Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • M
HTTP Response Splitting		org.springframework:spring-web[6.0.5,6.1.21)[6.2.0,6.2.8)Maven13 Jun 2025
  • L
Improper Handling of Case Sensitivity		org.springframework:spring-web[,6.1.14)Maven18 Oct 2024
  • M
Denial of Service (DoS)		org.springframework:spring-web[,5.3.38)[6.0.0, 6.0.23)[6.1.0, 6.1.12)Maven15 Aug 2024
  • M
Open Redirect		org.springframework:spring-web[,5.3.34)[6.0.0, 6.0.19)[6.1.0, 6.1.6)Maven12 Apr 2024
  • H
Open Redirect		org.springframework:spring-web[,5.3.33)[6.0.0, 6.0.18)[6.1.0, 6.1.5)Maven15 Mar 2024
  • H
Open Redirect		org.springframework:spring-web[,5.3.32)[6.0.0,6.0.17)[6.1.0,6.1.4)Maven22 Feb 2024
  • M
Denial of Service (DoS)		org.springframework:spring-web[6.0.0,6.0.14)Maven28 Nov 2023
  • M
Privilege Escalation		org.springframework:spring-web[5.3.0,5.3.7)[5.0.0.RELEASE,5.2.15.RELEASE)Maven26 May 2021
  • H
Improper Input Validation		org.springframework:spring-web[3.2.0.RELEASE,4.3.29.RELEASE)[5.0.0.RELEASE, 5.0.19.RELEASE)[5.1.0.RELEASE, 5.1.18.RELEASE)[5.2.0.RELEASE, 5.2.9.RELEASE)Maven18 Sept 2020
  • H
Reflected File Download (RFD)		org.springframework:spring-web[5.2.0, 5.2.3)[5.1.0, 5.1.13)[5.0.0, 5.0.16)Maven22 Jan 2020
  • L
Denial of Service (DoS)		org.springframework:spring-web[4.2.0.RELEASE, 4.3.20.RELEASE)[5.0.0.RELEASE, 5.0.10.RELEASE)[5.1.0.RELEASE, 5.1.1.RELEASE)Maven18 Oct 2018
  • H
Reflected File Download		org.springframework:spring-web[3.2.0.RELEASE, 3.2.15.RELEASE)[4.0.0.RELEASE, 4.1.8.RELEASE)[4.2.0.RELEASE, 4.2.2.RELEASE)Maven25 Dec 2016
  • M
Denial of Service (DoS)		org.springframework:spring-web[3.2.0.RELEASE, 3.2.14.RELEASE)[4.0.0.RELEASE, 4.1.7.RELEASE)Maven25 Dec 2016
  • H
XML External Entity (XXE) Injection		org.springframework:spring-web[3.0.0.RELEASE,3.2.9.RELEASE)[4.0.0.RELEASE,4.0.5.RELEASE)Maven25 Dec 2016
  • M
Cross-Site Tracing (XST)		org.springframework:spring-web[4.3.0.RELEASE, 4.3.18.RELEASE)[5.0.0.RELEASE, 5.0.7.RELEASE)Maven25 Dec 2016
  • M
Information Exposure		org.springframework:spring-web[4.3.0.RELEASE,4.3.18.RELEASE)[5.0.0.RELEASE,5.0.7.RELEASE)Maven25 Dec 2016
  • M
XML External Entity (XXE) Injection		org.springframework:spring-web[3.0.0.RELEASE,3.2.4.RELEASE)[4.0.0.RELEASE,4.0.1.RELEASE)Maven25 Dec 2016
  • L
Cross-site Scripting (XSS)		org.springframework:spring-web[3.0.0.RELEASE, 3.2.2.RELEASE)Maven25 Dec 2016
  • M
XML External Entity (XXE) Injection		org.springframework:spring-web[3,3.2.4)[4-alpha,4.0.0.M2)Maven25 Dec 2016
  • M
Cross-site Request Forgery (CSRF)		org.springframework:spring-web[3.0.0.RELEASE,3.2.8.RELEASE)[4.0.0.RELEASE,4.0.2.RELEASE)Maven6 Jun 2014
  • M
XML External Entity (XXE) Injection		org.springframework:spring-web[3.0.0.RELEASE, 3.2.4.RELEASE)Maven22 Aug 2013
  • H
Expression Language Injection		org.springframework:spring-web[,2.5.6.SEC03)[3.0.0.RELEASE,3.0.6.RELEASE)Maven9 Sept 2011
  • M
Inefficient Regular Expression Complexity		org.springframework/spring-web*rhel:825 Sept 2024
  • M
Inefficient Regular Expression Complexity		org.springframework/spring-web*rhel:925 Sept 2024
  • M
Inefficient Regular Expression Complexity		org.springframework/spring-web*rhel:725 Sept 2024
  • H
Path Traversal		org.springframework:spring-webflux[,6.1.14)Maven18 Oct 2024
  • L
Improper Handling of Case Sensitivity		org.springframework:spring-webflux[,6.1.14)Maven18 Oct 2024
  • H
Path Traversal		org.springframework:spring-webflux[,6.1.13)Maven13 Sept 2024
  • M
Improper Output Neutralization for Logs		org.springframework:spring-webflux[5.3.0,5.3.12)[,5.2.18)Maven27 Oct 2021
  • M
Cross-Site Request Forgery (CSRF)		org.springframework:spring-webflux[5.2.0, 5.2.3)Maven22 Jan 2020