Skip to main content

Spring Framework

58 CVEs product

Monthly

CVE-2026-41855 CRITICAL PATCH Act Now

Unsafe JSON deserialization in Spring Framework's JMS message converters (MappingJackson2MessageConverter and JacksonJsonMessageConverter) lets an attacker who controls JMS message content instantiate arbitrary classes, enabling gadget-chain attacks that can escalate to unauthorized actions or remote code execution. It affects Spring Framework 5.3.0-5.3.48, 6.1.0-6.1.27, 6.2.0-6.2.18, and 7.0.0-7.0.7 when applications consume messages from an untrusted JMS source. There is no public exploit identified at time of analysis, and despite a 9.8 CVSS the EPSS probability is only 0.04% and CISA SSVC rates exploitation as 'none'.

Deserialization Java Spring Framework
NVD HeroDevs VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-41854 MEDIUM PATCH This Month

Server-side request forgery (SSRF) in Spring Framework's UriComponentsBuilder affects applications that use this API to parse and validate externally supplied URL strings. Incorrect host parsing allows a remote, unauthenticated attacker - with user interaction - to cause the application server to issue requests to unintended internal or external destinations, exposing low-level confidentiality and integrity impacts. No public exploit identified at time of analysis and no CISA KEV listing; however, SSRF in widely deployed Java frameworks warrants attention in any internet-facing application that processes user-controlled URLs.

Java SSRF Spring Framework
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-41853 MEDIUM PATCH This Month

Multipart request smuggling in Spring Framework's MVC and WebFlux components exposes applications to HTTP request manipulation via CWE-444. Unauthenticated remote attackers (AV:N/AC:L/PR:N/UI:N per CVSS) can exploit inconsistent multipart boundary parsing to smuggle malformed HTTP requests, achieving low-integrity impact against affected deployments. No public exploit code and no CISA KEV listing have been identified at time of analysis; however, the zero-prerequisite attack profile and broad version coverage across four major Spring branches (5.3.x, 6.1.x, 6.2.x, 7.0.x) make this relevant to any Java shop running Spring MVC or WebFlux with multipart upload handling enabled.

Information Disclosure Java Request Smuggling Spring Framework
NVD HeroDevs VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-41852 MEDIUM PATCH This Month

Spring Expression Language (SpEL) evaluation logic in Spring Framework 5.3.x through 7.0.x fails to enforce method invocation restrictions in read-only or restricted contexts, allowing remote unauthenticated attackers (CVSS PR:N, AV:N) to invoke arbitrary zero-argument methods and trigger unintended application logic. Scored LOW (3.7) with only availability impact per CVSS (A:L), though the 'Authentication Bypass' tag and CWE-863 (Incorrect Authorization) suggest the authorization bypass itself may have broader implications not fully reflected in the score. No public exploit identified at time of analysis and no CISA KEV listing, but the wide version range across four active Spring Framework release trains represents significant ecosystem exposure.

Authentication Bypass Java Spring Framework
NVD HeroDevs VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-41851 HIGH PATCH This Week

Denial of service in VMware's Spring Framework (versions 5.3.0-5.3.48, 6.1.0-6.1.27, 6.2.0-6.2.18, and 7.0.0-7.0.7) lets remote attackers exhaust memory in applications that evaluate user-supplied Spring Expression Language (SpEL) expressions, where crafted expressions trigger unbounded internal cache growth. No authentication or user interaction is required per the CVSS vector (PR:N/UI:N), and the impact is availability-only (C:N/I:N/A:H). There is no public exploit identified at time of analysis, and the EPSS probability is very low (0.01%, 2nd percentile), though CISA's SSVC framework flags the issue as automatable.

Denial Of Service Java Spring Framework
NVD HeroDevs VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-41850 HIGH PATCH This Week

Algorithmic denial of service in Spring Framework SpEL evaluation allows remote unauthenticated attackers to exhaust CPU/memory resources by submitting specially crafted Spring Expression Language expressions, degrading or crashing affected applications. Impacts Spring Framework 5.3.x through 7.0.x in any application that evaluates user-supplied SpEL. No public exploit identified at time of analysis, and the CVSS 7.5 score reflects high availability impact with no confidentiality or integrity compromise.

Denial Of Service Java Spring Framework
NVD HeroDevs VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-41848 HIGH PATCH This Week

Denial of service in Spring Framework's AntPathMatcher allows remote unauthenticated attackers to exhaust CPU resources via Regular Expression Denial of Service (ReDoS) when attacker-controlled patterns are passed to match(), matchStart(), or extractUriTemplateVariables(). Affects Spring Framework 5.3.0-5.3.48, 6.1.0-6.1.27, 6.2.0-6.2.18, and 7.0.0-7.0.7. No public exploit identified at time of analysis, EPSS is very low (0.01%, 2nd percentile), and SSVC indicates no observed exploitation.

