Package impact

Maven / org.springframework:spring-webmvc

CVE	Severity	CVSS	Risk	Published	Description
CVE-2026-22741	low	3.1	3.1	29d ago	Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources.
CVE-2022-22965	unknown	—	1.5	4y ago	Remote Code Execution in Spring Framework
CVE-2026-22737	unknown	—	—	2mo ago	Spring Framework Improper Path Limitation with Script View Templates
CVE-2026-22735	unknown	—	—	2mo ago	Spring MVC and WebFlux has Server Sent Event stream corruption
CVE-2025-41242	unknown	—	—	9mo ago	Spring Framework MVC Applications Path Traversal Vulnerability
CVE-2024-38819	unknown	—	—	2y ago	Spring Framework Path Traversal vulnerability
CVE-2024-38828	unknown	—	—	2y ago	Spring MVC controller vulnerable to a DoS attack
CVE-2024-38816	unknown	—	—	2y ago	Path traversal vulnerability in functional web frameworks
CVE-2023-34053	unknown	—	—	3y ago	Spring Framework vulnerable to denial of service
CVE-2023-20860	unknown	—	—	3y ago	Spring Framework is vulnerable to security bypass via mvcRequestMatcher pattern mismatch
CVE-2020-5397	unknown	—	—	6y ago	CSRF attack via CORS preflight requests with Spring MVC or Spring WebFlux
CVE-2020-5398	unknown	—	—	6y ago	RFD attack via Content-Disposition header sourced from request input by Spring MVC or Spring WebFlux Application