pkg:Maven/org.springframework.security:spring-security-web

5 total CVEsCRITICAL3HIGH1MEDIUM1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2022-22978Authorization bypass in Spring Security
    >= 5.5.0, < 5.5.7
  • CRITICAL9.1CVE-2026-22732Spring Security HTTP Headers Are not Written Under Some Conditions
    from 0, <= 5.7.14
  • CRITICAL9.1CVE-2024-38821Spring Security vulnerable to Authorization Bypass of Static Resources in WebFlux Applications
    from 0, < 5.7.13
  • HIGH8.8CVE-2021-22112Privilege escalation in spring security
    >= 5.4.0, < 5.4.4
  • MEDIUM6.8CVE-2026-22747Spring Security Vulnerable to Unauthorized User Impersonation when Using X.509 Client Certificates
    >= 7.0.0, < 7.0.5