Lucene search
+L

17 matches found

ibm
ibm
added 2026/06/15 10:14 p.m.6 views

Security Bulletin: MongoDB Enterprised Advanced affected by: Improper Locking, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CVE-2026-22735, CVE-2026-22737)

Summary There are vulnerabilities in spring-web-6.2.15.jar, spring-webmvc-6.2.15.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2026-22735, CVE-2026-22737. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-22735 DESCRIPTION: Spring MVC and WebFlux...

5.9CVSS5.1AI score0.00385EPSS
Exploits1Affected Software1
ibm
ibm
added 2026/06/15 10:14 p.m.6 views

Security Bulletin: MongoDB Enterprised Advanced affected by: Improper Locking (CVE-2026-22735)

Summary There are vulnerabilities in spring-web-6.2.15.jar, spring-webmvc-6.2.15.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2026-22735. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2026-22735 DESCRIPTION: Spring MVC and WebFlux applications are...

2.6CVSS4.9AI score0.00112EPSS
Exploits0Affected Software1
ibm
ibm
added 2026/05/21 3:42 p.m.6 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to stream corruption in Spring MVC and WebFlux [CVE-2026-22735]

Summary IBM Watson Speech Services Cartridge is vulnerable to stream corruption in Spring MVC and WebFlux when using Server-Sent Events SSE CVE-2026-22735. Spring MVC and WebFlux are used in our speech microservices. This vulnerabilitiy has been addressed. Please read the details for remediation...

2.6CVSS5.7AI score0.00112EPSS
Exploits0Affected Software1
ibm
ibm
added 2026/04/29 1:24 p.m.16 views

Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.13.1 Vulnerability Details CVEID:CVE-2026-22737 DESCRIPTION: Use of Java scripting engine enabled e.g. JRuby, Jython template views in Spring MVC and Spring WebFlux applications can result in disclosure of conten...

9.8CVSS8.7AI score0.47621EPSS
Exploits10Affected Software1
ibm
ibm
added 2026/04/27 9:3 a.m.15 views

Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to issues in Spring

Summary There are vulnerabilities in Spring used by IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows has addressed the applicable CVEs CVE-2026-22732, CVE-2026-22735, CVE-2026-22737. Vulnerability Details CVEID:CVE-2026-22737 DESCRIPTION: Use of...

9.1CVSS6AI score0.0048EPSS
Exploits3Affected Software1
ibm
ibm
added 2026/04/23 1:40 p.m.6 views

Security Bulletin: Due to use of spring-web-6.2.16.jar, IBM Sterling Connect:Direct Web Services is affected by stream corruption issue when using Server-Sent Events (SSE).

Summary spring-web-6.2.16.jar is used by IBM Sterling Connect:Direct Web Services CVE-2026-22735. Vulnerability Details CVEID:CVE-2026-22735 DESCRIPTION: Spring MVC and WebFlux applications are vulnerable to stream corruption when using Server-Sent Events SSE. This issue affects Spring Foundation...

2.6CVSS5.7AI score0.00112EPSS
Exploits0Affected Software1
vulnersosv
vulnersosv
added 2026/03/20 12:31 a.m.7 views

ai.platon.pulsar:pulsar-e2e-tests (>=4.5.0 <=4.6.0), ai.platon.pulsar:pulsar-it-tests (>=4.5.0 <=4.6.0) +584 more potentially affected by CVE-2026-22735 via org.springframework:spring-webflux (>=7.0.0-M7 <=7.0.5)

org.springframework:spring-webflux MAVEN version =7.0.0-M7, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.7.0, =2.0.8, =4.0.0.0-M2, =4.0.0.0-M2, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.2 and more Source cves: CVE-2026-22735 Source advisory: OSV:GHSA-6HCQ-HMM3-JJ3C...

2.6CVSS5.7AI score0.00112EPSS
Exploits0
vulnersosv
vulnersosv
added 2026/03/20 12:31 a.m.17 views

ai.platon.pulsar:pulsar-e2e-tests (>=4.5.0 <=4.6.0), ai.platon.pulsar:pulsar-it-tests (>=4.5.0 <=4.6.0) +1565 more potentially affected by CVE-2026-22735 via org.springframework:spring-webmvc (>=7.0.0-M1 <=7.0.5)

org.springframework:spring-webmvc MAVEN version =7.0.0-M1, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =2.0.0-beta-1, =0.1.1, =0.2.0, =0.5.0, =0.7.0, =0.5.0, =0.5.0, =0.7.5 and more Source cves: CVE-2026-22735 Source advisory: OSV:GHSA-6HCQ-HMM3-JJ3C...

2.6CVSS5.7AI score0.00112EPSS
Exploits0
vulnersosv
vulnersosv
added 2026/03/20 12:31 a.m.8 views

africa.absa:inception-application (>=1.1.0 <=1.2.0), africa.absa:inception-test (>=1.1.0 <=1.2.0) +1988 more potentially affected by CVE-2026-22735 via org.springframework:spring-webflux (>=5.3.0 <=5.3.39)

org.springframework:spring-webflux MAVEN version =5.3.0, =1.1.0, =1.1.0, =j11.2.6.0, =v0.3.12, =v0.3.12, =v0.3.12, =4.1.36, =4.1.36, =1.7, =1.0, =1.0.0, =1.0.1, =1.0.6 and more Source cves: CVE-2026-22735 Source advisory: OSV:GHSA-6HCQ-HMM3-JJ3C...

