Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • M
XML External Entity (XXE) Injection		org.springframework:spring-web[3.0.0.RELEASE, 3.2.4.RELEASE)Maven22 Aug 2013
  • H
Expression Language Injection		org.springframework:spring-web[,2.5.6.SEC03)[3.0.0.RELEASE,3.0.6.RELEASE)Maven9 Sept 2011
  • H
Path Traversal		org.springframework:spring-webflux[,6.1.14)Maven18 Oct 2024
  • L
Improper Handling of Case Sensitivity		org.springframework:spring-webflux[,6.1.14)Maven18 Oct 2024
  • H
Path Traversal		org.springframework:spring-webflux[,6.1.13)Maven13 Sept 2024
  • M
Improper Output Neutralization for Logs		org.springframework:spring-webflux[5.3.0,5.3.12)[,5.2.18)Maven27 Oct 2021
  • M
Cross-Site Request Forgery (CSRF)		org.springframework:spring-webflux[5.2.0, 5.2.3)Maven22 Jan 2020
  • M
Denial of Service (DoS)		org.springframework:spring-webmvc[,6.0.0)Maven19 Nov 2024
  • H
Path Traversal		org.springframework:spring-webmvc[,6.1.14)Maven18 Oct 2024
  • L
Improper Handling of Case Sensitivity		org.springframework:spring-webmvc[,6.1.14)Maven18 Oct 2024
  • H
Path Traversal		org.springframework:spring-webmvc[,6.1.13)Maven13 Sept 2024
  • C
Improper Access Control		org.springframework:spring-webmvc[5.3.0,5.3.26)[6.0.0,6.0.7)Maven23 Mar 2023
  • M
Cross-Site Request Forgery (CSRF)		org.springframework:spring-webmvc[5.2.0, 5.2.3)Maven22 Jan 2020
  • M
Multipart Content Pollution		org.springframework:spring-webmvc[4.3.0.RELEASE, 4.3.14.RELEASE)[5.0.0.RELEASE, 5.0.5.RELEASE)Maven9 Apr 2018
  • M
Directory Traversal		org.springframework:spring-webmvc[,4.3.15.RELEASE)[5.0.0.RELEASE,5.0.5.RELEASE)Maven9 Apr 2018
  • M
Cross-site Scripting (XSS)		org.springframework:spring-webmvc[,3.0.6.RELEASE)Maven20 Sept 2017
  • H
Directory Traversal		org.springframework:spring-webmvc[1.2.1,3.2.18.RELEASE)[4.2.0.RELEASE,4.2.9.RELEASE)[4.3.0.RELEASE,4.3.5.RELEASE)Maven28 Dec 2016
  • M
Directory Traversal		org.springframework:spring-webmvc[3.2.0.RELEASE,3.2.12.RELEASE)[4.0.0.RELEASE,4.0.8.RELEASE)[4.1.0.RELEASE,4.1.2.RELEASE)Maven25 Dec 2016
  • M
Cross-site Scripting (XSS)		org.springframework:spring-webmvc[3.0.0.RELEASE,3.2.8.RELEASE)[4.0.0.RELEASE,4.0.2.RELEASE)Maven25 Dec 2016
  • M
Information Exposure		org.springframework:spring-webmvc[4.3.0.RELEASE,4.3.18.RELEASE)[5.0.0.RELEASE,5.0.7.RELEASE)Maven25 Dec 2016
  • H
Authentication Bypass		org.springframework:spring-webmvc[3.2.0.RELEASE,4.3.1.RELEASE)Maven11 Jul 2016
  • L
Improper Handling of Case Sensitivity		org.springframework:spring-websocket[,6.1.14)Maven18 Oct 2024
  • M
Insufficiently Random Session ID		org.springframework:spring-websocket[4.1.0.RELEASE,4.1.5.RELEASE)Maven25 Dec 2016
  • M
Insertion of Sensitive Information into Log File		org.springframework.vault:spring-vault-core[,2.3.3)[3.0.0,3.0.2)Maven24 Mar 2023
  • M
Insecure Defaults		org.springframework.webflow:spring-webflow[,2.4.6.RELEASE)Maven28 Nov 2017
  • M
Insecure Defaults		org.springframework.webflow:spring-webflow[,2.4.5.RELEASE)Maven7 Jun 2017
  • C
XML External Entity (XXE) Injection		org.springframework.ws:spring-ws-core[,2.4.4.RELEASE)[3.0.0.RELEASE,3.0.6.RELEASE)Maven16 Jan 2019
  • C
XML External Entity (XXE) Injection		org.springframework.ws:spring-xml[,2.4.4.RELEASE)[3.0.0.RELEASE,3.0.6.RELEASE)Maven16 Jan 2019