Package impact
Maven / org.springframework:spring-webflux
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-22965 | unknown | — | 2.5 | 4y ago | Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. | |||
| CVE-2026-22737 | unknown | — | — | 3mo ago | Spring Framework Improper Path Limitation with Script View Templates | |||
| CVE-2026-22735 | unknown | — | — | 3mo ago | Spring MVC and WebFlux has Server Sent Event stream corruption | |||
| CVE-2024-38819 | unknown | — | — | 2y ago | Spring Framework Path Traversal vulnerability | |||
| CVE-2024-38816 | unknown | — | — | 2y ago | Path traversal vulnerability in functional web frameworks | |||
| CVE-2020-5397 | unknown | — | — | 7y ago | CSRF attack via CORS preflight requests with Spring MVC or Spring WebFlux | |||
| CVE-2020-5398 | unknown | — | — | 7y ago | RFD attack via Content-Disposition header sourced from request input by Spring MVC or Spring WebFlux Application |