Product:

Spring_security

(Vmware)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 21
Date Id Summary Products Score Patch Annotated
2019-06-26 CVE-2019-11272 Spring Security, versions 4.2.x up to 4.2.12, and older unsupported versions support plain text passwords using PlaintextPasswordEncoder. If an application using an affected version of Spring Security is leveraging PlaintextPasswordEncoder and a user has a null encoded password, a malicious user (or attacker) can authenticate using a password of "null". Debian_linux, Spring_security 7.3