Search for packages
| purl | pkg:maven/org.springframework.security/spring-security-core@7.0.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-9np9-s26y-87ch | Vulnerability in Spring Spring Security. Applications that explicitly configure One-Time Token login with JdbcOneTimeTokenService are vulnerable to a Time-of-check Time-of-use (TOCTOU) race condition. This issue affects Spring Security: from 6.4.0 through 6.4.15, from 6.5.0 through 6.5.9, from 7.0.0 through 7.0.4. |
CVE-2026-22751
GHSA-x2wq-9x2f-fhj7 |
| VCID-bxeh-gaxy-6uch | Vulnerability in Spring Spring Security. If an application is using the UserDetails#isEnabled, #isAccountNonExpired, or #isAccountNonLocked user attributes, to enable, expire, or lock users, then DaoAuthenticationProvider's timing attack defense can be bypassed for users who are disabled, expired, or locked.This issue affects Spring Security: from 5.7.0 through 5.7.22, from 5.8.0 through 5.8.24, from 6.3.0 through 6.3.15, from 6.5.0 through 6.5.9, from 7.0.0 through 7.0.4. |
CVE-2026-22746
GHSA-vxf7-qj7q-83fh |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-05-07T01:27:40.105886+00:00 | GithubOSV Importer | Fixing | VCID-9np9-s26y-87ch | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/04/GHSA-x2wq-9x2f-fhj7/GHSA-x2wq-9x2f-fhj7.json | 38.6.0 |
| 2026-05-07T01:27:39.317633+00:00 | GithubOSV Importer | Fixing | VCID-bxeh-gaxy-6uch | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/04/GHSA-vxf7-qj7q-83fh/GHSA-vxf7-qj7q-83fh.json | 38.6.0 |
| 2026-05-01T20:52:13.100416+00:00 | GHSA Importer | Fixing | VCID-bxeh-gaxy-6uch | https://github.com/advisories/GHSA-vxf7-qj7q-83fh | 38.6.0 |
| 2026-04-26T22:37:24.522703+00:00 | GHSA Importer | Fixing | VCID-9np9-s26y-87ch | https://github.com/advisories/GHSA-x2wq-9x2f-fhj7 | 38.4.0 |