Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

org.springframework.security:spring-security-core

Ecosystem:
maven
Package URL:
pkg:maven/org.springframework.security:spring-security-core
Total PRs:
291 Dependabot PRs
Latest PR:
10 days ago
Unique Repositories:
130 repositories
Unique Repos (30 days):
1 repository
Security Advisories
Spring Security uses insufficiently random values
GHSA-v2r2-7qm7-jj6v CVE-2019-3795 MODERATE published about 7 years ago • updated about 15 hours ago
Spring Security versions 4.2.x prior to 4.2.12, 5.0.x prior to 5.0.12, and 5.1.x prior to 5.1.5 contain an insecure randomness vulnerability when u...
Spring Security and Spring Framework may not recognize certain paths that should be protected
GHSA-8crv-49fr-2h6j CVE-2016-5007 HIGH published over 7 years ago • updated 1 day ago
Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2.x, 4.0.x, 4.1.x, 4.2.x (as well as other unsupported versions) rely on URL pa...
Spring Security Vulnerable to User Attribute Enumeration when Using DaoAuthenticationProvider
GHSA-vxf7-qj7q-83fh CVE-2026-22746 LOW published about 2 months ago • updated about 12 hours ago
Vulnerability in Spring Spring Security. If an application is using the UserDetails#isEnabled, #isAccountNonExpired, or #isAccountNonLocked user at...
Spring Security logout not clearing security context
GHSA-x873-6rgc-94jc CVE-2023-20862 MODERATE published about 3 years ago • updated about 15 hours ago
In Spring Security, versions 5.7.x prior to 5.7.8, versions 5.8.x prior to 5.8.3, and versions 6.0.x prior to 6.0.3, the logout support does not pr...
Integer overflow in BCrypt class in Spring Security
GHSA-wx54-3278-m5g4 CVE-2022-22976 MODERATE published about 4 years ago • updated 1 day ago
Spring Security versions 5.5.x prior to 5.5.7, 5.6.x prior to 5.6.4, and earlier unsupported versions contain an integer overflow vulnerability. Wh...
View all 30 advisories
Recent PRs
RSS Feed
build(deps): bump the all-maven group across 1 directory with 115 updates

beyonai/ByClaw #134

6.5.9 → 7.0.5 Major PR
Closed 10 days ago 2 comments
beyonai
chore(deps)(deps): bump org.springframework.security:spring-security-core from 6.5.10 to 7.0.5 in /BackEnd-Clinica

YmidOrtega/Clinica #98

6.5.10 → 7.0.5 Major PR
Open about 2 months ago 1 comment
YmidOrtega
chore(deps): bump org.springframework.security:spring-security-core from 6.5.9 to 6.5.10 in /00_Legacy/1.server/webui in the maven group across 1 directory

hartkimin/DFAS_ENT_RE_V2 #142

6.5.9 → 6.5.10 Patch PR
Open about 2 months ago 1 comment
hartkimin
Bump org.springframework.security:spring-security-core from 6.5.9 to 6.5.10

companieshouse/filing-history-data-api #129

6.5.9 → 6.5.10 Patch PR
Open about 2 months ago 2 comments
companieshouse
Bump org.springframework.security:spring-security-core from 6.5.8 to 6.5.10

companieshouse/disqualified-officers-data-api #117

6.5.8 → 6.5.10 Patch PR
Open about 2 months ago 2 comments
companieshouse
build(deps): bump org.springframework.security:spring-security-core from 6.4.4 to 6.4.10

levelp/webissues_simple #49

6.4.4 → 6.4.10 Patch PR
Closed 2 months ago 1 comment
levelp
Bump the spring group with 16 updates

Nomanijaz58/D-Space-Digital-Library #5

6.5.7 → 6.5.8 Patch PR
Closed 3 months ago 1 comment
Nomanijaz58
Bump the all-maven-deps group across 3 directories with 46 updates

craftercms/craftercms #8551

7.0.2 → 7.0.3 Patch PR
Closed 4 months ago 1 comment
craftercms
Bump org.springframework.security:spring-security-core from 7.0.2 to 7.0.3

talsma-ict/context-propagation #701

7.0.2 → 7.0.3 Patch PR
Open 4 months ago 1 comment
talsma-ict
build(deps): bump org.springframework.security:spring-security-core from 6.4.10 to 7.0.2 in /issuer-application

swiyu-admin-ch/swiyu-issuer #212

6.4.10 → 7.0.2 Major PR
Closed 4 months ago 1 comment
swiyu-admin-ch
chore(deps): bump the all-gradle group across 1 directory with 54 updates

