VulnerableCode Package Details - pkg:maven/org.springframework.security.oauth/spring-security-oauth2@2.1.1.RELEASE

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/org.springframework.security.oauth/spring-security-oauth2@2.1.1.RELEASE

Essentials
History (4)

purl	pkg:maven/org.springframework.security.oauth/spring-security-oauth2@2.1.1.RELEASE

Next non-vulnerable version	2.1.5.RELEASE
Latest non-vulnerable version	2.5.2.RELEASE
Risk	10.0

Vulnerabilities affecting this package (4)

Vulnerability	Summary	Fixed by
VCID-aptr-3d7m-cke3 Aliases: CVE-2018-1260 GHSA-rrpm-pj7p-7j9q		2.1.2 Affected by 0 other vulnerabilities. 2.1.2.RELEASE Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.2.2 Affected by 0 other vulnerabilities. 2.2.2.RELEASE Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.3.3 Affected by 0 other vulnerabilities. 2.3.3.RELEASE Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-h3pd-2b4q-tyah Aliases: CVE-2019-3778 GHSA-77rv-6vfw-x4gc	spring-security-oauth and spring-security-oauth2 Open Redirect vulnerability	2.1.4.RELEASE Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 2.1.5.RELEASE Affected by 0 other vulnerabilities. 2.2.4.RELEASE Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 2.2.5.RELEASE Affected by 0 other vulnerabilities. 2.3.5.RELEASE Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 2.3.6.RELEASE Affected by 0 other vulnerabilities.
VCID-qta1-kh76-wqad Aliases: CVE-2018-15758 GHSA-h8w4-qv99-f7vj		2.1.3 Affected by 0 other vulnerabilities. 2.1.3.RELEASE Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.2.3.RELEASE Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.3.4.RELEASE Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-xgj8-mybf-uyae Aliases: CVE-2019-11269 GHSA-mmf6-6597-3v6m	Open Redirect in Spring Security OAuth	2.1.5.RELEASE Affected by 0 other vulnerabilities. 2.1.6.RELEASE Affected by 0 other vulnerabilities. 2.2.5.RELEASE Affected by 0 other vulnerabilities. 2.2.6.RELEASE Affected by 0 other vulnerabilities. 2.3.6.RELEASE Affected by 0 other vulnerabilities. 2.3.7.RELEASE Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-12T17:12:12.831323+00:00	GitLab Importer	Affected by	VCID-xgj8-mybf-uyae	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.security.oauth/spring-security-oauth2/CVE-2019-11269.yml	38.6.0
2026-06-12T17:09:01.035914+00:00	GitLab Importer	Affected by	VCID-h3pd-2b4q-tyah	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.security.oauth/spring-security-oauth2/CVE-2019-3778.yml	38.6.0
2026-06-12T17:05:28.198984+00:00	GitLab Importer	Affected by	VCID-qta1-kh76-wqad	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.security.oauth/spring-security-oauth2/CVE-2018-15758.yml	38.6.0
2026-06-12T15:40:30.447324+00:00	GitLab Importer	Affected by	VCID-aptr-3d7m-cke3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.security.oauth/spring-security-oauth2/CVE-2018-1260.yml	38.6.0