Vulnerabilities > Pivotal Software > Spring Security Oauth > 2.0.5

DATE CVE VULNERABILITY TITLE RISK
2019-06-12 CVE-2019-11269 Open Redirect vulnerability in multiple products
Spring Security OAuth versions 2.3 prior to 2.3.6, 2.2 prior to 2.2.5, 2.1 prior to 2.1.5, and 2.0 prior to 2.0.18, as well as older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code. 		5.8
5.8
2019-03-07 CVE-2019-3778 Open Redirect vulnerability in multiple products
Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2 prior to 2.2.4, and 2.1 prior to 2.1.4, and 2.0 prior to 2.0.17, and older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code.
network
low complexity
pivotal-software oracle CWE-601
6.4
6.4
2018-10-18 CVE-2018-15758 Unspecified vulnerability in Pivotal Software Spring Security Oauth
Spring Security OAuth, versions 2.3 prior to 2.3.4, and 2.2 prior to 2.2.3, and 2.1 prior to 2.1.3, and 2.0 prior to 2.0.16, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. 		6.8
6.8
2018-05-11 CVE-2018-1260 Code Injection vulnerability in Pivotal Software Spring Security Oauth
Spring Security OAuth, versions 2.3 prior to 2.3.3, 2.2 prior to 2.2.2, 2.1 prior to 2.1.2, 2.0 prior to 2.0.15 and older unsupported versions contains a remote code execution vulnerability.
network
low complexity
pivotal-software CWE-94
7.5
7.5