-
Vulnerable Library - spring-boot-starter-security-3.1.5.jar
Path to dependency file: /pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/security/spring-securi…
-
Spring Cloud offers some auto-configuration for its `@FeignClient` which entered maintenance mode in favor of `RestClient` and `WebClient` used with `HttpServiceProxyFactory` for `@HttpExchange`.
T…
-
@zvigrinberg I run the keycloak and springboot apps on local laptop. Both running in containers fine with keycloak at port `8080` and springboot at `8081`. I managed to request TOKEN from the keycloak…
-
I use the Version 2.0.0 of the hotswap plugin with spring boot 3 / spring 6 and i get the following errors on startup:
HOTSWAP AGENT: 22:13:42.956 ERROR (org.hotswap.agent.plugin.spring.files.XmlBe…
-
I'm having problems trying to run these two SAML2 samples:
* https://github.com/spring-projects/spring-security-samples/tree/main/servlet/java-configuration/saml2/login
* https://github.com/spring…
-
## CVE-2019-3795 - Medium Severity Vulnerability
Vulnerable Library - spring-security-core-5.0.7.RELEASE.jar
spring-security-core
Library home page: http://spring.io/
Path to dependency file: /commo…
-
I have a Spring Boot 2.3.1 application that uses thymeleaf-extras-springsecurity5. The `sec:authorize="isAnonymous()"` it's not workning when user is no logged in. The `sec:authorize="isAuthenticated(…
-
cn.stylefeng.roses
auth-spring-boot-starter
${roses.kernel.version}
cn.stylefeng.roses
secur…
-
Currently, there is no easy way to flag a `UserDetails` object that has its password compromised. There is no first-class property in Spring Security to identify that.
This will entail:
- Update…
-
## CVE-2022-27772 - High Severity Vulnerability
Vulnerable Library - spring-boot-2.2.0.M3.jar
Spring Boot
Library home page: https://spring.io
Path to dependency file: /packages/cactus-plugin-ledger…