{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53405?format=json","vulnerability_id":"VCID-y82q-fr9b-gyf2","summary":"spring-security-oauth2-client vulnerable to Privilege Escalation\nSpring Security, versions 5.7 prior to 5.7.5, and 5.6 prior to 5.6.9, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. A malicious user or attacker can modify a request initiated by the Client (via the browser) to the Authorization Server which can lead to a privilege escalation on the subsequent approval. This scenario can happen if the Authorization Server responds with an OAuth2 Access Token Response containing an empty scope list (per RFC 6749, Section 5.1) on the subsequent request to the token endpoint to obtain the access token.","aliases":[{"alias":"CVE-2022-31690"},{"alias":"GHSA-32vj-v39g-jh23"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81023?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.9"},{"url":"http://public2.vulnerablecode.io/api/packages/81022?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.5"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/340069?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.0.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.0.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340070?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.1.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.1.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340071?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.2.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.2.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340072?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.3.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.3.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340073?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.4.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.4.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340074?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.5.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.5.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340075?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.6.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.6.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340076?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.7.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.7.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340077?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.8.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.8.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340078?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.9.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.9.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340079?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.10.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.10.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340080?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.11.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.11.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340081?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.12.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.12.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340082?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.13.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.13.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340083?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.14.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.14.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340084?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.15.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.15.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340085?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.16.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.16.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340086?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.17.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.17.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340087?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.18.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.18.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340088?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.19.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.0.19.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340089?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.0.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.0.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340090?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.1.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.1.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340091?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.2.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.2.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340092?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.3.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.3.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340093?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.4.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.4.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340094?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.5.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.5.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340095?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.6.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.6.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340096?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.7.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.7.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340097?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.8.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.8.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340098?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.9.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.9.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340099?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.10.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.10.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340100?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.11.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.11.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340101?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.12.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.12.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340102?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.13.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.1.13.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340103?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.0.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.0.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340104?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.1.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.1.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340105?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.2.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.2.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340106?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.3.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.3.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340107?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.4.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.4.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340108?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.5.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.5.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340109?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.6.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.6.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340110?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.7.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.7.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340111?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.8.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.8.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340112?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.9.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.9.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340113?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.10.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.10.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340114?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.11.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.11.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340115?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.12.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.12.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340116?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.13.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.13.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340117?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.14.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.14.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340118?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.15.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.2.15.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340119?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.0.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.0.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340120?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.1.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.1.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340121?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.2.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.2.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340122?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.3.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.3.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340123?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.4.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.4.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340124?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.5.