6 matches found
africa.absa:inception-application (>=1.1.0 <=1.2.0), africa.absa:inception-test (>=1.1.0 <=1.2.0) +2768 more potentially affected by CVE-2026-22745 via org.springframework:spring-webflux (>=5.0.0.RELEASE <=5.3.4)
org.springframework:spring-webflux MAVEN version =5.0.0.RELEASE, =1.1.0, =1.1.0, =0.5.0, =0.5.0, =0.5.0, =j8.2.2.0, =0.0.1, =v0.3.12, =v0.3.10, =v0.3.12, =2.1.2.RELEASE, =4.1.36, =4.1.7, =4.7.1 - br.com.m4rc310:br-com-m4rc310-graphql =1.0.1 - br.com.m4rc310:br-com-m4rc310-libs =1.0.1 and more...
ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:arc-graphql-spring-boot-starter (>=0.1.1 <=0.120.0) +2906 more potentially affected by CVE-2026-22737 via org.springframework:spring-webflux (>=6.0.0 <=6.2.16)
org.springframework:spring-webflux MAVEN version =6.0.0, =0.2.0, =0.1.1, =0.1.1, =0.0.4, =0.1.0, =0.6.0, =0.6.0, =1.0.0, =1.0.0, =0.2.2, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.6 and more Source cves: CVE-2026-22737 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORK-15701844...
Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in spring-webflux-5.3.27.jar
Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of spring-webflux-5.3.27.jar Vulnerability Details CVEID:CVE-2024-38816 DESCRIPTION: Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks...
PT-2024-7497
Name of the Vulnerable Software and Affected Versions: Spring WebFlux affected versions not specified Description: The issue is caused by weaknesses in the authorization procedure of the Spring Framework's WebMvc.fn and WebFlux.fn functional web frameworks. This can allow a remote attacker to...
ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:arc-graphql-spring-boot-starter (>=0.1.1 <=0.112.0) +748 more potentially affected by CVE-2024-38816 via org.springframework:spring-webflux (>=6.1.0 <=6.1.12)
org.springframework:spring-webflux MAVEN version =6.1.0, =0.2.0, =0.1.1, =0.1.1, =0.0.4, =0.1.0, =0.6.0, =0.6.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =3.3.1, =1.0.0, =1.0.9 and more Source cves: CVE-2024-38816 Source advisory: OSV:GHSA-CX7F-G6MP-7HQM...
africa.absa:inception-application (>=1.1.0 <=1.2.0), africa.absa:inception-test (>=1.1.0 <=1.2.0) +1988 more potentially affected by CVE-2024-38816 via org.springframework:spring-webflux (>=5.3.0 <=5.3.39)
org.springframework:spring-webflux MAVEN version =5.3.0, =1.1.0, =1.1.0, =j11.2.6.0, =v0.3.12, =v0.3.12, =v0.3.12, =4.1.36, =4.1.36, =1.7, =1.0, =1.0.0, =1.0.1, =1.0.6 and more Source cves: CVE-2024-38816 Source advisory: OSV:GHSA-CX7F-G6MP-7HQM...