Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.springframework.security.oauth/spring-security-oauth-parent@2.5.2
purl pkg:maven/org.springframework.security.oauth/spring-security-oauth-parent@2.5.2
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-f4es-qhju-dqdm Denial of service in Spring Security OAuth2 Spring Security OAuth versions 2.5.x prior to 2.5.2 and older unsupported versions are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client application. A malicious user or attacker can send multiple requests initiating the Authorization Request for the Authorization Code Grant, which has the potential of exhausting system resources using a single session. This vulnerability exposes OAuth 2.0 Client applications only. CVE-2022-22969
GHSA-c2cp-3xj9-97w9

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-02T04:42:06.936263+00:00 GitLab Importer Fixing VCID-f4es-qhju-dqdm https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.security.oauth/spring-security-oauth-parent/CVE-2022-22969.yml 38.6.0