Search for packages
| purl | pkg:maven/org.springframework.security/spring-security-core@4.2.12 |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-pz7c-p4ze-kfhc
Aliases: CVE-2019-11272 GHSA-v33x-prhc-gph5 |
PlaintextPasswordEncoder authenticates encoded passwords that are null Spring Security supports plain text passwords using `PlaintextPasswordEncoder`. a malicious user (or attacker) can authenticate using a password of `null`. |
Affected by 0 other vulnerabilities. Affected by 5 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T15:57:33.674440+00:00 | GHSA Importer | Affected by | VCID-pz7c-p4ze-kfhc | https://github.com/advisories/GHSA-v33x-prhc-gph5 | 38.0.0 |
| 2026-04-01T15:57:25.685971+00:00 | GHSA Importer | Fixing | VCID-f3g5-hamr-6yar | https://github.com/advisories/GHSA-v2r2-7qm7-jj6v | 38.0.0 |
| 2026-04-01T13:04:10.619627+00:00 | GithubOSV Importer | Fixing | VCID-f3g5-hamr-6yar | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/04/GHSA-v2r2-7qm7-jj6v/GHSA-v2r2-7qm7-jj6v.json | 38.0.0 |