VulnerableCode Package Details - pkg:maven/org.springframework.security.oauth/spring-security-oauth2@2.2.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/org.springframework.security.oauth/spring-security-oauth2@2.2.0

Essentials
History (4)

purl	pkg:maven/org.springframework.security.oauth/spring-security-oauth2@2.2.0
Tags	Ghost

Next non-vulnerable version	2.2.5.RELEASE
Latest non-vulnerable version	2.5.2.RELEASE
Risk	10.0

Vulnerabilities affecting this package (4)

Vulnerability	Summary	Fixed by
VCID-aptr-3d7m-cke3 Aliases: CVE-2018-1260 GHSA-rrpm-pj7p-7j9q		2.2.2 Affected by 0 other vulnerabilities. 2.2.2.RELEASE Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.3.3 Affected by 0 other vulnerabilities. 2.3.3.RELEASE Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-h3pd-2b4q-tyah Aliases: CVE-2019-3778 GHSA-77rv-6vfw-x4gc	spring-security-oauth and spring-security-oauth2 Open Redirect vulnerability	2.2.4.RELEASE Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 2.2.5.RELEASE Affected by 0 other vulnerabilities. 2.3.5.RELEASE Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 2.3.6.RELEASE Affected by 0 other vulnerabilities.
VCID-qta1-kh76-wqad Aliases: CVE-2018-15758 GHSA-h8w4-qv99-f7vj		2.2.3.RELEASE Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.3.4.RELEASE Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-xgj8-mybf-uyae Aliases: CVE-2019-11269 GHSA-mmf6-6597-3v6m	Open Redirect in Spring Security OAuth	2.2.5.RELEASE Affected by 0 other vulnerabilities. 2.2.6.RELEASE Affected by 0 other vulnerabilities. 2.3.6.RELEASE Affected by 0 other vulnerabilities. 2.3.7.RELEASE Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-12T15:41:50.324458+00:00	GitLab Importer	Affected by	VCID-xgj8-mybf-uyae	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.security.oauth/spring-security-oauth2/CVE-2019-11269.yml	38.6.0
2026-06-12T15:41:33.477119+00:00	GitLab Importer	Affected by	VCID-h3pd-2b4q-tyah	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.security.oauth/spring-security-oauth2/CVE-2019-3778.yml	38.6.0
2026-06-11T20:24:46.195274+00:00	GHSA Importer	Affected by	VCID-qta1-kh76-wqad	https://github.com/advisories/GHSA-h8w4-qv99-f7vj	38.6.0
2026-06-11T20:24:43.366661+00:00	GHSA Importer	Affected by	VCID-aptr-3d7m-cke3	https://github.com/advisories/GHSA-rrpm-pj7p-7j9q	38.6.0