Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.1
Spring Security Web: Unauthorized Access to Protected Resources
ROOT-APP-MAVEN-CVE-2024-38821
Summary
A security issue in Spring Security Web could allow attackers to access resources that are supposed to be restricted. This affects users of the Spring Security Web library. Users should update to a patched version to prevent unauthorized access.
What to do
- Update io.root.org.springframework.security:spring-security-web to version 6.3.3-root.io.1.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| Root:Maven | – | io.root.org.springframework.security:spring-security-web |
< 6.3.3-root.io.1 Fix: upgrade to 6.3.3-root.io.1
|
Original title
CVE-2024-38821 in io.root.org.springframework.security:spring-security-web - Patched by Root
Original description
Root has patched CVE-2024-38821 in the io.root.org.springframework.security:spring-security-web package for Root:Maven. Multiple fixed versions available.
osv CVSS3.1
9.1
Published: 25 May 2026 · Updated: 29 May 2026 · First seen: 29 May 2026