Open Source Vulnerability Database

The most comprehensive, accurate, and timely database for open source vulnerabilities.

Remote Code Execution

Affecting org.springframework:spring-beans package, versions [ ,5.2.20) , [5.3.0, 5.3.18)

How to fix?

Upgrade org.springframework:spring-beans to version 5.2.20, 5.3.18 or higher.


Recent vulnerabilities disclosed by Snyk

    • C

    Malicious Package in byte54321 (npm)

    • C

    Malicious Package in zzz-hello (npm)

    • C

    Malicious Package in byte5432 (npm)

    • C

    Malicious Package in pages-functions-with-routes-app (npm)

    • C

    Malicious Package in y1zh3e7 (npm)

We’ve disclosed

by Snyk Security

About Snyk

Snyk is a developer security platform. Integrating directly into development tools, workflows, and automation pipelines, Snyk makes it easy for teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and infrastructure as code. Supported by industry-leading application and security intelligence, Snyk puts security expertise in any developer's toolkit.

A shield with a tick icon inside, symbolising security