Known vulnerabilities in VMware, Inc Spring Security

Vendor: VMware, Inc

Website: https://www.vmware.com

Total Security Bulletins: 22

Security bulletins (22)

Secuity bulletin	Severity	Status	Published
SB20250916313: Information disclosure in Spring Security	Medium	Patched	16.09.2025
SB20250521100: Authorization bypass in Spring Security	High	Patched	21.05.2025
SB2025042310: Protection mechanism failure in Spring Security	Low	Patched	23.04.2025
SB2025031966: Multiple vulnerabilities in Spring Security	Medium	Patched	19.03.2025
SB2024111987: Authorization bypass in Spring Security	Medium	Patched	19.11.2024
SB2024102307: Authorization bypass in Spring Security WebFlux applications	Medium	Patched Public exploit	23.10.2024
SB2024082004: Missing authorization in Spring Security	Medium	Patched	20.08.2024
SB2024031915: Improper access control in Spring Security	Medium	Patched	19.03.2024
SB2024022139: Improper access control in Spring Security	Medium	Patched	21.02.2024
SB2023091922: Incorrect permission assignment for critical resource in VMware Spring Security	Low	Patched	19.09.2023
SB2023071828: Incorrect authorization in Spring Security	Medium	Patched	18.07.2023
SB2023062119: Denial of service in spring-security	Medium	Patched	21.06.2023
SB2023042130: Security features bypass in Spring Security	Medium	Patched	21.04.2023
SB2022110101: Multiple vulnerabilities in VMware Spring Security	High	Patched	01.11.2022
SB2022051717: Multiple vulnerabilities in VMware Spring Security	High	Patched Public exploit	17.05.2022
SB2021022207: Privilege escalation in VMware Spring Security	Medium	Patched	22.02.2021
SB2020060107: Multiple vulnerabilities in VMware Spring Security	Medium	Patched	01.06.2020
SB2020010921: Denial of service due to usage of vulnerable Nimbus JOSE+JWT in Pivotal Spring Security	Medium	Patched	09.01.2020
SB2019070206: Authentication bypass in Spring Security	Low	Patched	02.07.2019
SB2017112718: Deserialization of Untrusted Data in VMware, Spring Security	High	Patched	27.11.2017
SB2017052518: Improper Authentication in VMware, Spring Security	Medium	Patched	25.05.2017
SB2017052519: Improper Authentication in VMware, Spring Security	High	Patched	25.05.2017