Package impact
Maven / org.springframework:spring-webmvc
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-0225 | high | 8.8 | 8.8 | 9y ago | Improper Restriction of XML External Entity Reference in Spring Framework | |||
| CVE-2016-9878 | high | 7.5 | 7.5 | 10y ago | Pivotal Spring Framework Paths provided to the ResourceServlet were not properly sanitized | |||
| CVE-2014-0054 | medium | — | 6.8 | 12y ago | Cross-Site Request Forgery in Spring Framework | |||
| CVE-2026-22745 | medium | 5.3 | 5.3 | 1mo ago | Spring MVC and WebFlux applications are vulnerable to Denial of Service attacks when resolving static resources | |||
| CVE-2014-3625 | medium | — | 5.0 | 12y ago | Improper Limitation of a Pathname to a Restricted Directory in Spring Framework | |||
| CVE-2014-1904 | medium | — | 4.3 | 12y ago | Improper Neutralization of Input During Web Page Generation in Spring Framework | |||
| CVE-2026-22741 | low | 3.1 | 3.1 | 1mo ago | Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources. |