17 matches found
Allocation of Resources Without Limits or Throttling
Overview org.springframework:spring-core is a core package within the spring-framework that contains multiple classes and utilities. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via caching of parsed Spring Expression Language SpEL...
ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +7260 more potentially affected by CVE-2026-22745 via org.springframework:spring-core (>=7.0.0-M1 <=7.0.6)
org.springframework:spring-core MAVEN version =7.0.0-M1, =0.1.0, =0.1.0, =4.5.0, =4.7.11, =4.5.0, =4.5.0, =4.3.0, =4.3.0, =4.3.0, =4.7.0, =4.7.4, =4.7.4, =4.3.0, =4.7.0, =4.5.0, =4.6.0 and more Source cves: CVE-2026-22745 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORK-16109618...
ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess (>=0.1.0 <=0.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess-storage-jpa (>=0.1.0 <=0.2.0) +27766 more potentially affected by CVE-2026-22745 via org.springframework:spring-core (>=6.0.0 <=6.2.17)
org.springframework:spring-core MAVEN version =6.0.0, =0.1.0, =0.1.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.1.1, =0.1.1, =0.1.1, =0.1.1, =0.0.4, =0.6.0 - ai.ancf.lmos:lmos-router-hybrid-spring-boot-starter =0.1.0 - ai.ancf.lmos:lmos-router-llm-in-spring-cloud-gateway-demo =0.1.0 -...
Security Bulletin: IBM Maximo Application Suite uses multiple third party dependencies which is vulnerable to CVEs.
Summary IBM Maximo Application Suite uses "eventlet-0.39.0-py3-none-any.whl, commons-lang3-3.17.0.jar, spring-core-6.2.10.jar" which is vulnerable to "CVE-2025-58068, CVE-2025-48924, CVE-2025-41249". This bulletin contains information regarding the vulnerability and how it is addressed...
am.ik.access-logger:access-logger (>=0.1.6 <=0.2.0), cn.herodotus.engine:access-core (>=3.1.7.0 <=3.1.7.5) +663 more potentially affected by CVE-2024-22233 via org.springframework:spring-core (=6.0.15)
org.springframework:spring-core MAVEN version =6.0.15 is affected by a known vulnerability. The following packages have a transitive dependency on org.springframework:spring-core and may be impacted: - am.ik.access-logger:access-logger =0.1.6, =3.1.7.0, =3.1.7.0, =3.1.7.0, =3.1.7.3, =3.1.7.0,...
at.molindo:molindo-notify (>=1.0.0-alpha-1 <=1.0.0-alpha-2), be.eliwan:ew-profiling-api (>=1.0 <=1.4) +1704 more potentially affected by CVE-2011-2730 via org.springframework:spring-core (>=3.0.0.RELEASE <=3.0.5.RELEASE)
org.springframework:spring-core MAVEN version =3.0.0.RELEASE, =1.0.0-alpha-1, =1.0, =1.0, =0.7, =2.0, =1.1.1, =1.0.2, =1.1.2, =1.2, =1.0.0, =1.0.0, =1.1.0, =3.3.0, =3.4.1 and more Source cves: CVE-2011-2730 Source advisory: OSV:GHSA-WV88-PF73-X22P...
at.molindo:molindo-notify (>=1.0.0-alpha-1 <=1.0.0-alpha-2), be.eliwan:ew-profiling-api (>=1.0 <=1.4) +1704 more potentially affected by CVE-2011-2894 via org.springframework:spring-core (>=3.0.0.RELEASE <=3.0.5.RELEASE)
org.springframework:spring-core MAVEN version =3.0.0.RELEASE, =1.0.0-alpha-1, =1.0, =1.0, =0.7, =2.0, =1.1.1, =1.0.2, =1.1.2, =1.2, =1.0.0, =1.0.0, =1.1.0, =3.3.0, =3.4.1 and more Source cves: CVE-2011-2894 Source advisory: OSV:GHSA-F866-M9MV-2XR3...
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +4314 more potentially affected by CVE-2009-1190 via org.springframework:spring-core (>=1.2 <=2.5.6.SEC03)
org.springframework:spring-core MAVEN version =1.2, =1.1, =1.3, =0.0.1, =1.0, =0.3, =1.0, =0.0.1, =1.2.1, =1.2.1, =1.0, =1.0.4 - cf.pgmann.plugins:url-auth-sso =1.0 and more Source cves: CVE-2009-1190 Source advisory: OSV:GHSA-WJJR-H4WH-W6VV...
ai.foremast.metrics:foremast-spring-4x-k8s-metrics (>=0.1.6 <=0.2.0), ai.foremast.metrics:foremast-spring-boot-15x-starter (>=0.1.10 <=0.1.12) +9746 more potentially affected by CVE-2018-15756 via org.springframework:spring-core (>=4.2.0.RELEASE <=4.3.1.RELEASE)
org.springframework:spring-core MAVEN version =4.2.0.RELEASE, =0.1.6, =0.1.10, =0.1.6, =0.1.4-SB1X, =0.0.6, =0.0.11, =0.0.16, =0.0.1, =4.2.1, =4.4.1, =9.1.1, =0.0.1, =1.0.0.RELEASE, =1.1.0.RELEASE and more Source cves: CVE-2018-15756 Source advisory: OSV:GHSA-FFVQ-7W96-97P7...
am.ik.github:reactive-github-client (>=0.0.1 <=0.0.4), ca.uhn.hapi.fhir:hapi-fhir-jpaserver-base (>=3.1.0 <=3.2.0) +218 more potentially affected by CVE-2018-15756 via org.springframework:spring-core (=5.0.0.RELEASE)
org.springframework:spring-core MAVEN version =5.0.0.RELEASE is affected by a known vulnerability. The following packages have a transitive dependency on org.springframework:spring-core and may be impacted: - am.ik.github:reactive-github-client =0.0.1, =3.1.0, =3.1.0, =3.1.0, =3.1.0, =3.1.0,...
