Lucene search
K

358 matches found

vulnersOsv
vulnersOsv
added 2026/04/29 12:33 p.m.6 views

ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess (>=0.1.0 <=0.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess-storage-jpa (>=0.1.0 <=0.2.0) +1514 more potentially affected by CVE-2026-22745 via org.springframework:spring-webflux (>=6.2.0 <=6.2.17)

org.springframework:spring-webflux MAVEN version =6.2.0, =0.1.0, =0.1.0, =0.114.0, =0.114.0, =0.5.0, =0.8.0, =1.0.0, =1.0.0, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.6 and more Source cves: CVE-2026-22745 Source advisory: OSV:GHSA-6P4F-WCWH-5VVM...

5.3CVSS5.7AI score0.00341EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/29 12:33 p.m.7 views

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +687 more potentially affected by CVE-2026-22741 via org.springframework:spring-webflux (>=7.0.0 <=7.0.6)

org.springframework:spring-webflux MAVEN version =7.0.0, =0.1.0, =0.1.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.7.0, =0.0.1-alfa, =6.0.1, =4.0.0.0-M2, =4.0.0.0-M2, =4.0.0.0-M3 and more Source cves: CVE-2026-22741 Source advisory: OSV:GHSA-WG35-8JPF-2XV3...

3.1CVSS5.7AI score0.00236EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/29 12:33 p.m.12 views

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +687 more potentially affected by CVE-2026-22745 via org.springframework:spring-webflux (>=7.0.0 <=7.0.6)

org.springframework:spring-webflux MAVEN version =7.0.0, =0.1.0, =0.1.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.7.0, =0.0.1-alfa, =6.0.1, =4.0.0.0-M2, =4.0.0.0-M2, =4.0.0.0-M3 and more Source cves: CVE-2026-22745 Source advisory: OSV:GHSA-6P4F-WCWH-5VVM...

5.3CVSS5.7AI score0.00341EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/29 12:33 p.m.9 views

ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:arc-graphql-spring-boot-starter (>=0.1.1 <=0.112.0) +1203 more potentially affected by CVE-2026-22740 via org.springframework:spring-webflux (>=6.1.0 <=6.1.21)

org.springframework:spring-webflux MAVEN version =6.1.0, =0.2.0, =0.1.1, =0.1.1, =0.0.4, =0.1.0, =0.6.0, =0.6.0, =1.2.0, =2.1.0, =1.3.0, =1.0.2, =1.0.45 and more Source cves: CVE-2026-22740 Source advisory: OSV:GHSA-5843-P793-GHMM...

6.5CVSS5.7AI score0.00344EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/29 12:33 p.m.11 views

africa.absa:inception-application (>=1.1.0 <=1.2.0), africa.absa:inception-test (>=1.1.0 <=1.2.0) +2768 more potentially affected by CVE-2026-22740 via org.springframework:spring-webflux (>=5.0.0.RELEASE <=5.3.4)

org.springframework:spring-webflux MAVEN version =5.0.0.RELEASE, =1.1.0, =1.1.0, =0.5.0, =0.5.0, =0.5.0, =j8.2.2.0, =0.0.1, =v0.3.12, =v0.3.10, =v0.3.12, =2.1.2.RELEASE, =4.1.36, =4.1.7, =4.7.1 - br.com.m4rc310:br-com-m4rc310-graphql =1.0.1 - br.com.m4rc310:br-com-m4rc310-libs =1.0.1 and more...

6.5CVSS5.7AI score0.00344EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/29 12:33 p.m.6 views

ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess (>=0.1.0 <=0.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess-storage-jpa (>=0.1.0 <=0.2.0) +1514 more potentially affected by CVE-2026-22740 via org.springframework:spring-webflux (>=6.2.0 <=6.2.17)

org.springframework:spring-webflux MAVEN version =6.2.0, =0.1.0, =0.1.0, =0.114.0, =0.114.0, =0.5.0, =0.8.0, =1.0.0, =1.0.0, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.6 and more Source cves: CVE-2026-22740 Source advisory: OSV:GHSA-5843-P793-GHMM...

6.5CVSS5.7AI score0.00344EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/29 12:33 p.m.9 views

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +687 more potentially affected by CVE-2026-22740 via org.springframework:spring-webflux (>=7.0.0 <=7.0.6)

org.springframework:spring-webflux MAVEN version =7.0.0, =0.1.0, =0.1.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.7.0, =0.0.1-alfa, =6.0.1, =4.0.0.0-M2, =4.0.0.0-M2, =4.0.0.0-M3 and more Source cves: CVE-2026-22740 Source advisory: OSV:GHSA-5843-P793-GHMM...

6.5CVSS5.7AI score0.00344EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2026/04/29 12:33 p.m.8 views

Spring Framework DoS with Multipart Temp Files in WebFlux

A WebFlux server application that processes multipart requests creates temp files for parts larger than 10 K. Under some circumstances, temp files may remain not deleted after the request is fully processed. This allows an attacker to consume available disk space. Older, unsupported versions are...

