Vulnerability DB

VULNERABILITY	AFFECTS	TYPE	PUBLISHED
M Allocation of Resources Without Limits or Throttling	org.springframework:spring-expression[,5.2.23.RELEASE)[5.3.0,5.3.26)[6.0.0,6.0.7)	Maven	23 Mar 2023
M Denial of Service (DoS)	org.springframework:spring-expression[,5.2.20.RELEASE)[5.3.0,5.3.17)	Maven	29 Mar 2022
L Denial of Service (DoS)	org.springframework:spring-jms[3.2.11.RELEASE,3.2.14.RELEASE)[4.0.7.RELEASE,4.1.7.RELEASE)	Maven	6 Nov 2015
M Denial of Service (DoS)	org.springframework:spring-messaging[,5.2.22.RELEASE)[5.3.0,5.3.20)	Maven	12 May 2022
M Regular Expression Denial of Service (ReDoS)	org.springframework:spring-messaging[4.3.0.RELEASE,4.3.17.RELEASE)[5.0.0.RELEASE,5.0.6.RELEASE)	Maven	10 May 2018
C Arbitrary Code Execution	org.springframework:spring-messaging[,4.3.16.RELEASE)[5.0.0.RELEASE, 5.0.5.RELEASE)	Maven	16 Apr 2018
C Arbitrary Code Execution	org.springframework:spring-messaging[,4.3.16.RELEASE)[5.0.0.RELEASE,5.0.5.RELEASE)	Maven	9 Apr 2018
M Denial of Service (DoS)	org.springframework:spring-oxm[3.2.0.RELEASE, 3.2.14.RELEASE)[4.0.0.RELEASE, 4.1.7.RELEASE)	Maven	25 Dec 2016
H XML External Entity (XXE) Injection	org.springframework:spring-oxm[3.0.0.RELEASE,3.2.9.RELEASE)[4.0.0.RELEASE,4.0.5.RELEASE)	Maven	25 Dec 2016
M XML External Entity (XXE) Injection	org.springframework:spring-oxm[3.0.0.RELEASE,3.2.3.RELEASE)[4.0.0.RELEASE,4.0.1.RELEASE)	Maven	25 Dec 2016
M HTTP Response Splitting	org.springframework:spring-web[6.0.5,6.1.21)[6.2.0,6.2.8)	Maven	13 Jun 2025
L Improper Handling of Case Sensitivity	org.springframework:spring-web[,6.1.14)	Maven	18 Oct 2024
M Denial of Service (DoS)	org.springframework:spring-web[,5.3.38)[6.0.0, 6.0.23)[6.1.0, 6.1.12)	Maven	15 Aug 2024
M Open Redirect	org.springframework:spring-web[,5.3.34)[6.0.0, 6.0.19)[6.1.0, 6.1.6)	Maven	12 Apr 2024
H Open Redirect	org.springframework:spring-web[,5.3.33)[6.0.0, 6.0.18)[6.1.0, 6.1.5)	Maven	15 Mar 2024
H Open Redirect	org.springframework:spring-web[,5.3.32)[6.0.0,6.0.17)[6.1.0,6.1.4)	Maven	22 Feb 2024
M Denial of Service (DoS)	org.springframework:spring-web[6.0.0,6.0.14)	Maven	28 Nov 2023
M Privilege Escalation	org.springframework:spring-web[5.3.0,5.3.7)[5.0.0.RELEASE,5.2.15.RELEASE)	Maven	26 May 2021
H Improper Input Validation	org.springframework:spring-web[3.2.0.RELEASE,4.3.29.RELEASE)[5.0.0.RELEASE, 5.0.19.RELEASE)[5.1.0.RELEASE, 5.1.18.RELEASE)[5.2.0.RELEASE, 5.2.9.RELEASE)	Maven	18 Sept 2020
H Reflected File Download (RFD)	org.springframework:spring-web[5.2.0, 5.2.3)[5.1.0, 5.1.13)[5.0.0, 5.0.16)	Maven	22 Jan 2020
L Denial of Service (DoS)	org.springframework:spring-web[4.2.0.RELEASE, 4.3.20.RELEASE)[5.0.0.RELEASE, 5.0.10.RELEASE)[5.1.0.RELEASE, 5.1.1.RELEASE)	Maven	18 Oct 2018
H Reflected File Download	org.springframework:spring-web[3.2.0.RELEASE, 3.2.15.RELEASE)[4.0.0.RELEASE, 4.1.8.RELEASE)[4.2.0.RELEASE, 4.2.2.RELEASE)	Maven	25 Dec 2016
M Denial of Service (DoS)	org.springframework:spring-web[3.2.0.RELEASE, 3.2.14.RELEASE)[4.0.0.RELEASE, 4.1.7.RELEASE)	Maven	25 Dec 2016
H XML External Entity (XXE) Injection	org.springframework:spring-web[3.0.0.RELEASE,3.2.9.RELEASE)[4.0.0.RELEASE,4.0.5.RELEASE)	Maven	25 Dec 2016
M Cross-Site Tracing (XST)	org.springframework:spring-web[4.3.0.RELEASE, 4.3.18.RELEASE)[5.0.0.RELEASE, 5.0.7.RELEASE)	Maven	25 Dec 2016
M Information Exposure	org.springframework:spring-web[4.3.0.RELEASE,4.3.18.RELEASE)[5.0.0.RELEASE,5.0.7.RELEASE)	Maven	25 Dec 2016
L Cross-site Scripting (XSS)	org.springframework:spring-web[3.0.0.RELEASE, 3.2.2.RELEASE)	Maven	25 Dec 2016
M XML External Entity (XXE) Injection	org.springframework:spring-web[3.0.0.RELEASE,3.2.4.RELEASE)[4.0.0.RELEASE,4.0.1.RELEASE)	Maven	25 Dec 2016
M XML External Entity (XXE) Injection	org.springframework:spring-web[3,3.2.4)[4-alpha,4.0.0.M2)	Maven	25 Dec 2016
M Cross-site Request Forgery (CSRF)	org.springframework:spring-web[3.0.0.RELEASE,3.2.8.RELEASE)[4.0.0.RELEASE,4.0.2.RELEASE)	Maven	6 Jun 2014

APPLICATION

OPERATING SYSTEM