Denial Of Service Java Spring Framework
NVD HeroDevs VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-41846 MEDIUM PATCH This Month

Cross-site scripting (XSS) in Spring Framework's MVC JSP form tags allows unauthenticated remote attackers to inject arbitrary HTML or JavaScript into rendered pages by supplying malicious values through the cssClass, cssErrorClass, or cssStyle tag attributes. Applications across four active Spring Framework release lines (5.3.x through 7.0.x) are affected when they pass user-controlled input directly into these tag attributes. No public exploit code has been identified at time of analysis, and CISA has not listed this CVE in the Known Exploited Vulnerabilities catalog, but the broad installed base of Spring MVC in enterprise Java environments and the high confidentiality impact (session hijacking, credential theft) warrant prompt patching.

XSS Java Spring Framework
NVD HeroDevs VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-41845 MEDIUM PATCH This Month

Cross-site scripting in Spring Framework versions 5.3.0-5.3.48, 6.1.0-6.1.27, 6.2.0-6.2.18, and 7.0.0-7.0.7 allows remote attackers to inject JavaScript into victim browsers when applications rely on JavaScriptUtils.javaScriptEscape() for output encoding. The flaw stems from incomplete escaping in this utility method, and successful exploitation requires user interaction (UI:R) such as visiting a crafted page. No public exploit has been identified at time of analysis and the issue is not in CISA KEV.

XSS Java Spring Framework
NVD HeroDevs VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-41844 MEDIUM PATCH This Month

Open redirect in Spring Framework (Spring MVC and Spring WebFlux) across four major version branches enables unauthenticated remote attackers to craft URLs that cause the application to issue a 302 HTTP redirect to an arbitrary attacker-controlled external host. The vulnerability is conditionally exploitable - requiring a catch-all wildcard route mapping without an explicit view name - and demands user interaction to trigger. CVSS rates this 4.2 Medium (AV:N/AC:H/PR:N/UI:R); no public exploit code or CISA KEV listing has been identified at time of analysis.

Open Redirect Java Spring Framework
NVD HeroDevs VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-41843 MEDIUM PATCH This Month

Path traversal in Spring Framework's static resource resolution exposes arbitrary server files to unauthenticated remote attackers across both Spring MVC and Spring WebFlux stacks. Four major release lines - 5.3.x, 6.1.x, 6.2.x, and 7.0.x - are affected, making this a broad-surface issue for the Java ecosystem. The CVSS vector confirms unauthenticated network access with high confidentiality impact, though the AC:H designation indicates non-trivial exploit conditions; no public exploit has been identified at time of analysis and the vulnerability is not listed in CISA KEV.

Path Traversal Java Spring Framework
NVD HeroDevs VulDB
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-41842 HIGH PATCH This Week

Denial of service in Spring Framework's Spring MVC and WebFlux static resource resolution allows remote unauthenticated attackers to exhaust application resources, affecting versions 5.3.0-5.3.48, 6.1.0-6.1.27, 6.2.0-6.2.18, and 7.0.0-7.0.7. The CVSS 7.5 score reflects high-impact availability damage over the network with no privileges or user interaction, and at time of analysis no public exploit identified at time of analysis. The flaw was reported by VMware (Spring's maintainer) and is tracked under the official Spring Security advisory.

Denial Of Service Java Spring Framework
NVD HeroDevs VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-41841 MEDIUM PATCH This Month

Information disclosure in Spring Framework's static resource resolution affects Spring MVC and WebFlux applications across four active release lines (5.3.x, 6.1.x, 6.2.x, and 7.0.x). Unauthenticated remote attackers exploiting this flaw can access sensitive cached content served through the static resource handling pipeline, achieving high confidentiality impact. No public exploit code or CISA KEV listing has been identified at time of analysis, and the AC:H vector indicates exploitation requires specific conditions beyond default network access.

Information Disclosure Java Spring Framework
NVD HeroDevs VulDB
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-41840 MEDIUM PATCH This Month

Denial of Service in Spring WebFlux's multipart request processing allows unauthenticated remote attackers to exhaust server resources across all supported Spring Framework branches. Affects Spring Framework 5.3.x through 7.0.x when applications use the reactive WebFlux stack and expose endpoints that accept multipart data. No public exploit code has been identified at time of analysis, and CISA KEV listing is absent, but the network-reachable, zero-privilege attack surface warrants prompt patching for internet-facing WebFlux deployments.

