You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Provides transitive vulnerable dependency maven:org.springframework.security:spring-security-web:6.2.3
* [GHSA-c4q5-6c82-3qpw](https://osv.dev/vulnerability/GHSA-c4q5-6c82-3qpw) 9.1 Spring Security vulnerable to Authorization Bypass of Static Resources in WebFlux Applications
Results powered by [OSV](https://osv.dev/)
Provides transitive vulnerable dependency maven:com.nimbusds:nimbus-jose-jwt:9.24.4
* [GHSA-gvpg-vgmx-xg6w](https://osv.dev/vulnerability/GHSA-gvpg-vgmx-xg6w) 7.5 Denial of Service in Connect2id Nimbus JOSE+JWT
Results powered by [OSV](https://osv.dev/)
Provides transitive vulnerable dependency maven:commons-io:commons-io:2.11.0
* [GHSA-78wr-2p64-hpwj](https://osv.dev/vulnerability/GHSA-78wr-2p64-hpwj) 7.5 Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader
Results powered by [OSV](https://osv.dev/)
Provides transitive vulnerable dependency maven:org.springframework:spring-web:6.1.5
* [GHSA-2wrp-6fg6-hmc5](https://osv.dev/vulnerability/GHSA-2wrp-6fg6-hmc5) 8.1 Spring Framework URL Parsing with Host Validation
* [GHSA-2rmj-mq67-h97g](https://osv.dev/vulnerability/GHSA-2rmj-mq67-h97g) 5.3 Spring Framework DoS via conditional HTTP request
Results powered by [OSV](https://osv.dev/)
Provides transitive vulnerable dependency maven:org.springframework:spring-context:6.1.5
* [GHSA-4gc7-5j7h-4qph](https://osv.dev/vulnerability/GHSA-4gc7-5j7h-4qph) 3.1 Spring Framework DataBinder Case Sensitive Match Exception
Results powered by [OSV](https://osv.dev/)
Provides transitive vulnerable dependency maven:org.bouncycastle:bcprov-jdk18on:1.74
* [GHSA-v435-xc8x-wvr9](https://osv.dev/vulnerability/GHSA-v435-xc8x-wvr9) 5.9 Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack")
* [GHSA-8xfc-gm6g-vgpv](https://osv.dev/vulnerability/GHSA-8xfc-gm6g-vgpv) 5.3 Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.
* [GHSA-m44j-cfrm-g8qc](https://osv.dev/vulnerability/GHSA-m44j-cfrm-g8qc) 5.3 Bouncy Castle crafted signature and public key can be used to trigger an infinite loop
* [GHSA-4h8f-2wvx-gg5w](https://osv.dev/vulnerability/GHSA-4h8f-2wvx-gg5w) 2.0 Bouncy Castle Java Cryptography API vulnerable to DNS poisoning
Results powered by [OSV](https://osv.dev/)
Provides transitive vulnerable dependency maven:org.keycloak:keycloak-core:22.0.5
* [GHSA-w97f-w3hq-36g2](https://osv.dev/vulnerability/GHSA-w97f-w3hq-36g2) 6.5 Keycloak Denial of Service vulnerability
* [GHSA-57rh-gr4v-j5f6](https://osv.dev/vulnerability/GHSA-57rh-gr4v-j5f6) 4.8 Keycloak Uses a Key Past its Expiration Date
* [GHSA-xmmm-jw76-q7vg](https://osv.dev/vulnerability/GHSA-xmmm-jw76-q7vg) 4.8 One Time Passcode (OTP) is valid longer than expiration timeSeverity
* [GHSA-g4gc-rh26-m3p5](https://osv.dev/vulnerability/GHSA-g4gc-rh26-m3p5) 4.4 Keycloak Open Redirect vulnerability
* [GHSA-3hrr-xwvg-hxvr](https://osv.dev/vulnerability/GHSA-3hrr-xwvg-hxvr) 3.7 Keycloak DoS via account lockout
Results powered by [OSV](https://osv.dev/)
qodana-cloud[bot]