Package impact
Maven / org.springframework:spring-webmvc
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2014-0225 | high | 8.8 | 8.8 | 9y ago | When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references… | |
| CVE-2016-9878 | high | 7.5 | 7.5 | 10y ago | Pivotal Spring Framework Paths provided to the ResourceServlet were not properly sanitized |