[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-31692":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":27,"aliases":28,"duplicate_of":9,"upstream":30,"downstream":31,"duplicates":36,"related":37,"reserved_at":9,"published_at":38,"modified_at":39,"state":40,"summary":41,"references_raw":50,"kevs":79,"epss":80,"epss_history":83,"metrics":336,"affected":345},"CVE-2022-31692","Spring Security, versions 5.7 prior to 5.7.5 and 5.6 prior to 5.6.9 could be susceptible to authorization rules bypass via forward or include dispatcher types. Specifically, an application is vulnerable when all of the following are true: The application expects that Spring Security applies security to forward and include dispatcher types. The application uses the AuthorizationFilter either manually or via the authorizeHttpRequests() method. The application configures the FilterChainProxy to apply to forward and/or include requests (e.g. spring.security.filter.dispatcher-types = request, error, async, forward, include). The application may forward or include the request to a higher privilege-secured endpoint.The application configures Spring Security to apply to every dispatcher type via authorizeHttpRequests().shouldFilterAllDispatcherTypes(true)",null,[11,18],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"NVD-CWE-NOINFO","Insufficient Information","NVD uses this CWE ID when there is insufficient information to assign a specific CWE.","placeholder","NVD-Reserved",[],{"_key":19,"id":19,"name":20,"description":21,"type":22,"status":23,"abstraction":24,"likelihood_of_exploit":25,"capec":26},"CWE-639","Authorization Bypass Through User-Controlled Key","The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.","weakness","Incomplete","Base","High",[],[],[29],"GHSA-mmmh-wcxm-2wr4",[],[32,34],{"_key":33},"RHSA-2023:1655",{"_key":35},"UBUNTU-CVE-2022-31692",[],[],"2022-10-31T00:00:00.000Z","2025-05-06T15:53:54.566Z","Modified",{"cisa_kev":42,"cisa_ransomware":42,"cisa_vendor":9,"epss_severity":43,"epss_score":44,"severity":45,"severity_score":46,"severity_version":47,"severity_source":48,"severity_vector":49,"severity_status":40},false,"low",0.07387,"critical",9.8,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[51,60,65,70,75],{"url":52,"sources":53,"tags":56},"https://tanzu.vmware.com/security/cve-2022-31692",[48,54,55],"nvd","osv_maven",[57,58,59],"Mitigation","Vendor Advisory","WEB",{"url":61,"sources":62,"tags":63},"https://security.netapp.com/advisory/ntap-20221215-0010/",[48,54],[64],"Third Party Advisory",{"url":66,"sources":67,"tags":68},"https://nvd.nist.gov/vuln/detail/CVE-2022-31692",[55],[69],"Advisory",{"url":71,"sources":72,"tags":73},"https://github.com/spring-projects/spring-security",[55],[74],"PACKAGE",{"url":76,"sources":77,"tags":78},"https://security.netapp.com/advisory/ntap-20221215-0010",[55],[59],[],{"date":81,"score":44,"percentile":82},"2026-06-04",0.91865,[84,88,91,94,97,100,102,104,107,110,113,116,118,121,124,128,131,134,137,139,142,145,147,150,152,155,158,161,164,167,170,172,175,178,181,183,186,189,192,195,198,201,204,207,210,213,216,219,221,223,225,227,230,233,236,239,241,243,246,249,252,255,258,261,264,266,269,272,275,277,279,281,284,287,290,293,295,298,301,304,307,310,313,316,319,322,325,327,330,333],{"date":85,"score":86,"percentile":87},"2025-11-04",0.08385,0.91908,{"date":89,"score":86,"percentile":90},"2025-11-05",0.91907,{"date":92,"score":86,"percentile":93},"2025-11-06",0.91909,{"date":95,"score":86,"percentile":96},"2025-11-07",0.91912,{"date":98,"score":86,"percentile":99},"2025-11-08",0.9191,{"date":101,"