| CVE-2014-0225 |
high |
8.8 |
8.8 |
9y ago |
Improper Restriction of XML External Entity Reference in Spring Framework |
|
| CVE-2016-9878 |
high |
7.5 |
7.5 |
10y ago |
Pivotal Spring Framework Paths provided to the ResourceServlet were not properly sanitized |
|
| CVE-2014-0054 |
medium |
— |
6.8 |
12y ago |
Cross-Site Request Forgery in Spring Framework |
|
| CVE-2026-22745 |
medium |
5.3 |
5.3 |
29d ago |
Spring MVC and WebFlux applications are vulnerable to Denial of Service attacks when resolving static resources |
|
| CVE-2014-3625 |
medium |
— |
5.0 |
12y ago |
Improper Limitation of a Pathname to a Restricted Directory in Spring Framework |
|
| CVE-2014-1904 |
medium |
— |
4.3 |
12y ago |
Improper Neutralization of Input During Web Page Generation in Spring Framework |
|
| CVE-2026-22741 |
low |
3.1 |
3.1 |
29d ago |
Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources. |
|