Vulnerability DB

VULNERABILITY	AFFECTS	TYPE	PUBLISHED
C XML External Entity (XXE) Injection	org.springframework.batch:spring-batch-core[4.1.0.RELEASE,4.1.1.RELEASE)[4.0.0.RELEASE,4.0.2.RELEASE)[3.0.9.RELEASE,3.0.10.RELEASE)	Maven	16 Jan 2019
H Insecure Temporary File	org.springframework.boot:spring-boot[,2.2.11.RELEASE)	Maven	31 Mar 2022
M Denial of Service (DoS)	org.springframework.boot:spring-boot-actuator[,2.7.18)[3.0.0,3.0.13)[3.1.0,3.1.6)	Maven	2 Feb 2024
M Improper Input Validation	org.springframework.boot:spring-boot-actuator-autoconfigure[2.7.0,3.3.11)[3.4.0,3.4.5)	Maven	25 Apr 2025
H Access Restriction Bypass	org.springframework.boot:spring-boot-actuator-autoconfigure[,2.5.15)[2.6.0,2.6.15)[2.7.0,2.7.11)[3.0.0,3.0.6)	Maven	21 Apr 2023
H Denial of Service (DoS)	org.springframework.boot:spring-boot-autoconfigure[,2.5.15)[2.6.0,2.6.15)[2.7.0,2.7.12)[3.0.0,3.0.7)	Maven	19 May 2023
H Improper Verification of Cryptographic Signature	org.springframework.boot:spring-boot-loader[3.2.0,3.2.9)[3.3.0,3.3.3)	Maven	23 Aug 2024
H Improper Verification of Cryptographic Signature	org.springframework.boot:spring-boot-loader-classic[3.2.0,3.2.9)[3.3.0,3.3.3)	Maven	23 Aug 2024
M Symlink privilege escalation	org.springframework.boot:spring-boot-loader-tools[1.5.0.RELEASE,1.5.10.RELEASE)	Maven	6 Feb 2018
C Arbitrary Code Execution	org.springframework.boot:spring-boot-starter-data-rest[,1.5.9.RELEASE)	Maven	16 Apr 2018
M Improper Authorization	org.springframework.cloud:spring-cloud-config-server[2.2.0,3.1.10)[4.0.0,4.1.6)[4.2.0,4.2.2)	Maven	9 Apr 2025
H Directory Traversal	org.springframework.cloud:spring-cloud-config-server[2.1.0, 2.1.9)[2.2.0, 2.2.3)	Maven	2 Jun 2020
H Directory Traversal	org.springframework.cloud:spring-cloud-config-server[2.2.0.RELEASE, 2.2.2.RELEASE)[2.1.0.RELEASE, 2.1.7.RELEASE)	Maven	6 Mar 2020
H Directory Traversal	org.springframework.cloud:spring-cloud-config-server[,1.4.6.RELEASE)[2.0.0.RELEASE,2.0.4.RELEASE)[2.1.0.RELEASE,2.1.2.RELEASE)	Maven	17 Apr 2019
M Creation of Temporary File With Insecure Permissions	org.springframework.cloud:spring-cloud-contract-shade[,3.1.10)[4.0.0,4.0.5)[4.1.0,4.1.1)	Maven	1 Feb 2024
M SQL Injection	org.springframework.cloud:spring-cloud-dataflow-server-core[2.6.0,2.6.5)[0,2.5.4.RELEASE)	Maven	26 Jan 2021
H Denial of Service (DoS)	org.springframework.cloud:spring-cloud-function-context[,4.1.2)	Maven	20 Jun 2024
M Denial of Service (DoS)	org.springframework.cloud:spring-cloud-function-context[,3.2.6)	Maven	16 Jun 2022
C Remote Code Execution	org.springframework.cloud:spring-cloud-function-context[,3.1.7)[3.2.0,3.2.3)	Maven	30 Mar 2022
H Unintended Proxy or Intermediary ('Confused Deputy')	org.springframework.cloud:spring-cloud-gateway-server[,3.1.10)[4.0.0,4.1.8)[4.2.0,4.2.3)	Maven	30 May 2025
C Arbitrary Code Injection	org.springframework.cloud:spring-cloud-gateway-server[,3.0.7)[3.1.0,3.1.1)	Maven	4 Mar 2022
H HTTP Request Smuggling	org.springframework.cloud:spring-cloud-gateway-server[3.0.0,3.0.5)[,2.2.10.RELEASE)	Maven	5 Nov 2021
H Unintended Proxy or Intermediary ('Confused Deputy')	org.springframework.cloud:spring-cloud-gateway-server-mvc[,4.1.8)[4.2.0,4.2.3)	Maven	30 May 2025
H Arbitrary Code Execution	org.springframework.cloud:spring-cloud-netflix-hystrix-dashboard[,2.2.10.RELEASE)	Maven	18 Nov 2021
M Unintended Proxy or Intermediary	org.springframework.cloud:spring-cloud-netflix-hystrix-dashboard[,2.1.6.RELEASE)[2.2.0.RELEASE,2.2.4.RELEASE)	Maven	5 Aug 2020
M Improper Access Control	org.springframework.cloud:spring-cloud-netflix-zuul[,2.2.7.RELEASE)	Maven	12 Feb 2021
H Improper Restriction of Communication Channel to Intended Endpoints	org.springframework.cloud:spring-cloud-openfeign-core[3.0.0,3.0.5)[,2.2.10)	Maven	27 Oct 2021
L Remote Code Execution (RCE)	org.springframework.cloud:spring-cloud-skipper-server-core[2.11.0, 2.11.4)	Maven	25 Jul 2024
M Arbitrary File Upload	org.springframework.cloud:spring-cloud-skipper-server-core[,2.11.3)	Maven	29 May 2024
M SQL Injection	org.springframework.cloud:spring-cloud-task-core[,2.2.5)	Maven	26 Jan 2021

APPLICATION

OPERATING SYSTEM