Org.springframework.security.oauth:spring-security-oauth2
This hub aggregates every CVE we track for Org.springframework.security.oauth:spring-security-oauth2, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
5
CVEs tracked
2
Critical
1
High
0
In CISA KEV
Severity distribution
MEDIUM2CRITICAL2HIGH1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 5 most recently published vulnerabilities affecting Org.springframework.security.oauth:spring-security-oauth2.
- CVE-2022-22969<Issue Description> Spring Security OAuth versions 2.5.x prior to 2.5.2 and older unsupported versions are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Re...6.5
- CVE-2019-3778Open Redirect in spring-security-oauth26.5
- CVE-2018-15758Privilege Escalation in spring-security-oauth29.6
- CVE-2018-1260Spring Security OAuth, versions 2.3 prior to 2.3.3, 2.2 prior to 2.2.2, 2.1 prior to 2.1.2, 2.0 prior to 2.0.15 and older unsupported versions contains a remote code execution vulnerability. A mali...9.8
- CVE-2016-4977When processing authorization requests using the whitelabel views in Spring Security OAuth 2.0.0 to 2.0.9 and 1.0.0 to 1.0.5, the response_type parameter value was executed as Spring SpEL which ena...8.8
Product normalization is registry-driven with AI assist and human review. How it works