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.5.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340125?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.6.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.6.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340126?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.7.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.7.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340127?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.8.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.8.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340128?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.9.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.9.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340129?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.10.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.10.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340130?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.11.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.11.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340131?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.12.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.12.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340132?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.13.RELEASE","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.3.13.RELEASE"},{"url":"http://public2.vulnerablecode.io/api/packages/340133?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"},{"vulnerability":"VCID-ykkv-ahjn-d7eb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/340134?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/340135?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.4.2"},{"url":"http://public2.vulnerablecode.io/api/packages/340136?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.4.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.4.3"},{"url":"http://public2.vulnerablecode.io/api/packages/340137?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.4.4"},{"url":"http://public2.vulnerablecode.io/api/packages/340138?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.4.5"},{"url":"http://public2.vulnerablecode.io/api/packages/340139?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.4.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.4.6"},{"url":"http://public2.vulnerablecode.io/api/packages/76239?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.4.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.4.7"},{"url":"http://public2.vulnerablecode.io/api/packages/340140?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.4.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.4.8"},{"url":"http://public2.vulnerablecode.io/api/packages/340141?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.4.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.4.9"},{"url":"http://public2.vulnerablecode.io/api/packages/340142?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.4.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.4.10"},{"url":"http://public2.vulnerablecode.io/api/packages/340143?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.4.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.4.11"},{"url":"http://public2.vulnerablecode.io/api/packages/340144?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"},{"vulnerability":"VCID-ykkv-ahjn-d7eb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/37314?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/340145?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.5.2"},{"url":"http://public2.vulnerablecode.io/api/packages/340146?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.5.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.5.3"},{"url":"http://public2.vulnerablecode.io/api/packages/340147?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.5.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.5.4"},{"url":"http://public2.vulnerablecode.io/api/packages/340148?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.5.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.5.5"},{"url":"http://public2.vulnerablecode.io/api/packages/340149?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.5.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.5.6"},{"url":"http://public2.vulnerablecode.io/api/packages/340150?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.5.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.5.7"},{"url":"http://public2.vulnerablecode.io/api/packages/340151?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.5.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.5.8"},{"url":"http://public2.vulnerablecode.io/api/packages/340152?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/340153?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.1"},{"url":"http://public2.vulnerablecode.io/api/packages/340154?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.2"},{"url":"http://public2.vulnerablecode.io/api/packages/340155?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.3"},{"url":"http://public2.vulnerablecode.io/api/packages/340156?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.4"},{"url":"http://public2.vulnerablecode.io/api/packages/340157?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.5"},{"url":"http://public2.vulnerablecode.io/api/packages/340158?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.6"},{"url":"http://public2.vulnerablecode.io/api/packages/340159?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.7"},{"url":"http://public2.vulnerablecode.io/api/packages/340160?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.6.8"},{"url":"http://public2.vulnerablecode.io/api/packages/144706?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.0"},{"url":"http://public2.vulnerablecode.io/api/packages/340161?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.1"},{"url":"http://public2.vulnerablecode.io/api/packages/340162?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.2"},{"url":"http://public2.vulnerablecode.io/api/packages/340163?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.3"},{"url":"http://public2.vulnerablecode.io/api/packages/340164?format=json","purl":"pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.springframework.security/spring-security-oauth2-client@5.7.4"},{"url":"http://public2.vulnerablecode.io/api/packages/96940?format=json","purl":"pkg:rpm/redhat/jenkins@2.387.1.1680701869-1?arch=el8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-432r-ukuw-4bgt"},{"vulnerability":"VCID-6925-fwf4-f7df"},{"vulnerability":"VCID-betz-7kth-p3cr"},{"vulnerability":"VCID-r15d-pzfc-3fg7"},{"vulnerability":"VCID-wyec-gfgc-4yfw"},{"vulnerability":"VCID-y82q-fr9b-gyf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins@2.387.1.1680701869-1%3Farch=el8"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31690.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31690.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-31690","reference_id":"","reference_type":"","scores":[{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54457","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54538","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.5447","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54444","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54485","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54429","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54386","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54549","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54436","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.54871","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.54876","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.5492","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.54901","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58241","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58259","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58236","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58216","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58248","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58251","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58225","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.5819","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-31690"},{"reference_url":"https://github.com/spring-projects/spring-security-samples/blob/4638e1e428ee2ddab234199eb3b67b9c94dfa08b/servlet/spring-boot/java/oauth2/webclient/src/main/java/example/SecurityConfiguration.java#L48","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/spring-projects/spring-security-samples/blob/4638e1e428ee2ddab234199eb3b67b9c94dfa08b/servlet/spring-boot/java/oauth2/webclient/src/main/java/example/SecurityConfiguration.java#L48"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-31690","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-31690"},{"reference_url":"https://security.netapp.com/advisory/ntap-20221215-0010","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20221215-0010"},{"reference_url":"https://security.netapp.com/advisory/ntap-20221215-0010/","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:42:47Z/"}],"url":"https://security.netapp.com/advisory/ntap-20221215-0010/"},{"reference_url":"https://tanzu.vmware.com/security/cve-2022-31690","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:42:47Z/"}],"url":"https://tanzu.vmware.com/security/cve-2022-31690"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162200","reference_id":"2162200","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162200"},{"reference_url":"https://github.com/advisories/GHSA-32vj-v39g-jh23","reference_id":"GHSA-32vj-v39g-jh23","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-32vj-v39g-jh23"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1285","reference_id":"RHSA-2023:1285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1286","reference_id":"RHSA-2023:1286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1655","reference_id":"RHSA-2023:1655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2041","reference_id":"RHSA-2023:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2041"}],"weaknesses":[{"cwe_id":269,"name":"Improper Privilege Management","description":"The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."}],"exploits":[],"severity_range_score":"7.0 - 8.9","exploitability":"0.5","weighted_severity":"8.0","risk_score":4.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y82q-fr9b-gyf2"}