Package impact

Maven / org.springframework:spring-webmvc

CVE	Severity	CVSS	Risk	Published	Description
CVE-2014-0054	medium	—	6.8	12y ago	Cross-Site Request Forgery in Spring Framework
CVE-2026-22745	medium	5.3	5.3	29d ago	Spring MVC and WebFlux applications are vulnerable to Denial of Service attacks when resolving static resources
CVE-2014-3625	medium	—	5.0	12y ago	Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 through 3.2.x before 3.2.12, 4.0.x before 4.0.8, and 4.1.x before 4.1.2 allows remote attackers to read arbitrary files via unspeci…
CVE-2014-1904	medium	—	4.3	12y ago	Cross-site scripting (XSS) vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary …
CVE-2026-22741	low	3.1	3.1	29d ago	Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources.