| CVE-2026-22740 |
medium |
6.5 |
6.5 |
29d ago |
Spring Framework DoS with Multipart Temp Files in WebFlux |
|
| CVE-2026-22745 |
medium |
5.3 |
5.3 |
29d ago |
Spring MVC and WebFlux applications are vulnerable to Denial of Service attacks when resolving static resources |
|
| CVE-2026-22741 |
low |
3.1 |
3.1 |
29d ago |
Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources. |
|
| CVE-2022-22965 |
unknown |
— |
1.5 |
4y ago |
Remote Code Execution in Spring Framework |
|
| CVE-2026-22735 |
unknown |
— |
— |
2mo ago |
Spring MVC and WebFlux has Server Sent Event stream corruption |
|
| CVE-2026-22737 |
unknown |
— |
— |
2mo ago |
Spring Framework Improper Path Limitation with Script View Templates |
|
| CVE-2024-38819 |
unknown |
— |
— |
2y ago |
Spring Framework Path Traversal vulnerability |
|
| CVE-2024-38816 |
unknown |
— |
— |
2y ago |
Path traversal vulnerability in functional web frameworks |
|
| CVE-2020-5397 |
unknown |
— |
— |
6y ago |
CSRF attack via CORS preflight requests with Spring MVC or Spring WebFlux |
|
| CVE-2020-5398 |
unknown |
— |
— |
6y ago |
RFD attack via Content-Disposition header sourced from request input by Spring MVC or Spring WebFlux Application |
|