acegisecurity:acegi-security (=0.7.0), acegisecurity:acegi-security-cas (=0.7.0) +5 more potentially affected by CVE-2026-22735 via springframework:spring-web (>=1.0.1 <=1.2.1)

springframework:spring-web MAVEN version =1.0.1, =1.0-rc2, =1.0-rc3 Source cves: CVE-2026-22735 Source advisory: SNYK:JAVA-SPRINGFRAMEWORK-15701758...

CVE-2007-2377

The Getahead Direct Web Remoting DWR framework 1.1.4 exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and...

CVE-2007-2377

The Getahead Direct Web Remoting DWR framework 1.1.4 exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and...

CVE-2007-0184

Getahead Direct Web Remoting DWR before 1.1.4 allows attackers to obtain unauthorized access to public methods via a crafted request that bypasses the include/exclude checks...

CVE-2007-0185

Getahead Direct Web Remoting DWR before 1.1.4 allows attackers to cause a denial of service memory exhaustion and servlet outage via unknown vectors related to a large number of calls in a batch...

CVE-2007-0184

Getahead Direct Web Remoting DWR before 1.1.4 allows attackers to obtain unauthorized access to public methods via a crafted request that bypasses the include/exclude checks...

CVE-2006-6916

Getahead Direct Web Remoting DWR before 1.1.3 allows attackers to cause a denial of service infinite loop via unknown vectors related to "crafted input."...