score":86,"percentile":93},"2025-11-09",{"date":103,"score":86,"percentile":99},"2025-11-10",{"date":105,"score":86,"percentile":106},"2025-11-11",0.91916,{"date":108,"score":86,"percentile":109},"2025-11-12",0.91921,{"date":111,"score":86,"percentile":112},"2025-11-13",0.91923,{"date":114,"score":86,"percentile":115},"2025-11-14",0.91925,{"date":117,"score":86,"percentile":109},"2025-11-15",{"date":119,"score":86,"percentile":120},"2025-11-16",0.91928,{"date":122,"score":86,"percentile":123},"2025-11-17",0.91929,{"date":125,"score":126,"percentile":127},"2025-11-18",0.15802,0.94182,{"date":129,"score":126,"percentile":130},"2025-11-19",0.94186,{"date":132,"score":126,"percentile":133},"2025-11-20",0.94189,{"date":135,"score":86,"percentile":136},"2025-11-21",0.91938,{"date":138,"score":86,"percentile":136},"2025-11-22",{"date":140,"score":86,"percentile":141},"2025-11-23",0.91943,{"date":143,"score":86,"percentile":144},"2025-11-24",0.91944,{"date":146,"score":86,"percentile":144},"2025-11-25",{"date":148,"score":86,"percentile":149},"2025-11-26",0.91945,{"date":151,"score":86,"percentile":141},"2025-11-27",{"date":153,"score":86,"percentile":154},"2025-11-28",0.91935,{"date":156,"score":86,"percentile":157},"2025-11-29",0.91958,{"date":159,"score":86,"percentile":160},"2025-11-30",0.91957,{"date":162,"score":86,"percentile":163},"2025-12-01",0.91997,{"date":165,"score":86,"percentile":166},"2025-12-02",0.92,{"date":168,"score":86,"percentile":169},"2025-12-03",0.92002,{"date":171,"score":86,"percentile":157},"2025-12-04",{"date":173,"score":86,"percentile":174},"2025-12-05",0.9196,{"date":176,"score":86,"percentile":177},"2025-12-06",0.91964,{"date":179,"score":86,"percentile":180},"2025-12-07",0.91962,{"date":182,"score":86,"percentile":180},"2025-12-08",{"date":184,"score":86,"percentile":185},"2025-12-09",0.91966,{"date":187,"score":86,"percentile":188},"2025-12-10",0.91976,{"date":190,"score":86,"percentile":191},"2025-12-11",0.91979,{"date":193,"score":86,"percentile":194},"2025-12-12",0.91981,{"date":196,"score":86,"percentile":197},"2025-12-13",0.91973,{"date":199,"score":86,"percentile":200},"2025-12-14",0.91969,{"date":202,"score":86,"percentile":203},"2025-12-15",0.91971,{"date":205,"score":86,"percentile":206},"2025-12-16",0.91982,{"date":208,"score":86,"percentile":209},"2025-12-17",0.91987,{"date":211,"score":86,"percentile":212},"2025-12-18",0.91992,{"date":214,"score":86,"percentile":215},"2025-12-19",0.91995,{"date":217,"score":86,"percentile":218},"2025-12-20",0.91996,{"date":220,"score":86,"percentile":218},"2025-12-21",{"date":222,"score":86,"percentile":215},"2025-12-22",{"date":224,"score":86,"percentile":163},"2025-12-23",{"date":226,"score":86,"percentile":169},"2025-12-24",{"date":228,"score":86,"percentile":229},"2025-12-25",0.92006,{"date":231,"score":86,"percentile":232},"2025-12-26",0.92005,{"date":234,"score":86,"percentile":235},"2025-12-27",0.92027,{"date":237,"score":86,"percentile":238},"2025-12-28",0.92001,{"date":240,"score":86,"percentile":163},"2025-12-29",{"date":242,"score":86,"percentile":169},"2025-12-30",{"date":244,"score":86,"percentile":245},"2025-12-31",0.9201,{"date":247,"score":86,"percentile":248},"2026-01-01",0.92066,{"date":250,"score":86,"percentile":251},"2026-01-02",0.92063,{"date":253,"score":86,"percentile":254},"2026-01-03",0.92062,{"date":256,"score":86,"percentile":257},"2026-01-04",0.92018,{"date":259,"score":86,"percentile":260},"2026-01-05",0.92017,{"date":262,"score":86,"percentile":263},"2026-01-06",0.92019,{"date":265,"score":86,"percentile":257},"2026-01-07",{"date":267