VulnerableCode Package Details - pkg:maven/org.springframework/spring-context@6.1.14

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-pzz7-mfs4-rfda	Spring Framework DataBinder Case Sensitive Match Exception The fix for CVE-2022-22968 made disallowedFields patterns in DataBinder case insensitive. However, String.toLowerCase() has some Locale dependent exceptions that could potentially result in fields not protected as expected.	CVE-2024-38820 GHSA-4gc7-5j7h-4qph
VCID-u6vb-w2bu-ykfk	Spring Framework has Authorization Bypass for Case Sensitive Comparisons The usage of String.toLowerCase() and String.toUpperCase() has some Locale dependent exceptions that could potentially result in authorization rules not working properly.	CVE-2024-38827 GHSA-q3v6-hm2v-pw99

Vulnerability

Summary

Aliases

VCID-pzz7-mfs4-rfda

Spring Framework DataBinder Case Sensitive Match Exception The fix for CVE-2022-22968 made disallowedFields patterns in DataBinder case insensitive. However, String.toLowerCase() has some Locale dependent exceptions that could potentially result in fields not protected as expected.

CVE-2024-38820
GHSA-4gc7-5j7h-4qph

VCID-u6vb-w2bu-ykfk

Spring Framework has Authorization Bypass for Case Sensitive Comparisons The usage of String.toLowerCase() and String.toUpperCase() has some Locale dependent exceptions that could potentially result in authorization rules not working properly.

CVE-2024-38827
GHSA-q3v6-hm2v-pw99

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T23:12:02.760906+00:00	GitLab Importer	Fixing	VCID-pzz7-mfs4-rfda	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-context/CVE-2024-38820.yml	38.4.0
2026-04-12T00:30:29.577789+00:00	GitLab Importer	Fixing	VCID-pzz7-mfs4-rfda	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-context/CVE-2024-38820.yml	38.3.0
2026-04-03T00:38:08.821532+00:00	GitLab Importer	Fixing	VCID-pzz7-mfs4-rfda	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-context/CVE-2024-38820.yml	38.1.0
2026-04-02T12:40:29.624060+00:00	GitLab Importer	Fixing	VCID-u6vb-w2bu-ykfk	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-context/CVE-2024-38827.yml	38.0.0
2026-04-02T12:40:15.910699+00:00	GitLab Importer	Fixing	VCID-pzz7-mfs4-rfda	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-context/CVE-2024-38820.yml	38.0.0
2026-04-01T16:06:42.616199+00:00	GHSA Importer	Fixing	VCID-pzz7-mfs4-rfda	https://github.com/advisories/GHSA-4gc7-5j7h-4qph	38.0.0
2026-04-01T12:49:20.448027+00:00	GithubOSV Importer	Fixing	VCID-pzz7-mfs4-rfda	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/10/GHSA-4gc7-5j7h-4qph/GHSA-4gc7-5j7h-4qph.json	38.0.0