pkg:Maven/org.springframework.security:spring-security-config

5 total CVEsCRITICAL1HIGH3MEDIUM1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.1CVE-2023-34034Access Control Bypass in Spring Security
    >= 5.6.0, < 5.6.12
  • HIGH7.5CVE-2026-22754Spring Security Doesn't Correctly Include Servlet Path in Path Matching of XML Authorization Rules
    >= 7.0.0, < 7.0.5
  • HIGH7.5CVE-2026-22753Spring Security Doesn't Correctly Include Servlet Path in Path Matching of HttpSecurity#securityMatchers
    >= 7.0.0, < 7.0.5
  • HIGH7.3CVE-2023-34035Spring Security's authorization rules can be misconfigured when using multiple servlets
    >= 5.8.0, < 5.8.5
  • MEDIUM5.5CVE-2023-34042Spring Security's spring-security.xsd file is world writable
    >= 6.1.1, < 6.1.4