VIR Vulnerability Intelligence Relay

Package impact

java Maven / org.springframework:spring-webmvc

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2014-0225 high 8.8 8.8 9y ago When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references… debianjavavmware
CVE-2016-9878 high 7.5 7.5 10y ago Pivotal Spring Framework Paths provided to the ResourceServlet were not properly sanitized debianjavavmware
CVE-2022-22965 unknown 1.5 4y ago Remote Code Execution in Spring Framework debianjava
CVE-2026-22735 unknown 2mo ago Spring MVC and WebFlux has Server Sent Event stream corruption debianjava
CVE-2026-22737 unknown 2mo ago Spring Framework Improper Path Limitation with Script View Templates debianjava
CVE-2023-20860 unknown 3y ago Spring Framework is vulnerable to security bypass via mvcRequestMatcher pattern mismatch debianjava
CVE-2020-5397 unknown 6y ago CSRF attack via CORS preflight requests with Spring MVC or Spring WebFlux debianjava