Vulnerability Directory
If you’re currently using these frameworks in your application’s tech stack, your application could be vulnerable.
Secure drop-in replacements for open source software from HeroDevs helps you stay secure, compliant, and compatible while you migrate.
Switch to Never-Ending Support (NES) from HeroDevs to immediately mitigate these vulnerabilities.
Secure drop-in replacements for open source software from HeroDevs helps you stay secure, compliant, and compatible while you migrate.
Switch to Never-Ending Support (NES) from HeroDevs to immediately mitigate these vulnerabilities.
Vulnerability Directory
If you’re currently using these frameworks in your application’s tech stack, your application could be vulnerable.
Secure drop-in replacements for open source software from HeroDevs helps you stay secure, compliant, and compatible while you migrate.
Switch to Never-Ending Support (NES) from HeroDevs to immediately mitigate these vulnerabilities.
Severity
ID
Technology
Libraries Affected
Category
Version(s) Affected
Published Date
Medium
Spring
Spring Boot
Incorrectly Configured Access Control
<2.7.0, >=2.7.0 <2.7.25, >=3.1.0 <3.1.16, >=3.2.0 <3.2.14, >=3.3.0 <3.3.11, >=3.4.0 <3.4.5
Apr 25, 2025
Medium
Spring
Spring Security
Information Exposure
=5.7.16, =5.8.18, =6.0.16, =6.1.14, =6.2.10, =6.3.8, =6.4.4
Apr 22, 2025
Medium
Spring
Spring Cloud Config
Authorization Bypass
>=2.2.0 <=2.2.8, >=3.0.0 <=3.0.7, >=3.1.0 <3.1.10, >=4.0.0 <=4.0.5, >=4.1.0 <4.1.6, >=4.2.0 <4.2.1
Apr 10, 2025
Critical
Apache Spark
Apache Spark
Broken Access
<3.4.0 >=3.3.0 <=3.3.1 >=3.2.0 <=3.2.3 >=3.1.0 <=3.1.3 >=3.0.0 <=3.0.3 >=2.4.8
Apr 9, 2025
High
Apache Spark
Apache Spark
Command Injection
>=3.2.0 <=3.2.1 >=3.1.1 <=3.1.3 <=3.0.3
Apr 9, 2025
High
.NET
ASP.NET Core Runtime; Microsoft.AspNetCore.Identity
Weak Authentication
ASP.NET Core: >= 6.0.0 <= 6.0.36 >= 8.0.0 <= 8.0.13 >= 9.0.0 <= 9.0.2 Microsoft.AspNetCore.Identity: <= 2.3.0
Apr 4, 2025
High
.NET
.NET Runtime
Buffer Over-read
>= 6.0.0 <= 6.0.36 >= 8.0.0 <= 8.0.11 <= 9.0.0
Apr 4, 2025
High
.NET
.NET Runtime
Creation of Temporary File in Directory with Insecure Permissions
>= 6.0.0 <= 6.0.36 >= 8.0.0 <= 8.0.11 <= 9.0.0
Apr 4, 2025
High
.NET
.NET Runtime
Heap-based Buffer Overflow
>= 6.0.0 <= 6.0.36 >= 8.0.0 <= 8.0.11 <= 9.0.0
Apr 4, 2025
High
.NET
ASP.NET Core Runtime
Use After Free
>= 6.0.0 <= 6.0.36 >= 8.0.0 <= 8.0.8 >= 9.0.0-preview.1.24081.5 <= 9.0.0.RC.1
Apr 4, 2025
Critical
.NET
ASP.NET Core Runtime
Use After Free
>= 6.0.0 <= 6.0.36 >= 8.0.0 <= 8.0.6
Apr 4, 2025
No results found
Please enter a valid Vulnerability ID number or Technology name.