VulnerableCode Package Details - pkg:maven/org.springframework.security/spring-security-core@4.2.0

Search for packages

Vulnerability	Summary	Fixed by
VCID-2rvf-jqqg-vfe7 Aliases: CVE-2018-1199 GHSA-v596-fwhq-8x48		4.2.4 Affected by 0 other vulnerabilities. 4.2.4.RELEASE Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 5.0.1 Affected by 0 other vulnerabilities. 5.0.1.RELEASE Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-v4xw-cyut-xkcj Aliases: CVE-2019-3795 GHSA-v2r2-7qm7-jj6v	Spring Security uses insufficiently random values	4.2.12 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 4.2.12.RELEASE Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 4.2.13.RELEASE Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 5.0.12 Affected by 0 other vulnerabilities. 5.0.12.RELEASE Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 5.0.13.RELEASE Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 5.1.5 Affected by 0 other vulnerabilities. 5.1.5.RELEASE Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 5.1.6.RELEASE Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-y5zy-tbwm-zfgk Aliases: CVE-2020-5408 GHSA-2ppp-9496-p23q	Insufficient Entropy in Spring Security	4.2.16 Affected by 0 other vulnerabilities. 4.2.16.RELEASE Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 5.0.16 Affected by 0 other vulnerabilities. 5.0.16.RELEASE Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 5.1.10 Affected by 0 other vulnerabilities. 5.1.10.RELEASE Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 5.2.4 Affected by 0 other vulnerabilities. 5.2.4.RELEASE Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 5.3.2 Affected by 0 other vulnerabilities. 5.3.2.RELEASE Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-2rvf-jqqg-vfe7
Aliases:
CVE-2018-1199
GHSA-v596-fwhq-8x48

4.2.4
Affected by 0 other vulnerabilities.

4.2.4.RELEASE
Affected by 7 other vulnerabilities.

5.0.1
Affected by 0 other vulnerabilities.

5.0.1.RELEASE
Affected by 6 other vulnerabilities.

VCID-v4xw-cyut-xkcj
Aliases:
CVE-2019-3795
GHSA-v2r2-7qm7-jj6v

Spring Security uses insufficiently random values

4.2.12
Affected by 1 other vulnerability.

4.2.12.RELEASE
Affected by 6 other vulnerabilities.

4.2.13.RELEASE
Affected by 5 other vulnerabilities.

5.0.12
Affected by 0 other vulnerabilities.

5.0.12.RELEASE
Affected by 5 other vulnerabilities.

5.0.13.RELEASE
Affected by 5 other vulnerabilities.

5.1.5
Affected by 0 other vulnerabilities.

5.1.5.RELEASE
Affected by 5 other vulnerabilities.

5.1.6.RELEASE
Affected by 5 other vulnerabilities.

VCID-y5zy-tbwm-zfgk
Aliases:
CVE-2020-5408
GHSA-2ppp-9496-p23q

Insufficient Entropy in Spring Security

4.2.16
Affected by 0 other vulnerabilities.

4.2.16.RELEASE
Affected by 4 other vulnerabilities.

5.0.16
Affected by 0 other vulnerabilities.

5.0.16.RELEASE
Affected by 4 other vulnerabilities.

5.1.10
Affected by 0 other vulnerabilities.

5.1.10.RELEASE
Affected by 4 other vulnerabilities.

5.2.4
Affected by 0 other vulnerabilities.

5.2.4.RELEASE
Affected by 5 other vulnerabilities.

5.3.2
Affected by 0 other vulnerabilities.

5.3.2.RELEASE
Affected by 5 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-13T15:07:32.857691+00:00	GitLab Importer	Affected by	VCID-y5zy-tbwm-zfgk	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.security/spring-security-core/CVE-2020-5408.yml	38.6.0
2026-06-11T20:25:12.544662+00:00	GHSA Importer	Affected by	VCID-v4xw-cyut-xkcj	https://github.com/advisories/GHSA-v2r2-7qm7-jj6v	38.6.0
2026-06-11T20:24:39.473061+00:00	GHSA Importer	Affected by	VCID-2rvf-jqqg-vfe7	https://github.com/advisories/GHSA-v596-fwhq-8x48	38.6.0