Spring Session VMware Spring Session

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in VMware Spring Session.

By the Year

In 2025 there have been 0 vulnerabilities in VMware Spring Session. Spring Session did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2025 0 0.00
2024 0 0.00
2023 1 6.50
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Spring Session vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent VMware Spring Session Security Vulnerabilities

In Spring Session version 3.0.0, the session id can be logged to the standard output stream

CVE-2023-20866 6.5 - Medium - April 13, 2023

In Spring Session version 3.0.0, the session id can be logged to the standard output stream. This vulnerability exposes sensitive information to those who have access to the application logs and can be used for session hijacking. Specifically, an application is vulnerable if it is using HeaderHttpSessionIdResolver.

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for VMware Spring Session or by VMware? Click the Watch button to subscribe.

VMware
Vendor

subscribe