Denial Of Service Java Spring Framework
NVD HeroDevs VulDB
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-41839 MEDIUM PATCH This Month

Session fixation in Spring Framework's WebFlux reactive stack (versions 5.3.x through 7.0.x) enables a remote attacker to hijack an authenticated user's session by leveraging a compromised subdomain - typically via cross-site scripting - to plant a known session ID and exchange it for the victim's authenticated session post-login. The attack is classified as CWE-384 and requires both a prior subdomain compromise and user interaction, placing real-world exploitability well below the headline concern for most deployments. No public exploit code and no CISA KEV listing have been identified at time of analysis.

XSS Session Fixation Java Spring Framework
NVD HeroDevs VulDB
CVSS 3.1
4.2
EPSS
0.0%
CVE-2026-41838 HIGH PATCH This Week

Predictable WebSocket session IDs in Spring Framework's spring-websocket module allow remote attackers to guess or forge session identifiers and, when paired with weak authorization rules, hijack or interact with other users' WebSocket sessions. The flaw affects Spring Framework 5.3.x, 6.1.x, 6.2.x, and 7.0.x prior to patched releases; no public exploit identified at time of analysis and EPSS is very low (0.03%).

Information Disclosure Java Spring Framework
NVD VulDB HeroDevs
CVSS 3.1
7.5
EPSS
0.0%
CVE-2024-38820 Maven MEDIUM PATCH This Month

The fix for CVE-2022-22968 made disallowedFields patterns in DataBinder case insensitive. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Spring Framework
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2024-38808 Maven MEDIUM PATCH This Month

In Spring Framework versions 5.3.0 - 5.3.38 and older unsupported versions, it is possible for a user to provide a specially crafted Spring Expression Language (SpEL) expression that may cause a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Denial Of Service Spring Framework Active Iq Unified Manager Oncommand Insight
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2024-22259 Maven HIGH PATCH This Week

Applications that use UriComponentsBuilder in Spring Framework to parse an externally provided URL (e.g. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Java Open Redirect Spring Framework Active Iq Unified Manager
NVD
CVSS 3.1
8.1
EPSS
2.6%
CVE-2024-22233 Maven HIGH PATCH This Week

In Spring Framework versions 6.0.15 and 6.1.2, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Denial Of Service Spring Framework
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2023-34053 Maven HIGH PATCH This Week

In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Information Disclosure Spring Framework
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2023-20863 Maven MEDIUM PATCH This Month

In spring framework versions prior to 5.2.24 release+ ,5.3.27+ and 6.0.8+ , it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service (DoS) condition. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Denial Of Service Spring Framework
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-20860 Maven HIGH PATCH This Week

Spring Framework running version 6.0.0 - 6.0.6 or 5.3.0 - 5.3.25 using "**" as a pattern in Spring Security configuration with the mvcRequestMatcher creates a mismatch in pattern matching between. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Authentication Bypass Spring Framework
NVD
CVSS 3.1
7.5
EPSS
3.5%
CVE-2023-20861 Maven MEDIUM PATCH This Month

In Spring Framework versions 6.0.0 - 6.0.6, 5.3.0 - 5.3.25, 5.2.0.RELEASE - 5.2.22.RELEASE, and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Denial Of Service Spring Framework
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2022-22971 Maven MEDIUM PATCH This Month

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Java Spring Framework Financial Services Crime And Compliance Management Studio Cloud Secure Agent +1
NVD
CVSS 3.1
6.5
EPSS
3.1%
CVE-2022-22970 Maven MEDIUM PATCH This Month

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Java Spring Framework Financial Services Crime And Compliance Management Studio Active Iq Unified Manager +3
NVD
CVSS 3.1
5.3
EPSS
2.0%
CVE-2022-22968 Maven MEDIUM PATCH This Month

In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions, the patterns for disallowedFields on a DataBinder are case sensitive which means a field is not. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Information Disclosure Spring Framework Active Iq Unified Manager Cloud Secure Agent +4
NVD
CVSS 3.1
5.3
EPSS
5.7%
CVE-2022-22965 Maven CRITICAL POC KEV PATCH THREAT Act Now

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Java RCE Code Injection Tomcat Spring Framework +37
NVD
CVSS 3.1
9.8
EPSS
99.7%
CVE-2022-22950 Maven MEDIUM PATCH This Month

n Spring Framework versions 5.3.0 - 5.3.16 and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial of service condition. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Java Spring Framework
NVD
CVSS 3.1
6.5
EPSS
35.8%
CVE-2021-22096 Maven MEDIUM PATCH This Month

In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Java Spring Framework Active Iq Unified Manager Management Services For Element Software And Netapp Hci +5
NVD
CVSS 3.1
4.3
EPSS
1.3%
CVE-2021-22118 Maven HIGH PATCH This Week

In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Java Spring Framework Commerce Guided Search Communications Brm Elastic Charging Engine +29
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-5421 Maven MEDIUM PATCH This Month

In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable.