6.5CVSS5.8AI score0.00344EPSS
Exploits0References3Affected Software1
vulnersOsv
vulnersOsv
added 2026/04/29 12:33 p.m.16 views

africa.absa:inception-application (>=1.1.0 <=1.2.0), africa.absa:inception-test (>=1.1.0 <=1.2.0) +2768 more potentially affected by CVE-2026-22745 via org.springframework:spring-webflux (>=5.0.0.RELEASE <=5.3.4)

org.springframework:spring-webflux MAVEN version =5.0.0.RELEASE, =1.1.0, =1.1.0, =0.5.0, =0.5.0, =0.5.0, =j8.2.2.0, =0.0.1, =v0.3.12, =v0.3.10, =v0.3.12, =2.1.2.RELEASE, =4.1.36, =4.1.7, =4.7.1 - br.com.m4rc310:br-com-m4rc310-graphql =1.0.1 - br.com.m4rc310:br-com-m4rc310-libs =1.0.1 and more...

5.3CVSS5.7AI score0.00341EPSS
Exploits0
OSV
OSV
added 2026/04/29 12:33 p.m.7 views

GHSA-5843-P793-GHMM Spring Framework DoS with Multipart Temp Files in WebFlux

A WebFlux server application that processes multipart requests creates temp files for parts larger than 10 K. Under some circumstances, temp files may remain not deleted after the request is fully processed. This allows an attacker to consume available disk space. Older, unsupported versions are...

6.5CVSS5.8AI score0.00344EPSS
Exploits0References3
OSV
OSV
added 2026/04/29 12:33 p.m.7 views

GHSA-6P4F-WCWH-5VVM Spring MVC and WebFlux applications are vulnerable to Denial of Service attacks when resolving static resources

Spring MVC and WebFlux applications are vulnerable to Denial of Service attacks when resolving static resources. More precisely, an application can be vulnerable when all the following are true: the application is using Spring MVC or Spring WebFlux the application is serving static resources from...

5.3CVSS5.8AI score0.00341EPSS
Exploits0References3
NVD
NVD
added 2026/04/29 12:16 p.m.7 views

CVE-2026-22740

A WebFlux server application that processes multipart requests creates temp files for parts larger than 10 K. Under some circumstances, temp files may remain not deleted after the request is fully processed. This allows an attacker to consume available disk space. Older, unsupported versions are...

6.5CVSS0.00344EPSS
Exploits0References2
NVD
NVD
added 2026/04/29 12:16 p.m.6 views

CVE-2026-22741

Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources. More precisely, an application can be vulnerable when all the following are true: the application is using Spring MVC or Spring WebFlux the application is configuring the resource chain support...

3.1CVSS0.00236EPSS
Exploits0References2
NVD
NVD
added 2026/04/29 12:16 p.m.31 views

CVE-2026-22745

Spring MVC and WebFlux applications are vulnerable to Denial of Service attacks when resolving static resources. More precisely, an application can be vulnerable when all the following are true: the application is using Spring MVC or Spring WebFlux the application is serving static resources from...

5.3CVSS0.00341EPSS
Exploits0References2
OSV
OSV
added 2026/04/29 12:16 p.m.3 views

DEBIAN-CVE-2026-22740

A WebFlux server application that processes multipart requests creates temp files for parts larger than 10 K. Under some circumstances, temp files may remain not deleted after the request is fully processed. This allows an attacker to consume available disk space. Older, unsupported versions are...

6.5CVSS5.8AI score0.00344EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/04/29 12:16 p.m.6 views

CVE-2026-22740

A WebFlux server application that processes multipart requests creates temp files for parts larger than 10 K. Under some circumstances, temp files may remain not deleted after the request is fully processed. This allows an attacker to consume available disk space. Older, unsupported versions are...

6.5CVSS5.8AI score0.00344EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/04/29 12:16 p.m.6 views

CVE-2026-22741

Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources. More precisely, an application can be vulnerable when all the following are true: the application is using Spring MVC or Spring WebFlux the application is configuring the resource chain support...

3.1CVSS5.8AI score0.00236EPSS
Exploits0References2
OSV
OSV
added 2026/04/29 12:16 p.m.6 views

UBUNTU-CVE-2026-22741

Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources. More precisely, an application can be vulnerable when all the following are true: the application is using Spring MVC or Spring WebFlux the application is configuring the resource chain support...

3.1CVSS5.8AI score0.00236EPSS
Exploits0References3
OSV
OSV
added 2026/04/29 12:16 p.m.5 views

UBUNTU-CVE-2026-22740

A WebFlux server application that processes multipart requests creates temp files for parts larger than 10 K. Under some circumstances, temp files may remain not deleted after the request is fully processed. This allows an attacker to consume available disk space. Older, unsupported versions are...

6.5CVSS5.8AI score0.00344EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/29 11:35 a.m.5 views

CVE-2026-22745

Spring MVC and WebFlux applications are vulnerable to Denial of Service attacks when resolving static resources. More precisely, an application can be vulnerable when all the following are true: the application is using Spring MVC or Spring WebFlux the application is serving static resources from...

5.3CVSS5.4AI score0.00341EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder