VMware Spring Session
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in VMware Spring Session.
By the Year
In 2025 there have been 0 vulnerabilities in VMware Spring Session. Spring Session did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 1 | 6.50 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Spring Session vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent VMware Spring Session Security Vulnerabilities
In Spring Session version 3.0.0, the session id can be logged to the standard output stream
CVE-2023-20866
6.5 - Medium
- April 13, 2023
In Spring Session version 3.0.0, the session id can be logged to the standard output stream. This vulnerability exposes sensitive information to those who have access to the application logs and can be used for session hijacking. Specifically, an application is vulnerable if it is using HeaderHttpSessionIdResolver.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for VMware Spring Session or by VMware? Click the Watch button to subscribe.