Java Authentication Bypass Spring Framework Commerce Guided Search Communications Brm +35
NVD
CVSS 3.1
6.5
EPSS
10.7%
CVE-2020-5397 Maven MEDIUM POC PATCH This Month

Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Google Java CSRF Spring Framework Application Testing Suite +25
NVD
CVSS 3.1
5.3
EPSS
2.4%
CVE-2020-5398 Maven HIGH PATCH This Week

In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Java Spring Framework Application Testing Suite Communications Billing And Revenue Management Elastic Charging Engine +30
NVD
CVSS 3.1
7.5
EPSS
88.1%
CVE-2018-15801 Maven HIGH PATCH This Week

Spring Security versions 5.1.x prior to 5.1.2 contain an authorization bypass vulnerability during JWT issuer validation. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Authentication Bypass Spring Framework
NVD
CVSS 3.1
7.4
EPSS
0.7%
CVE-2018-15756 Maven HIGH PATCH This Week

Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Denial Of Service Spring Framework Agile Plm Communications Brm Elastic Charging Engine +37
NVD
CVSS 3.1
7.5
EPSS
9.5%
CVE-2018-11040 Maven HIGH PATCH This Week

Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Information Disclosure Spring Framework Agile Product Lifecycle Management Application Testing Suite +25
NVD
CVSS 3.1
7.5
EPSS
3.2%
CVE-2018-11039 Maven MEDIUM PATCH This Month

Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applications to change the HTTP request method to any HTTP method (including. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Java XSS Spring Framework Agile Plm Application Testing Suite +30
NVD
CVSS 3.1
5.9
EPSS
2.8%
CVE-2018-1258 Maven HIGH PATCH This Week

Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Java Authentication Bypass Spring Security Spring Framework Agile Plm +39
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2018-1257 Maven MEDIUM PATCH This Month

Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Java Denial Of Service Spring Framework Openshift Agile Product Lifecycle Management +27
NVD
CVSS 3.1
6.5
EPSS
3.3%
CVE-2018-1275 Maven CRITICAL PATCH Act Now

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Java Code Injection RCE Spring Framework Application Testing Suite +17
NVD
CVSS 3.1
9.8
EPSS
57.6%
CVE-2018-1272 Maven HIGH PATCH This Week

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, provide client-side support for multipart requests. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Java Privilege Escalation Spring Framework Application Testing Suite Big Data Discovery +22
NVD
CVSS 3.1
7.5
EPSS
3.1%
CVE-2018-1271 Maven MEDIUM POC PATCH THREAT This Month

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources (e.g. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Java Microsoft Path Traversal Spring Framework Application Testing Suite +26
NVD
CVSS 3.1
5.9
EPSS
35.7%
CVE-2018-1270 Maven CRITICAL POC PATCH THREAT Act Now

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Java Code Injection RCE Spring Framework Application Testing Suite +26
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
77.2%
CVE-2018-1199 Maven MEDIUM PATCH This Month

Spring Security (Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before 4.3.14 and 5.0.x before 5.0.3) does not consider URL path parameters. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Authentication Bypass Spring Framework Spring Security Fuse +2
NVD
CVSS 3.1
5.3
EPSS
2.9%
CVE-2016-5007 Maven HIGH PATCH This Week

Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2.x, 4.0.x, 4.1.x, 4.2.x rely on URL pattern mappings for authorization and for mapping requests to controllers respectively. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Privilege Escalation Spring Framework Spring Security
NVD
CVSS 3.0
7.5
EPSS
0.2%
CVE-2015-5211 Maven CRITICAL POC PATCH Act Now

Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and older unsupported versions is vulnerable to a Reflected File Download (RFD) attack. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Java Information Disclosure Spring Framework Debian Linux
NVD
CVSS 3.1
9.6
EPSS
1.9%
CVE-2014-0225 Maven HIGH PATCH This Week

When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

XXE Java Spring Framework
NVD
CVSS 3.0
8.8
EPSS
0.2%
CVE-2016-9878 Maven HIGH PATCH This Week

An issue was discovered in Pivotal Spring Framework before 3.2.18, 4.2.x before 4.2.9, and 4.3.x before 4.3.5. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Java Spring Framework
NVD
CVSS 3.0
7.5
EPSS
4.9%
CVE-2015-3192 Maven MEDIUM PATCH This Month

Pivotal Spring Framework before 3.2.14 and 4.x before 4.1.7 do not properly process inline DTD declarations when DTD is not entirely disabled, which allows remote attackers to cause a denial of. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Buffer Overflow Java Spring Framework Fedora
NVD
CVSS 3.0
5.5
EPSS
1.4%
CVE-2015-0201 Maven MEDIUM PATCH This Month

