VulnerableCode Package Details - pkg:maven/org.springframework.security/spring-security-core@6.2.5

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/org.springframework.security/spring-security-core@6.2.5

Essentials
History (1)

purl	pkg:maven/org.springframework.security/spring-security-core@6.2.5

Next non-vulnerable version	6.2.8
Latest non-vulnerable version	7.0.5
Risk	3.1

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-2b4h-659w-77ak Aliases: CVE-2024-38827 GHSA-q3v6-hm2v-pw99	The usage of String.toLowerCase() and String.toUpperCase() has some Locale dependent exceptions that could potentially result in authorization rules not working properly.	6.2.8 Affected by 0 other vulnerabilities. 6.3.5 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-2b4h-659w-77ak
Aliases:
CVE-2024-38827
GHSA-q3v6-hm2v-pw99

The usage of String.toLowerCase() and String.toUpperCase() has some Locale dependent exceptions that could potentially result in authorization rules not working properly.

6.2.8
Affected by 0 other vulnerabilities.

6.3.5
Affected by 1 other vulnerability.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-12T19:47:35.990149+00:00	GitLab Importer	Affected by	VCID-2b4h-659w-77ak	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.security/spring-security-core/CVE-2024-38827.yml	38.6.0