dallay/hatchgrid #233

6.3.1 → 7.0.2 Major PR
Open 5 months ago 4 comments
dallay
Bump the all-maven-deps group across 3 directories with 63 updates

craftercms/craftercms #8480

6.5.7 → 7.0.2 Major PR
Closed 6 months ago 2 comments
craftercms
Bump the all-maven-deps group across 3 directories with 64 updates

craftercms/craftercms #8479

6.5.7 → 7.0.2 Major PR
Open 6 months ago 4 comments
craftercms
chore(deps): bump the all-gradle group across 1 directory with 54 updates

dallay/hatchgrid #230

6.3.1 → 7.0.2 Major PR
Closed 6 months ago 5 comments
dallay
Bump the all-maven-deps group across 3 directories with 64 updates

craftercms/craftercms #8478

6.5.7 → 7.0.2 Major PR
Open 6 months ago 7 comments
craftercms
Bump the all-maven-deps group across 3 directories with 86 updates

craftercms/craftercms #8474

7.0.0 → 7.0.2 Patch PR
Open 6 months ago 3 comments
craftercms
Bump the all-maven-deps group across 3 directories with 122 updates

QuocKhanh2002/craftercms #13

6.5.3 → 7.0.2 Major PR
Closed 6 months ago 1 comment
QuocKhanh2002
Bump the all-maven-deps group across 3 directories with 121 updates

craftercms/craftercms #8464

7.0.0 → 7.0.2 Patch PR
Closed 6 months ago 1 comment
craftercms
chore(deps): bump the all-gradle group across 1 directory with 29 updates

dallay/cvix #434

6.5.7 → 7.0.2 Major PR
Open 6 months ago 5 comments
dallay
Bump org.springframework.security:spring-security-core from 6.5.6 to 7.0.2

quarkusio/quarkus-spring-security-api #40

6.5.6 → 7.0.2 Major PR
Closed 6 months ago 2 comments
quarkusio
Bump the all-maven-deps group across 3 directories with 118 updates

craftercms/craftercms #8460

7.0.0 → 7.0.2 Patch PR
Closed 6 months ago 1 comment
craftercms
Bump the gradle-updates group across 1 directory with 11 updates

ministryofjustice/laa-ccms-soa-gateway-api #224

6.5.5 → 7.0.2 Major PR
Closed 6 months ago 1 comment
ministryofjustice
Bump the maven group across 4 directories with 20 updates

ownerCTI/hapi-fhir #4

5.7.12 → 5.7.14 Patch PR
Closed 6 months ago 2 comments
ownerCTI
chore(deps): bump the all-gradle group across 1 directory with 18 updates

dallay/cvix #417

6.5.7 → 7.0.0 Major PR
Open 6 months ago 4 comments
dallay
chore(deps): bump the all-gradle group across 1 directory with 16 updates

dallay/cvix #382

6.5.7 → 7.0.0 Major PR
Open 6 months ago 3 comments
dallay
chore(deps): bump the all-gradle group across 1 directory with 18 updates

dallay/cvix #361

6.5.7 → 7.0.0 Major PR
Open 7 months ago 5 comments
dallay
Bump the maven group across 22 directories with 13 updates

djdiakametavers/opencast #1

3.1.7.RELEASE → 5.7.14 Major PR
Open 7 months ago 1 comment
djdiakametavers
chore(deps): bump the all-gradle group across 1 directory with 18 updates

dallay/cvix #318

6.5.7 → 7.0.0 Major PR
Open 7 months ago 4 comments
dallay
chore(deps): bump org.springframework.security:spring-security-core from 6.4.5 to 7.0.0

Gegcuk/kidsGPTbackend #179

6.4.5 → 7.0.0 Major PR
Open 7 months ago 1 comment
Gegcuk
chore(deps): bump the all-gradle group across 1 directory with 19 updates

dallay/cvix #307

6.5.6 → 7.0.0 Major PR
Open 7 months ago 5 comments
dallay
chore(deps): bump the all-gradle group across 1 directory with 30 updates

dallay/cvix #293

6.5.6 → 7.0.0 Major PR
Closed 7 months ago 4 comments
dallay
Bump org.springframework.security:spring-security-core from 6.5.4 to 7.0.0

SpiNNakerManchester/JavaSpiNNaker #1378

6.5.4 → 7.0.0 Major PR
Closed 7 months ago 1 comment
SpiNNakerManchester
chore(deps)(deps): bump org.springframework.security:spring-security-core from 6.5.4 to 7.0.0 in /BackEnd-Clinica

