VIR Vulnerability Intelligence Relay

Package impact

java Maven / org.springframework:spring-webmvc

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2014-0054 medium 6.8 12y ago The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Framework before 3.2.8 and 4.0.0 before 4.0.2 does not disable external entity resolution, which allows remote attackers to read arbit… debianjava
CVE-2026-22745 medium 5.3 5.3 29d ago Spring MVC and WebFlux applications are vulnerable to Denial of Service attacks when resolving static resources debianjava
CVE-2014-3625 medium 5.0 12y ago Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 through 3.2.x before 3.2.12, 4.0.x before 4.0.8, and 4.1.x before 4.1.2 allows remote attackers to read arbitrary files via unspeci… debianjava
CVE-2014-1904 medium 4.3 12y ago Cross-site scripting (XSS) vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary … debianjava