Package impact
Maven / org.thymeleaf:thymeleaf-spring5
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-41901 | critical | 9.0 | 9.0 | 17d ago | Sandboxed Thymeleaf expressions vulnerable to improper recognition of unauthorized syntax patterns | |||
| CVE-2026-40478 | unknown | — | — | 2mo ago | Improper neutralization of specific syntax patterns for unauthorized expressions in Thymeleaf | |||
| CVE-2026-40477 | unknown | — | — | 2mo ago | Improper restriction of the scope of accessible objects in Thymeleaf expressions | |||
| CVE-2021-43466 | unknown | — | — | 5y ago | Template injection in thymeleaf-spring5 |