Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All Vulnerabilities
APPLICATION
Cargo
cocoapods
Composer
Conan
Go
hex
Maven
npm
NuGet
pip
pub
RubyGems
Swift
Unmanaged (C/C++)
OPERATING SYSTEM
All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi
Report a new vulnerability
VULNERABILITY
AFFECTS
TYPE
PUBLISHED
M
Denial of Service (DoS)
org.springframework:spring-webmvc
[,6.0.0)
Maven
19 Nov 2024
H
Path Traversal
org.springframework:spring-webmvc
[,6.1.14)
Maven
18 Oct 2024
L
Improper Handling of Case Sensitivity
org.springframework:spring-webmvc
[,6.1.14)
Maven
18 Oct 2024
H
Path Traversal
org.springframework:spring-webmvc
[,6.1.13)
Maven
13 Sept 2024
C
Improper Access Control
org.springframework:spring-webmvc
[5.3.0,5.3.26)
[6.0.0,6.0.7)
Maven
23 Mar 2023
M
Cross-Site Request Forgery (CSRF)
org.springframework:spring-webmvc
[5.2.0, 5.2.3)
Maven
22 Jan 2020
M
Directory Traversal
org.springframework:spring-webmvc
[,4.3.15.RELEASE)
[5.0.0.RELEASE,5.0.5.RELEASE)
Maven
9 Apr 2018
M
Multipart Content Pollution
org.springframework:spring-webmvc
[4.3.0.RELEASE, 4.3.14.RELEASE)
[5.0.0.RELEASE, 5.0.5.RELEASE)
Maven
9 Apr 2018
M
Cross-site Scripting (XSS)
org.springframework:spring-webmvc
[,3.0.6.RELEASE)
Maven
20 Sept 2017
H
Directory Traversal
org.springframework:spring-webmvc
[1.2.1,3.2.18.RELEASE)
[4.2.0.RELEASE,4.2.9.RELEASE)
[4.3.0.RELEASE,4.3.5.RELEASE)
Maven
28 Dec 2016
M
Directory Traversal
org.springframework:spring-webmvc
[3.2.0.RELEASE,3.2.12.RELEASE)
[4.0.0.RELEASE,4.0.8.RELEASE)
[4.1.0.RELEASE,4.1.2.RELEASE)
Maven
25 Dec 2016
M
Cross-site Scripting (XSS)
org.springframework:spring-webmvc
[3.0.0.RELEASE,3.2.8.RELEASE)
[4.0.0.RELEASE,4.0.2.RELEASE)
Maven
25 Dec 2016
M
Information Exposure
org.springframework:spring-webmvc
[4.3.0.RELEASE,4.3.18.RELEASE)
[5.0.0.RELEASE,5.0.7.RELEASE)
Maven
25 Dec 2016
H
Authentication Bypass
org.springframework:spring-webmvc
[3.2.0.RELEASE,4.3.1.RELEASE)
Maven
11 Jul 2016
M
Improper Input Validation
org.springframework/spring-webmvc
*
rhel:7
26 Nov 2024
M
Improper Input Validation
org.springframework/spring-webmvc
*
rhel:8
26 Nov 2024
M
Improper Input Validation
org.springframework/spring-webmvc
*
rhel:9
26 Nov 2024
H
Directory Traversal
org.springframework/spring-webmvc
*
rhel:8
17 Sept 2024
H
Directory Traversal
org.springframework/spring-webmvc
*
rhel:9
17 Sept 2024
H
Directory Traversal
org.springframework/spring-webmvc
*
rhel:7
17 Sept 2024
L
Improper Handling of Case Sensitivity
org.springframework:spring-websocket
[,6.1.14)
Maven
18 Oct 2024
M
Insufficiently Random Session ID
org.springframework:spring-websocket
[4.1.0.RELEASE,4.1.5.RELEASE)
Maven
25 Dec 2016
M
Insertion of Sensitive Information into Log File
org.springframework.vault:spring-vault-core
[,2.3.3)
[3.0.0,3.0.2)
Maven
24 Mar 2023
M
Insecure Defaults
org.springframework.webflow:spring-webflow
[,2.4.6.RELEASE)
Maven
28 Nov 2017
M
Insecure Defaults
org.springframework.webflow:spring-webflow
[,2.4.5.RELEASE)
Maven
7 Jun 2017
C
XML External Entity (XXE) Injection
org.springframework.ws:spring-ws-core
[,2.4.4.RELEASE)
[3.0.0.RELEASE,3.0.6.RELEASE)
Maven
16 Jan 2019
C
XML External Entity (XXE) Injection
org.springframework.ws:spring-xml
[,2.4.4.RELEASE)
[3.0.0.RELEASE,3.0.6.RELEASE)
Maven
16 Jan 2019
M
Cross-site Scripting (XSS)
org.thymeleaf.extras:thymeleaf-extras-springsecurity5
[,3.1.0.M1)
Maven
12 Aug 2020
H
Remote Code Execution
org.thymeleaf:thymeleaf-spring5
[,3.0.13.RELEASE)
Maven
11 Nov 2021
C
Malicious Package
react-spring-latest
*
npm
20 Jan 2025
