Maven package
org.springframework.security.oauth/spring-security-oauth
pkg:maven/org.springframework.security.oauth/spring-security-oauth
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-11269 | — | >= 2.0.0.RELEASE, < 2.0.18.RELEASE | 2.0.18.RELEASE | Jun 12, 2019 | Spring Security OAuth versions 2.3 prior to 2.3.6, 2.2 prior to 2.2.5, 2.1 prior to 2.1.5, and 2.0 prior to 2.0.18, as well as older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code. A malicious user or attacker can craft | ||
| CVE-2019-3778 | — | < 2.0.17.RELEASE | 2.0.17.RELEASE | Mar 7, 2019 | Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2 prior to 2.2.4, and 2.1 prior to 2.1.4, and 2.0 prior to 2.0.17, and older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code. A malicious user or attacker can craf |
- CVE-2019-11269Jun 12, 2019affected >= 2.0.0.RELEASE, < 2.0.18.RELEASEfixed 2.0.18.RELEASE
Spring Security OAuth versions 2.3 prior to 2.3.6, 2.2 prior to 2.2.5, 2.1 prior to 2.1.5, and 2.0 prior to 2.0.18, as well as older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code. A malicious user or attacker can craft
- CVE-2019-3778Mar 7, 2019affected < 2.0.17.RELEASEfixed 2.0.17.RELEASE
Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2 prior to 2.2.4, and 2.1 prior to 2.1.4, and 2.0 prior to 2.0.17, and older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code. A malicious user or attacker can craf