Vmware Springsource Spring Security — known CVE vulnerabilities
Every CVE whose affected-product data names Vmware Springsource Spring Security, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2011-2731 — CVSS 5.1 (medium): Race condition in the RunAsManager mechanism in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 stores the…
CVE-2010-3700 — CVSS 5.0 (medium): VMware SpringSource Spring Security 2.x before 2.0.6 and 3.x before 3.0.4, and Acegi Security 1.0.0 through 1.0.7, as used in IBM WebSphere…
CVE-2012-5055 — CVSS 5.0 (medium): DaoAuthenticationProvider in VMware SpringSource Spring Security before 2.0.8, 3.0.x before 3.0.8, and 3.1.x before 3.1.3 does not check…
CVE-2011-2732 — CVSS 4.3 (medium): CRLF injection vulnerability in the logout functionality in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 allows…