The Java SockJS client in Pivotal Spring Framework 4.1.x before 4.1.5 generates predictable session ids, which allows remote attackers to send messages to other sessions via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Java Spring Framework
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2014-3578 Maven MEDIUM PATCH This Month

Directory traversal vulnerability in Pivotal Spring Framework 3.x before 3.2.9 and 4.0 before 4.0.5 allows remote attackers to read arbitrary files via a crafted URL. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Java Spring Framework
NVD
CVSS 2.0
5.0
EPSS
4.4%
CVE-2014-3625 Maven MEDIUM PATCH This Month

Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 through 3.2.x before 3.2.12, 4.0.x before 4.0.8, and 4.1.x before 4.1.2 allows remote attackers to read arbitrary files via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.0%.

Path Traversal Java Spring Framework
NVD
CVSS 2.0
5.0
EPSS
17.0%
CVE-2014-0054 Maven MEDIUM PATCH This Month

The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Framework before 3.2.8 and 4.0.0 before 4.0.2 does not disable external entity resolution, which allows remote attackers to read. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF XXE Denial Of Service Java Spring Framework
NVD VulDB
CVSS 2.0
6.8
EPSS
2.5%
CVE-2014-1904 Maven MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Java Spring Framework
NVD GitHub VulDB
CVSS 2.0
4.3
EPSS
1.8%
CVE-2013-6429 Maven MEDIUM PATCH This Month

The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Epss exploitation probability 38.7%.

CSRF Denial Of Service Java XXE Spring Framework
NVD
CVSS 2.0
6.8
EPSS
38.7%
CVE-2013-7315 Maven MEDIUM POC PATCH This Month

The Spring MVC in Spring Framework before 3.2.4 and 4.0.0.M1 through 4.0.0.M2 does not disable external entity resolution for the StAX XMLInputFactory, which allows context-dependent attackers to. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

CSRF Privilege Escalation Java Denial Of Service XXE +1
NVD
CVSS 2.0
6.8
EPSS
0.2%
CVE-2013-4152 Maven MEDIUM POC PATCH THREAT This Month

The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 72.3%.

CSRF Privilege Escalation Java Denial Of Service XXE +1
NVD GitHub
CVSS 2.0
6.8
EPSS
72.3%
Threat
5.0
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Unsafe JSON deserialization in Spring Framework's JMS message converters (MappingJackson2MessageConverter and JacksonJsonMessageConverter) lets an attacker who controls JMS message content instantiate arbitrary classes, enabling gadget-chain attacks that can escalate to unauthorized actions or remote code execution. It affects Spring Framework 5.3.0-5.3.48, 6.1.0-6.1.27, 6.2.0-6.2.18, and 7.0.0-7.0.7 when applications consume messages from an untrusted JMS source. There is no public exploit identified at time of analysis, and despite a 9.8 CVSS the EPSS probability is only 0.04% and CISA SSVC rates exploitation as 'none'.

Deserialization Java Spring Framework
NVD HeroDevs VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Server-side request forgery (SSRF) in Spring Framework's UriComponentsBuilder affects applications that use this API to parse and validate externally supplied URL strings. Incorrect host parsing allows a remote, unauthenticated attacker - with user interaction - to cause the application server to issue requests to unintended internal or external destinations, exposing low-level confidentiality and integrity impacts. No public exploit identified at time of analysis and no CISA KEV listing; however, SSRF in widely deployed Java frameworks warrants attention in any internet-facing application that processes user-controlled URLs.

Java SSRF Spring Framework
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Multipart request smuggling in Spring Framework's MVC and WebFlux components exposes applications to HTTP request manipulation via CWE-444. Unauthenticated remote attackers (AV:N/AC:L/PR:N/UI:N per CVSS) can exploit inconsistent multipart boundary parsing to smuggle malformed HTTP requests, achieving low-integrity impact against affected deployments. No public exploit code and no CISA KEV listing have been identified at time of analysis; however, the zero-prerequisite attack profile and broad version coverage across four major Spring branches (5.3.x, 6.1.x, 6.2.x, 7.0.x) make this relevant to any Java shop running Spring MVC or WebFlux with multipart upload handling enabled.

Information Disclosure Java Request Smuggling +1
NVD HeroDevs VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Spring Expression Language (SpEL) evaluation logic in Spring Framework 5.3.x through 7.0.x fails to enforce method invocation restrictions in read-only or restricted contexts, allowing remote unauthenticated attackers (CVSS PR:N, AV:N) to invoke arbitrary zero-argument methods and trigger unintended application logic. Scored LOW (3.7) with only availability impact per CVSS (A:L), though the 'Authentication Bypass' tag and CWE-863 (Incorrect Authorization) suggest the authorization bypass itself may have broader implications not fully reflected in the score. No public exploit identified at time of analysis and no CISA KEV listing, but the wide version range across four active Spring Framework release trains represents significant ecosystem exposure.

