CVE-2013-6429 medium —
6.8
13y ago
The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitra…
debian java vmware
CVE-2015-3192 medium 5.5
5.5
10y ago
Pivotal Spring Framework DoS Attack with XML Input
debian fedora java vmware
CVE-2025-41234 unknown —
—
1y ago
Spring Framework vulnerable to a reflected file download (RFD)
debian java
CVE-2024-38820 unknown —
—
2y ago
Spring Framework DataBinder Case Sensitive Match Exception
debian java
CVE-2024-38809 unknown —
—
2y ago
Spring Framework DoS via conditional HTTP request
debian java
CVE-2024-22262 unknown —
—
2y ago
Spring Framework URL Parsing with Host Validation
debian java
CVE-2016-1000027 unknown —
—
4y ago
Pivotal Spring Framework contains unsafe Java deserialization methods
debian java