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +17184 more potentially affected by CVE-2016-5007 via org.springframework:spring-core (>=1.2 <=4.3.0.RELEASE)
org.springframework:spring-core MAVEN version =1.2, =1.1, =1.3, =0.0.1, =0.1.6, =0.1.4-SB1X, =0.1.0, =0.1.0, =1.0, =5.0.9, =0.0.20, =0.0.34 - ar.com.onready:spring-resttemplate-logger =1.0.2 - at.chrl:chrl-jms =1.1.0 and more Source cves: CVE-2016-5007 Source advisory: OSV:GHSA-8CRV-49FR-2H6J...
ai.ylyue:yue-library-base (>=Finchley.SR2.SR1 <=Finchley.SR4.1), ai.ylyue:yue-library-base-crypto (>=Finchley.SR4 <=Finchley.SR4.1) +3028 more potentially affected by CVE-2018-1272 via org.springframework:spring-core (>=5.0.0.RELEASE <=5.0.4.RELEASE)
org.springframework:spring-core MAVEN version =5.0.0.RELEASE, =Finchley.SR2.SR1, =Finchley.SR4, =Finchley.SR2.SR1, =Finchley.SR2.SR1, =Finchley.SR4, =0.0.1, =0.0.2, =2.0.3.RELEASE, =2.0.3.RELEASE, =2.0.3.RELEASE, =2.0.3.RELEASE, =2.0.2.RELEASE, =2.0.2.RELEASE, =2.0.3.RELEASE, =2.0.7.RELEASE and...
ai.ylyue:yue-library-base (>=Finchley.SR2.SR1 <=Finchley.SR4.1), ai.ylyue:yue-library-base-crypto (>=Finchley.SR4 <=Finchley.SR4.1) +3028 more potentially affected by CVE-2018-1271 via org.springframework:spring-core (>=5.0.0.RELEASE <=5.0.4.RELEASE)
org.springframework:spring-core MAVEN version =5.0.0.RELEASE, =Finchley.SR2.SR1, =Finchley.SR4, =Finchley.SR2.SR1, =Finchley.SR2.SR1, =Finchley.SR4, =0.0.1, =0.0.2, =2.0.3.RELEASE, =2.0.3.RELEASE, =2.0.3.RELEASE, =2.0.3.RELEASE, =2.0.2.RELEASE, =2.0.2.RELEASE, =2.0.3.RELEASE, =2.0.7.RELEASE and...
ai.dev-tools:ai-devtools (>=0.1.12 <=0.1.20), ai.idylnlp:idylnlp-models-deeplearning (>=1.0.0 <=1.1.0) +1037 more potentially affected by CVE-2018-1258 via org.springframework:spring-core (=5.0.5.RELEASE)
org.springframework:spring-core MAVEN version =5.0.5.RELEASE is affected by a known vulnerability. The following packages have a transitive dependency on org.springframework:spring-core and may be impacted: - ai.dev-tools:ai-devtools =0.1.12, =1.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.3.RELEASE,...
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +21320 more potentially affected by CVE-2018-1257 via org.springframework:spring-core (>=1.2 <=4.3.16.RELEASE)
org.springframework:spring-core MAVEN version =1.2, =1.1, =1.3, =0.0.1, =0.1.6, =0.1.6, =0.1.4-SB1X, =0.1.0, =4.2.1, =4.4.1, =0.1.0, =1.0, =5.0.9, =5.1.0 and more Source cves: CVE-2018-1257 Source advisory: OSV:GHSA-RCPF-VJ53-7H2M...
ai.foremast.metrics:foremast-spring-4x-k8s-metrics (>=0.1.6 <=0.2.0), am.ik.blog:blog-domain (>=4.2.1 <=4.3.6) +5997 more potentially affected by CVE-2018-11040 via org.springframework:spring-core (>=4.3.0.RELEASE <=4.3.17.RELEASE)
org.springframework:spring-core MAVEN version =4.3.0.RELEASE, =0.1.6, =4.2.1, =4.4.1, =1.0.0.RELEASE, =1.0.0, =1.0.2, =1.6, =1.6, =1.6, =1.0.10, =0.6.0, =0.6.0, =0.2.13, =0.2.28 and more Source cves: CVE-2018-11040 Source advisory: OSV:GHSA-F26X-PR96-VW86...
ai.dev-tools:ai-devtools (>=0.1.12 <=0.1.20), ai.idylnlp:idylnlp-models-deeplearning (>=1.0.0 <=1.1.0) +4451 more potentially affected by CVE-2018-11040 via org.springframework:spring-core (>=5.0.0.RELEASE <=5.0.6.RELEASE)
org.springframework:spring-core MAVEN version =5.0.0.RELEASE, =0.1.12, =1.0.0, =Finchley.SR2.SR1, =Finchley.SR4, =Finchley.SR2.SR1, =Finchley.SR2.SR1, =Finchley.SR4, =0.0.1, =0.0.2, =2.0.3.RELEASE, =2.0.3.RELEASE, =2.0.3.RELEASE, =2.0.3.RELEASE, =2.0.9.RELEASE and more Source cves: CVE-2018-11040...