YmidOrtega/Clinica #46

6.5.4 → 7.0.0 Major PR
Closed 7 months ago 2 comments
YmidOrtega
Bump org.springframework.security:spring-security-core from 6.5.6 to 7.0.0

quarkusio/quarkus-spring-security-api #35

6.5.6 → 7.0.0 Major PR
Closed 7 months ago 1 comment
quarkusio
Bump the all-maven-deps group across 3 directories with 109 updates

craftercms/craftercms #8442

6.5.4 → 7.0.0 Major PR
Closed 7 months ago 1 comment
craftercms
Bump org.springframework.security:spring-security-core from 6.5.6 to 7.0.0

talsma-ict/context-propagation #668

6.5.6 → 7.0.0 Major PR
Open 7 months ago 1 comment
talsma-ict
Bump org.springframework.security:spring-security-core from 5.5.2 to 5.7.14 in /SpringBoot/email-service

rslakra/Samples #42

5.5.2 → 5.7.14 Minor PR
Closed 7 months ago 1 comment
rslakra
chore(deps): bump the all-gradle group across 1 directory with 53 updates

dallay/hatchgrid #216

6.3.1 → 6.5.6 Minor PR
Open 8 months ago 4 comments
dallay
Bump the all-gradle group across 1 directory with 54 updates

dallay/cvix #32

6.3.1 → 6.5.6 Minor PR
Open 8 months ago 1 comment
dallay
Bump the all-maven-deps group across 3 directories with 99 updates

QuocKhanh2002/craftercms #6

6.5.3 → 6.5.6 Patch PR
Closed 8 months ago 1 comment
QuocKhanh2002
Bump the all-maven-deps group across 3 directories with 84 updates

craftercms/craftercms #8408

6.5.4 → 6.5.6 Patch PR
Closed 8 months ago 1 comment
craftercms
Bump org.springframework.security:spring-security-core from 5.8.0 to 6.5.6

kashishrastogi03/java-project #23

5.8.0 → 6.5.6 Major PR
Closed 8 months ago 1 comment
kashishrastogi03
build(deps): bump the all-gradle group across 1 directory with 53 updates

yacosta738/saas-template #11

6.3.1 → 6.5.5 Minor PR
Open 8 months ago 2 comments
yacosta738
Bump the maven group across 2 directories with 17 updates

Jguest7/ORCID-Source #1

5.6.2 → 5.7.14 Minor PR
Open 8 months ago
Jguest7
build(deps): bump the all-gradle group with 53 updates

yacosta738/saas-template #3

6.3.1 → 6.5.5 Minor PR
Closed 8 months ago 2 comments
yacosta738
Bump the all-maven-deps group across 3 directories with 76 updates

craftercms/craftercms #8380

6.5.4 → 6.5.5 Patch PR
Open 8 months ago
craftercms
Bump org.springframework.security:spring-security-core from 6.2.3 to 6.2.8 in /backend/api-ego/atv-module

Talhaimran03/e-go #30

6.2.3 → 6.2.8 Patch PR
Open 9 months ago
Talhaimran03
chore(deps): bump org.springframework.security:spring-security-core from 6.4.4 to 6.4.10 in /BE/feed

team2room/KeyWi #2

6.4.4 → 6.4.10 Patch PR
Open 9 months ago
team2room
Bump the spring group with 28 updates

DSpace/DSpace #11391

6.5.3 → 6.5.5 Patch PR
Merged 9 months ago
DSpace
Bump the spring group with 28 updates

DSpace/DSpace #11365

6.5.3 → 6.5.5 Patch PR
Open 9 months ago
DSpace
Package Details
Name: org.springframework.security:spring-security-core
Ecosystem: maven
PURL Type: maven
Package URL: pkg:maven/org.springframework.security:spring-security-core
JSON API: View JSON
Security Advisories

30

Active advisories
CRITICAL 3
HIGH 11
MODERATE 15
LOW 1
View All maven Advisories
Package Information
Description:

Spring Security

Repository: https://github.com/spring-projects/spring-security
Homepage: https://spring.io/projects/spring-security
Latest Release: 6.5.0
about 1 year ago
Dependent Repos: 44,289
Dependent Packages: 1,940
Ranking: Top 0.0214% by dependent repos Top 0.0366% by dependent pkgs
PR Status
Open 123 (42.3%)
Merged 68 (23.4%)
Closed 87 (29.9%)
PR Types
Major 46 (15.8%)
Minor 77 (26.5%)
Patch 155 (53.3%)