,"score":86,"percentile":268},"2026-01-08",0.9202,{"date":270,"score":86,"percentile":271},"2026-01-09",0.92023,{"date":273,"score":86,"percentile":274},"2026-01-10",0.92025,{"date":276,"score":86,"percentile":263},"2026-01-11",{"date":278,"score":86,"percentile":263},"2026-01-12",{"date":280,"score":86,"percentile":268},"2026-01-13",{"date":282,"score":86,"percentile":283},"2026-01-14",0.92032,{"date":285,"score":86,"percentile":286},"2026-01-15",0.92035,{"date":288,"score":86,"percentile":289},"2026-01-16",0.92036,{"date":291,"score":86,"percentile":292},"2026-01-17",0.92041,{"date":294,"score":86,"percentile":289},"2026-01-18",{"date":296,"score":86,"percentile":297},"2026-01-19",0.92039,{"date":299,"score":86,"percentile":300},"2026-01-20",0.92042,{"date":302,"score":86,"percentile":303},"2026-01-21",0.92047,{"date":305,"score":86,"percentile":306},"2026-01-22",0.9205,{"date":308,"score":86,"percentile":309},"2026-01-23",0.92058,{"date":311,"score":86,"percentile":312},"2026-01-24",0.92065,{"date":314,"score":86,"percentile":315},"2026-01-25",0.92067,{"date":317,"score":86,"percentile":318},"2026-01-26",0.9207,{"date":320,"score":86,"percentile":321},"2026-01-27",0.92072,{"date":323,"score":86,"percentile":324},"2026-01-28",0.92077,{"date":326,"score":86,"percentile":324},"2026-01-29",{"date":328,"score":86,"percentile":329},"2026-01-30",0.92075,{"date":331,"score":86,"percentile":332},"2026-01-31",0.92073,{"date":334,"score":86,"percentile":335},"2026-02-01",0.92116,[337,341,343],{"source":48,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":338,"cvss_v4_0":9},{"baseScore":46,"baseSeverity":339,"vectorString":49,"impactScore":46,"exploitabilityScore":340},"CRITICAL",10,{"source":54,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":342,"cvss_v4_0":9},{"baseScore":46,"baseSeverity":339,"vectorString":49,"impactScore":46,"exploitabilityScore":340},{"source":55,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":344,"cvss_v4_0":9},{"baseScore":46,"baseSeverity":9,"vectorString":49,"impactScore":46,"exploitabilityScore":340},[346,365,374],{"ecosystem":347,"name":348,"vendor":349,"product":350,"cpe_part":9,"purl_type":351,"purl_namespace":349,"purl_name":350,"source":9,"versions":352},"Maven","org.springframework.security:spring-security-core","org.springframework.security","spring-security-core","maven",[353,361],{"version":354,"is_range":355,"range_type":356,"version_start":357,"version_start_type":358,"version_end":359,"version_end_type":360,"fixed_in":9},"gte5_7_0_lt5_7_5",true,"ecosystem","5.7.0","including","5.7.5","excluding",{"version":362,"is_range":355,"range_type":356,"version_start":363,"version_start_type":358,"version_end":364,"version_end_type":360,"fixed_in":9},"gte5_6_0_lt5_6_9","5.6.0","5.6.9",{"ecosystem":9,"name":366,"vendor":367,"product":368,"cpe_part":369,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":370},"active iq unified manager","netapp","active_iq_unified_manager","a",[371],{"version":372,"is_range":42,"range_type":373,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"na","cpe",{"ecosystem":9,"name":375,"vendor":376,"product":377,"cpe_part":369,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":378},"spring security","vmware","spring_security",[379,381],{"version":380,"is_range":355,"range_type":373,"version_start":363,"version_start_type":358,"version_end":364,"version_end_type":360,"fixed_in":9},"gte5.6.0_lt5.6.9",{"version":382,"is_range":355,"range_type":373,"version_start":357,"version_start_type":358,"version_end":359,"version_end_type":360,"fixed_in":9},"gte5.7.0_lt5.7.5"]