Pivotal_software Spring_security
4 CVEs affecting Pivotal_software Spring_security. Latest disclosed: 2021-02-23. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-22112 | High | 8.8 | 2021-02-23 | Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityC… |
CVE-2020-5407 | High | 8.8 | 2020-05-13 | Spring Security versions 5.2.x prior to 5.2.4 and 5.3.x prior to 5.3.2 contain a signature wrapping vulnerability during SAML response validation. When using t… |
CVE-2018-1258 | High | 8.8 | 2018-05-11 | Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An un… |
CVE-2020-5408 | Medium | 6.5 | 2020-05-14 | Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16 use a fixed null in… |