVSS 7.5 (high): Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2.x, 4.0.x, 4.1.x, 4.2.x rely on URL pattern mappings for authorization…
CVE-2026-22754 — CVSS 7.5 (high): Vulnerability in Spring Spring Security. If an application uses <sec:intercept-url servlet-path="/servlet-path" pattern="/endpoint/**"/> to…
CVE-2026-22753 — CVSS 7.5 (high): Vulnerability in Spring Spring Security. If an application is using securityMatchers(String) and a PathPatternRequestMatcher.Builder bean…
CVE-2016-9879 — CVSS 7.5 (high): An issue was discovered in Pivotal Spring Security before 3.2.10, 4.1.x before 4.1.4, and 4.2.x before 4.2.1. Spring Security does not…
CVE-2021-22119 — CVSS 7.5 (high): Spring Security versions 5.5.x prior to 5.5.1, 5.4.x prior to 5.4.7, 5.3.x prior to 5.3.10 and 5.2.x prior to 5.2.11 are susceptible to a…
CVE-2024-22234 — CVSS 7.4 (high): In Spring Security, versions 6.1.x prior to 6.1.7 and versions 6.2.x prior to 6.2.2, an application is vulnerable to broken access control…
CVE-2014-0097 — CVSS 7.3 (high): The ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 and 3.1.0 to 3.1.5 does not check the password length. If the…
CVE-2026-40993 — CVSS 7.3 (high): An attacker with write permissions to the database table managed by JdbcAssertingPartyMetadataRepository (saml2_asserting_party_metadata)…
CVE-2019-11272 — CVSS 7.3 (high): Spring Security, versions 4.2.x up to 4.2.12, and older unsupported versions support plain text passwords using PlaintextPasswordEncoder…
CVE-2023-34035 — CVSS 7.3 (high): Spring Security versions 5.8 prior to 5.8.5, 6.0 prior to 6.0.5, and 6.1 prior to 6.1.2 could be susceptible to authorization rule…
CVE-2026-47838 — CVSS 6.8 (medium): SubjectDnX509PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the…
CVE-2026-22747 — CVSS 6.8 (medium): Vulnerability in Spring Spring Security. SubjectX500PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN…
CVE-2011-2894 — CVSS 6.8 (medium): Spring Framework 3.0.0 through 3.0.5, Spring Security 3.0.0 through 3.0.5 and 2.0.0 through 2.0.6, and possibly other versions deserialize…
CVE-2020-5408 — CVSS 6.5 (medium): Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16…
CVE-2024-38810 — CVSS 6.5 (medium): Missing Authorization When Using @AuthorizeReturnObject in Spring Security 6.3.0 and 6.3.1 allows attacker to render security annotations…
CVE-2023-20862 — CVSS 6.3 (medium): In Spring Security, versions 5.7.x prior to 5.7.8, versions 5.8.x prior to 5.8.3, and versions 6.0.x prior to 6.0.3, the logout support…
CVE-2026-41008 — CVSS 6.1 (medium): Spring Security Authorization Server's authorization endpoint performs insufficient validation of the request_uri parameter. An attacker…
CVE-2026-41706 — CVSS 6.1 (medium): Spring Security's CookieRequestCache and CookieServerRequestCache store the pre-authentication request URL in a browser cookie so that…
CVE-2022-22976 — CVSS 5.3 (medium): Spring Security versions 5.5.x prior to 5.5.7, 5.6.x prior to 5.6.4, and earlier unsupported versions contain an integer overflow…
CVE-2019-3795 — CVSS 5.3 (medium): Spring Security versions 4.2.x prior to 4.2.12, 5.0.x prior to 5.0.12, and 5.1.x prior to 5.1.5 contain an insecure randomness…
CVE-2018-1199 — CVSS 5.3 (medium): Spring Security (Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before 4.3.14…
CVE-2026-22748 — CVSS 5.3 (medium): Vulnerability in Spring Spring Security. When an application configures JWT decoding with NimbusJwtDecoder or NimbusReactiveJwtDecoder, it…
CVE-2026-22751 — CVSS 4.8 (medium): Vulnerability in Spring Spring Security. Applications that explicitly configure One-Time Token login with JdbcOneTimeTokenService are…
CVE-2023-34042 — CVSS 4.1 (medium): The spring-security.xsd file inside the spring-security-config jar is world writable which means that if it were extracted it could be…
CVE-2026-41694 — CVSS 3.7 (low): Since Spring Security SAML decrypts SAML Responses as well as elements of SAML LogoutRequests and LogoutResponses without requiring a valid…
CVE-2026-22746 — CVSS 3.7 (low): Vulnerability in Spring Spring Security. If an application is using the UserDetails#isEnabled, #isAccountNonExpired, or #isAccountNonLocked…