CVE-2026-22737
- EPSS 0.39%
- Veröffentlicht 19.03.2026 23:53:59
- Zuletzt bearbeitet 23.04.2026 14:20:14
Use of Java scripting engine enabled (e.g. JRuby, Jython) template views in Spring MVC and Spring WebFlux applications can result in disclosure of content from files outside the configured locations for script template views. This issue affects Sprin...
CVE-2026-22735
- EPSS 0.11%
- Veröffentlicht 19.03.2026 23:37:35
- Zuletzt bearbeitet 23.04.2026 14:21:22
Spring MVC and WebFlux applications are vulnerable to stream corruption when using Server-Sent Events (SSE). This issue affects Spring Foundation: from 7.0.0 through 7.0.5, from 6.2.0 through 6.2.16, from 6.1.0 through 6.1.25, from 5.3.0 through 5.3....
CVE-2025-41254
- EPSS 0.29%
- Veröffentlicht 16.10.2025 14:48:37
- Zuletzt bearbeitet 15.04.2026 00:35:42
STOMP over WebSocket applications may be vulnerable to a security bypass that allows an attacker to send unauthorized messages. Affected Spring Products and VersionsSpring Framework: * 6.2.0 - 6.2.11 * 6.1.0 - 6.1.23 * 6.0.x - 6.0.29 * ...
CVE-2025-41249
- EPSS 0.46%
- Veröffentlicht 16.09.2025 10:15:34
- Zuletzt bearbeitet 15.04.2026 00:35:42
The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization ...
CVE-2025-41242
- EPSS 1.92%
- Veröffentlicht 18.08.2025 08:47:07
- Zuletzt bearbeitet 15.04.2026 00:35:42
Spring Framework MVC applications can be vulnerable to a “Path Traversal Vulnerability” when deployed on a non-compliant Servlet container. An application can be vulnerable when all the following are true: * the application is deployed as a WAR ...
CVE-2025-41234
- EPSS 0.53%
- Veröffentlicht 12.06.2025 21:14:42
- Zuletzt bearbeitet 15.04.2026 00:35:42
Description In Spring Framework, versions 6.0.x as of 6.0.5, versions 6.1.x and 6.2.x, an application is vulnerable to a reflected file download (RFD) attack when it sets a “Content-Disposition” header with a non-ASCII charset, where the filename at...
CVE-2024-38820
- EPSS 0.63%
- Veröffentlicht 18.10.2024 06:15:03
- Zuletzt bearbeitet 29.11.2024 12:15:07
The fix for CVE-2022-22968 made disallowedFields patterns in DataBinder case insensitive. However, String.toLowerCase() has some Locale dependent exceptions that could potentially result in fields not protected as expected.
CVE-2024-38809
- EPSS 0.85%
- Veröffentlicht 27.09.2024 17:15:12
- Zuletzt bearbeitet 15.04.2026 00:35:42
Applications that parse ETags from "If-Match" or "If-None-Match" request headers are vulnerable to DoS attack. Users of affected versions should upgrade to the corresponding fixed version. Users of older, unsupported versions could enforce a size l...
CVE-2024-38808
- EPSS 0.54%
- Veröffentlicht 20.08.2024 08:15:05
- Zuletzt bearbeitet 18.06.2025 12:10:28
In Spring Framework versions 5.3.0 - 5.3.38 and older unsupported versions, it is possible for a user to provide a specially crafted Spring Expression Language (SpEL) expression that may cause a denial of service (DoS) condition. Specifically, an ap...
CVE-2024-22262
- EPSS 1.19%
- Veröffentlicht 16.04.2024 06:15:46
- Zuletzt bearbeitet 15.04.2026 00:35:42
Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/6...