搜索结果
关于「spring_security」的漏洞数据
| AVD编号 | 漏洞名称 | 漏洞类型 | 披露时间 | 漏洞状态 |
|---|---|---|---|---|
| AVD-2026-22754 | ervlet 路径未正确包含在 XML 授权规则的路径匹配中 (CVE-2026-22754) | 2026-04-22 | ||
| AVD-2026-22753 | Servlet 路径未正确包含在 HttpSecurity#securityMatchers 的路径匹配中 (CVE-2026-22753) | 2026-04-22 | ||
| AVD-2026-22748 | 使用 withIssuerLocation 时可能出现安全配置错误 (CVE-2026-22748) | 2026-04-22 | ||
| AVD-2026-22747 | 使用 X.509 客户端证书时未经授权的用户模拟 (CVE-2026-22747) | 2026-04-22 | ||
| AVD-2026-22746 | 使用 DaoAuthenticationProvider 时的用户属性枚举 (CVE-2026-22746) | 2026-04-22 | ||
| AVD-2026-22732 | Spring Security响应头丢失漏洞(CVE-2026-22732) | 2026-03-20 | ||
| AVD-2024-38810 | Spring Security @AuthorizeReturnObject 权限绕过漏洞(CVE-2024-38810) | 2024-08-20 | ||
| AVD-2024-22234 | Spring Security isFullyAuthenticated 权限绕过漏洞(CVE-2024-22234) | 2024-02-19 | ||
| AVD-2023-34042 | VMware Spring Security 安全漏洞(CVE-2023-34042) | 2024-02-06 | ||
| AVD-2023-45669 | webauthn4j-spring-security 中的签名计数器值处理不当 (CVE-2023-45669) | 2023-10-17 | ||
| AVD-2023-34035 | Spring Security鉴权规则错误配置风险(CVE-2023-34035) | 2023-07-19 | ||
| AVD-2023-34034 | Spring Security 路径匹配权限绕过漏洞(CVE-2023-34034) | 2023-07-18 | ||
| AVD-2023-20862 | Spring Security Logout实现不当(CVE-2023-20862) | 2023-04-18 | ||
| AVD-2022-31690 | VMware Spring Security权限管理错误漏洞(CVE-2022-31690) | 2022-11-01 | ||
| AVD-2022-31692 | Spring Security forward/include 认证绕过漏洞(CVE-2022-31692) | 2022-11-01 | ||
| AVD-2022-22976 | Spring Framework 输入验证错误漏洞(CVE-2022-22976) | 2022-05-20 | ||
| AVD-2022-22978 | Spring Security RegexRequestMatcher 认证绕过漏洞(CVE-2022-22978) | 2022-05-15 | ||
| AVD-2021-22119 | vmware spring_security 未加控制的资源消耗(资源穷尽) | 2021-07-02 | ||
| AVD-2021-22112 | VMware Spring Security 权限许可和访问控制问题漏洞 | 2021-02-24 | ||
| AVD-2020-5408 | VMware Spring Security安全特征问题漏洞 | 2020-05-15 | ||
| AVD-2020-5407 | VMware Spring Security数据伪造问题漏洞 | 2020-05-14 | ||
| AVD-2019-11272 | pivotal_software spring_security 不充分的凭证保护机制 | 2019-06-27 | ||
| AVD-2019-3795 | 使用Spring Security构建的secureRandom实例时的不安全随机性 | 2019-04-10 | ||
| AVD-2018-1199 | Spring Security和Spring Framework认证绕过漏洞 | 2018-03-17 | ||
| AVD-2017-4995 | Pivotal Spring Security Deserialization远程代码执行漏洞 | 2017-11-27 | ||
| AVD-2014-0097 | Spring Security 至 3.2.1 Empty Password 身份验证不当漏洞 | 2017-05-26 | ||
| AVD-2016-5007 | Oracle Retail Xstore Point of Service 6.0.12/6.5.12/7.0.7/7.1.7/15.0.2 Point of Sale 访问控制漏洞 | 2017-05-26 | ||
| AVD-2014-3527 | Spring Security验证绕过漏洞 | 2017-05-26 | ||
| AVD-2016-9879 | Pivotal Spring Security安全绕过漏洞 | 2017-01-07 |