2.6CVSS5.7AI score0.00112EPSS
Exploits0
vulnersosv
vulnersosv
added 2026/03/20 12:31 a.m.7 views

ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:arc-graphql-spring-boot-starter (>=0.1.1 <=0.112.0) +1641 more potentially affected by CVE-2026-22735 via org.springframework:spring-webflux (>=6.0.0 <=6.1.21)

org.springframework:spring-webflux MAVEN version =6.0.0, =0.2.0, =0.1.1, =0.1.1, =0.0.4, =0.1.0, =0.6.0, =0.6.0, =0.2.2, =0.0.6, =0.0.6, =4.5.0, =1.2.0, =1.3.0 and more Source cves: CVE-2026-22735 Source advisory: OSV:GHSA-6HCQ-HMM3-JJ3C...

2.6CVSS5.7AI score0.00112EPSS
Exploits0
vulnersosv
vulnersosv
added 2026/03/20 12:31 a.m.19 views

ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (=0.28.0), ai.ancf.lmos:lmos-operator (>=0.0.4 <=0.4.0) +6480 more potentially affected by CVE-2026-22735 via org.springframework:spring-webmvc (>=6.0.0 <=6.1.21)

org.springframework:spring-webmvc MAVEN version =6.0.0, =0.0.4, =0.5.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.7.5, =0.8.3, =0.7.0, =0.5.0, =0.5.0, =0.5.0, =cloud-0.1, =cloud-0.2.1 and more Source cves: CVE-2026-22735 Source advisory: OSV:GHSA-6HCQ-HMM3-JJ3C...

2.6CVSS5.7AI score0.00112EPSS
Exploits0
ubuntucve
ubuntucve
added 2026/03/20 12:16 a.m.5 views

CVE-2026-22735

Spring MVC and WebFlux applications are vulnerable to stream corruption when using Server-Sent Events SSE. This issue affects Spring Foundation: from 7.0.0 through 7.0.5, from 6.2.0 through 6.2.16, from 6.1.0 through 6.1.25, from 5.3.0 through 5.3.46...

2.6CVSS5.8AI score0.00112EPSS
Exploits0References2
nessus
nessus
added 2026/03/20 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-22735

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spring MVC and WebFlux applications are vulnerable to stream corruption when using Server-Sent Events SSE. This issue affects Spring Foundation: from 7.0.0...

2.6CVSS6AI score0.00112EPSS
Exploits0References4
vulnersosv
vulnersosv
added 2026/03/19 12:0 a.m.13 views

acegisecurity:acegi-security (=0.7.0), acegisecurity:acegi-security-cas (=0.7.0) +5 more potentially affected by CVE-2026-22735 via springframework:spring-web (>=1.0.1 <=1.2.1)

springframework:spring-web MAVEN version =1.0.1, =1.0-rc2, =1.0-rc3 Source cves: CVE-2026-22735 Source advisory: SNYK:JAVA-SPRINGFRAMEWORK-15701758...

2.6CVSS5.8AI score0.00112EPSS
Exploits0
vulnersosv
vulnersosv
added 2026/03/19 12:0 a.m.6 views

ai.platon.pulsar:pulsar-e2e-tests (>=4.5.0 <=4.6.0), ai.platon.pulsar:pulsar-it-tests (>=4.5.0 <=4.6.0) +2681 more potentially affected by CVE-2026-22735 via org.springframework:spring-web (>=7.0.0 <=7.0.5)

org.springframework:spring-web MAVEN version =7.0.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =2.0.0-beta-1, =0.1.1, =4.7.0, =0.2.0, =0.5.0, =0.7.0, =0.7.5 - be.appify.prefab:prefab-core =0.2.0 - be.appify.prefab:prefab-kafka =0.2.0 and more Source cves: CVE-2026-22735 Source advisory:...

2.6CVSS5.7AI score0.00112EPSS
Exploits0
vulnersosv
vulnersosv
added 2026/03/19 12:0 a.m.9 views

ai.platon.pulsar:pulsar-e2e-tests (>=4.5.0 <=4.6.0), ai.platon.pulsar:pulsar-it-tests (>=4.5.0 <=4.6.0) +1553 more potentially affected by CVE-2026-22735 via org.springframework:spring-webmvc (>=7.0.0 <=7.0.5)

org.springframework:spring-webmvc MAVEN version =7.0.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =2.0.0-beta-1, =0.1.1, =0.2.0, =0.5.0, =0.7.0, =0.5.0, =0.5.0, =0.7.5 and more Source cves: CVE-2026-22735 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORK-15701756...

2.6CVSS5.7AI score0.00112EPSS
Exploits0
vulnersosv
vulnersosv
added 2026/03/19 12:0 a.m.6 views

ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:lmos-operator (>=0.0.4 <=0.6.0) +10067 more potentially affected by CVE-2026-22735 via org.springframework:spring-webmvc (>=6.0.0 <=6.2.16)

org.springframework:spring-webmvc MAVEN version =6.0.0, =0.2.0, =0.0.4, =0.5.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.7.5, =0.8.3, =0.7.0, =0.5.0, =0.5.0, =0.8.7 and more Source cves: CVE-2026-22735 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORK-15701756...

2.6CVSS5.7AI score0.00112EPSS
Exploits0
Rows per page
Query Builder