Authentication Bypass Java Spring Framework
NVD HeroDevs VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial of service in VMware's Spring Framework (versions 5.3.0-5.3.48, 6.1.0-6.1.27, 6.2.0-6.2.18, and 7.0.0-7.0.7) lets remote attackers exhaust memory in applications that evaluate user-supplied Spring Expression Language (SpEL) expressions, where crafted expressions trigger unbounded internal cache growth. No authentication or user interaction is required per the CVSS vector (PR:N/UI:N), and the impact is availability-only (C:N/I:N/A:H). There is no public exploit identified at time of analysis, and the EPSS probability is very low (0.01%, 2nd percentile), though CISA's SSVC framework flags the issue as automatable.

Denial Of Service Java Spring Framework
NVD HeroDevs VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Algorithmic denial of service in Spring Framework SpEL evaluation allows remote unauthenticated attackers to exhaust CPU/memory resources by submitting specially crafted Spring Expression Language expressions, degrading or crashing affected applications. Impacts Spring Framework 5.3.x through 7.0.x in any application that evaluates user-supplied SpEL. No public exploit identified at time of analysis, and the CVSS 7.5 score reflects high availability impact with no confidentiality or integrity compromise.

Denial Of Service Java Spring Framework
NVD HeroDevs VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial of service in Spring Framework's AntPathMatcher allows remote unauthenticated attackers to exhaust CPU resources via Regular Expression Denial of Service (ReDoS) when attacker-controlled patterns are passed to match(), matchStart(), or extractUriTemplateVariables(). Affects Spring Framework 5.3.0-5.3.48, 6.1.0-6.1.27, 6.2.0-6.2.18, and 7.0.0-7.0.7. No public exploit identified at time of analysis, EPSS is very low (0.01%, 2nd percentile), and SSVC indicates no observed exploitation.

Denial Of Service Java Spring Framework
NVD HeroDevs VulDB
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Cross-site scripting (XSS) in Spring Framework's MVC JSP form tags allows unauthenticated remote attackers to inject arbitrary HTML or JavaScript into rendered pages by supplying malicious values through the cssClass, cssErrorClass, or cssStyle tag attributes. Applications across four active Spring Framework release lines (5.3.x through 7.0.x) are affected when they pass user-controlled input directly into these tag attributes. No public exploit code has been identified at time of analysis, and CISA has not listed this CVE in the Known Exploited Vulnerabilities catalog, but the broad installed base of Spring MVC in enterprise Java environments and the high confidentiality impact (session hijacking, credential theft) warrant prompt patching.

XSS Java Spring Framework
NVD HeroDevs VulDB
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Cross-site scripting in Spring Framework versions 5.3.0-5.3.48, 6.1.0-6.1.27, 6.2.0-6.2.18, and 7.0.0-7.0.7 allows remote attackers to inject JavaScript into victim browsers when applications rely on JavaScriptUtils.javaScriptEscape() for output encoding. The flaw stems from incomplete escaping in this utility method, and successful exploitation requires user interaction (UI:R) such as visiting a crafted page. No public exploit has been identified at time of analysis and the issue is not in CISA KEV.

XSS Java Spring Framework
NVD HeroDevs VulDB
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Open redirect in Spring Framework (Spring MVC and Spring WebFlux) across four major version branches enables unauthenticated remote attackers to craft URLs that cause the application to issue a 302 HTTP redirect to an arbitrary attacker-controlled external host. The vulnerability is conditionally exploitable - requiring a catch-all wildcard route mapping without an explicit view name - and demands user interaction to trigger. CVSS rates this 4.2 Medium (AV:N/AC:H/PR:N/UI:R); no public exploit code or CISA KEV listing has been identified at time of analysis.

Open Redirect Java Spring Framework
NVD HeroDevs VulDB
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Path traversal in Spring Framework's static resource resolution exposes arbitrary server files to unauthenticated remote attackers across both Spring MVC and Spring WebFlux stacks. Four major release lines - 5.3.x, 6.1.x, 6.2.x, and 7.0.x - are affected, making this a broad-surface issue for the Java ecosystem. The CVSS vector confirms unauthenticated network access with high confidentiality impact, though the AC:H designation indicates non-trivial exploit conditions; no public exploit has been identified at time of analysis and the vulnerability is not listed in CISA KEV.

Path Traversal Java Spring Framework
NVD HeroDevs VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial of service in Spring Framework's Spring MVC and WebFlux static resource resolution allows remote unauthenticated attackers to exhaust application resources, affecting versions 5.3.0-5.3.48, 6.1.0-6.1.27, 6.2.0-6.2.18, and 7.0.0-7.0.7. The CVSS 7.5 score reflects high-impact availability damage over the network with no privileges or user interaction, and at time of analysis no public exploit identified at time of analysis. The flaw was reported by VMware (Spring's maintainer) and is tracked under the official Spring Security advisory.

Denial Of Service Java Spring Framework
NVD HeroDevs VulDB
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Information disclosure in Spring Framework's static resource resolution affects Spring MVC and WebFlux applications across four active release lines (5.3.x, 6.1.x, 6.2.x, and 7.0.x). Unauthenticated remote attackers exploiting this flaw can access sensitive cached content served through the static resource handling pipeline, achieving high confidentiality impact. No public exploit code or CISA KEV listing has been identified at time of analysis, and the AC:H vector indicates exploitation requires specific conditions beyond default network access.

Information Disclosure Java Spring Framework
NVD HeroDevs VulDB
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Denial of Service in Spring WebFlux's multipart request processing allows unauthenticated remote attackers to exhaust server resources across all supported Spring Framework branches. Affects Spring Framework 5.3.x through 7.0.x when applications use the reactive WebFlux stack and expose endpoints that accept multipart data. No public exploit code has been identified at time of analysis, and CISA KEV listing is absent, but the network-reachable, zero-privilege attack surface warrants prompt patching for internet-facing WebFlux deployments.

Denial Of Service Java Spring Framework
NVD HeroDevs VulDB
EPSS 0% CVSS 4.2
MEDIUM PATCH This Month

Session fixation in Spring Framework's WebFlux reactive stack (versions 5.3.x through 7.0.x) enables a remote attacker to hijack an authenticated user's session by leveraging a compromised subdomain - typically via cross-site scripting - to plant a known session ID and exchange it for the victim's authenticated session post-login. The attack is classified as CWE-384 and requires both a prior subdomain compromise and user interaction, placing real-world exploitability well below the headline concern for most deployments. No public exploit code and no CISA KEV listing have been identified at time of analysis.

XSS Session Fixation Java +1
NVD HeroDevs VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Predictable WebSocket session IDs in Spring Framework's spring-websocket module allow remote attackers to guess or forge session identifiers and, when paired with weak authorization rules, hijack or interact with other users' WebSocket sessions. The flaw affects Spring Framework 5.3.x, 6.1.x, 6.2.x, and 7.0.x prior to patched releases; no public exploit identified at time of analysis and EPSS is very low (0.03%).

Information Disclosure Java Spring Framework
NVD VulDB HeroDevs
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

The fix for CVE-2022-22968 made disallowedFields patterns in DataBinder case insensitive. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Spring Framework
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

In Spring Framework versions 5.3.0 - 5.3.38 and older unsupported versions, it is possible for a user to provide a specially crafted Spring Expression Language (SpEL) expression that may cause a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Denial Of Service Spring Framework +2
NVD
EPSS 3% CVSS 8.1
HIGH PATCH This Week

Applications that use UriComponentsBuilder in Spring Framework to parse an externally provided URL (e.g. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Java Open Redirect +2
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

In Spring Framework versions 6.0.15 and 6.1.2, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Denial Of Service Spring Framework
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Information Disclosure Spring Framework
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

In spring framework versions prior to 5.2.24 release+ ,5.3.27+ and 6.0.8+ , it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service (DoS) condition. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Denial Of Service Spring Framework
NVD
EPSS 4% CVSS 7.5
HIGH PATCH This Week

Spring Framework running version 6.0.0 - 6.0.6 or 5.3.0 - 5.3.25 using "**" as a pattern in Spring Security configuration with the mvcRequestMatcher creates a mismatch in pattern matching between. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Authentication Bypass Spring Framework
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

In Spring Framework versions 6.0.0 - 6.0.6, 5.3.0 - 5.3.25, 5.2.0.RELEASE - 5.2.22.RELEASE, and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Denial Of Service Spring Framework
NVD
EPSS 3% CVSS 6.5
MEDIUM PATCH This Month

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Java Spring Framework +3
NVD
EPSS 2% CVSS 5.3
MEDIUM PATCH This Month

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Java Spring Framework +5
NVD
EPSS 6% CVSS 5.3
MEDIUM PATCH This Month

In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions, the patterns for disallowedFields on a DataBinder are case sensitive which means a field is not. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Information Disclosure Spring Framework +6
NVD
EPSS 100% CVSS 9.8
CRITICAL POC KEV PATCH THREAT Act Now

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Java RCE Code Injection +39
NVD
EPSS 36% CVSS 6.5
MEDIUM PATCH This Month

n Spring Framework versions 5.3.0 - 5.3.16 and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial of service condition. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Java Spring Framework
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Java Spring Framework +7
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Java Spring Framework +31
NVD
EPSS 11% CVSS 6.5
MEDIUM PATCH This Month

In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable.

Java Authentication Bypass Spring Framework +37
NVD
EPSS 2% CVSS 5.3
MEDIUM POC PATCH This Month

Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Google Java CSRF +27
NVD
EPSS 88% CVSS 7.5
HIGH PATCH This Week

In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Java Spring Framework +32
NVD
EPSS 1% CVSS 7.4
HIGH PATCH This Week

Spring Security versions 5.1.x prior to 5.1.2 contain an authorization bypass vulnerability during JWT issuer validation. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Authentication Bypass Spring Framework
NVD
EPSS 10% CVSS 7.5
HIGH PATCH This Week

Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Denial Of Service Spring Framework +39
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Information Disclosure Spring Framework +27
NVD
EPSS 3% CVSS 5.9
MEDIUM PATCH This Month

Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applications to change the HTTP request method to any HTTP method (including. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Java XSS Spring Framework +32
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Java Authentication Bypass Spring Security +41
NVD
EPSS 3% CVSS 6.5
MEDIUM PATCH This Month

Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Java Denial Of Service Spring Framework +29
NVD
EPSS 58% CVSS 9.8
CRITICAL PATCH Act Now

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Java Code Injection RCE +19
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, provide client-side support for multipart requests. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Java Privilege Escalation Spring Framework +24
NVD
EPSS 36% CVSS 5.9
MEDIUM POC PATCH THREAT This Month

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources (e.g. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Java Microsoft Path Traversal +28
NVD
EPSS 77% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Java Code Injection RCE +28
NVD Exploit-DB
EPSS 3% CVSS 5.3
MEDIUM PATCH This Month

Spring Security (Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before 4.3.14 and 5.0.x before 5.0.3) does not consider URL path parameters. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Authentication Bypass Spring Framework +4
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2.x, 4.0.x, 4.1.x, 4.2.x rely on URL pattern mappings for authorization and for mapping requests to controllers respectively. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Privilege Escalation Spring Framework +1
NVD
EPSS 2% CVSS 9.6
CRITICAL POC PATCH Act Now

Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and older unsupported versions is vulnerable to a Reflected File Download (RFD) attack. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Java Information Disclosure +2
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

XXE Java Spring Framework
NVD
EPSS 5% CVSS 7.5
HIGH PATCH This Week

An issue was discovered in Pivotal Spring Framework before 3.2.18, 4.2.x before 4.2.9, and 4.3.x before 4.3.5. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Java Spring Framework
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Pivotal Spring Framework before 3.2.14 and 4.x before 4.1.7 do not properly process inline DTD declarations when DTD is not entirely disabled, which allows remote attackers to cause a denial of. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Buffer Overflow Java +2
NVD
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

The Java SockJS client in Pivotal Spring Framework 4.1.x before 4.1.5 generates predictable session ids, which allows remote attackers to send messages to other sessions via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Java Spring Framework
NVD
EPSS 4% CVSS 5.0
MEDIUM PATCH This Month

Directory traversal vulnerability in Pivotal Spring Framework 3.x before 3.2.9 and 4.0 before 4.0.5 allows remote attackers to read arbitrary files via a crafted URL. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Java Spring Framework
NVD
EPSS 17% CVSS 5.0
MEDIUM PATCH This Month

Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 through 3.2.x before 3.2.12, 4.0.x before 4.0.8, and 4.1.x before 4.1.2 allows remote attackers to read arbitrary files via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.0%.

Path Traversal Java Spring Framework
NVD
EPSS 3% CVSS 6.8
MEDIUM PATCH This Month

The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Framework before 3.2.8 and 4.0.0 before 4.0.2 does not disable external entity resolution, which allows remote attackers to read. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF XXE Denial Of Service +2
NVD VulDB
EPSS 2% CVSS 4.3
MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Java Spring Framework
NVD GitHub VulDB
EPSS 39% CVSS 6.8
MEDIUM PATCH This Month

The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Epss exploitation probability 38.7%.

CSRF Denial Of Service Java +2
NVD
EPSS 0% CVSS 6.8
MEDIUM POC PATCH This Month

The Spring MVC in Spring Framework before 3.2.4 and 4.0.0.M1 through 4.0.0.M2 does not disable external entity resolution for the StAX XMLInputFactory, which allows context-dependent attackers to. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

CSRF Privilege Escalation Java +3
NVD
EPSS 72% 5.0 CVSS 6.8
MEDIUM POC PATCH THREAT This Month

The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 72.3%.

CSRF Privilege Escalation Java +3
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy