Lucene search
K

10 matches found

Vulnrichment
Vulnrichment
added 2026/06/09 3:51 a.m.7 views

CVE-2026-41851 Spring Framework Denial of Service via Unbounded Cache in SpEL

Applications which accept user-supplied Spring Expression Language SpEL expressions may be vulnerable to a Denial of Service DoS attack if the evaluation of a SpEL expression triggers unbounded cache growth. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0...

5.3CVSS5.4AI score0.0036EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.13 views

PT-2026-47662

Name of the Vulnerable Software and Affected Versions Spring Framework versions 7.0.0 through 7.0.7 Spring Framework versions 6.2.0 through 6.2.18 Spring Framework versions 6.1.0 through 6.1.27 Spring Framework versions 5.3.0 through 5.3.48 Description Applications that accept user-supplied Sprin...

7.5CVSS5.8AI score0.0036EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-2544

Malicious code in bioql PyPI...

4.3CVSS7.2AI score0.00536EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2024-38808

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Spring Framework versions 5.3.0 - 5.3.38 and older unsupported versions, it is possible for a user to provide a specially crafted Spring Expression Language...

4.3CVSS6.8AI score0.00536EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/11/05 12:8 p.m.5 views

spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression

A flaw was found in the Spring framework package. A maliciously crafted Spring Expression Language SePL may trigger uncontrolled CPU usage, leading to a denial of service in the application consuming it. To be considered vulnerable, one application has to evaluate user-supplied SpEL expressions...

4.3CVSS7.2AI score0.00536EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/11/05 12:7 p.m.9 views

spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression

A flaw was found in the Spring framework package. A maliciously crafted Spring Expression Language SePL may trigger uncontrolled CPU usage, leading to a denial of service in the application consuming it. To be considered vulnerable, one application has to evaluate user-supplied SpEL expressions...

4.3CVSS7.2AI score0.00536EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/11/05 11:47 a.m.6 views

spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression

A flaw was found in the Spring framework package. A maliciously crafted Spring Expression Language SePL may trigger uncontrolled CPU usage, leading to a denial of service in the application consuming it. To be considered vulnerable, one application has to evaluate user-supplied SpEL expressions...

4.3CVSS7.2AI score0.00536EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/11/05 11:25 a.m.5 views

spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression

A flaw was found in the Spring framework package. A maliciously crafted Spring Expression Language SePL may trigger uncontrolled CPU usage, leading to a denial of service in the application consuming it. To be considered vulnerable, one application has to evaluate user-supplied SpEL expressions...

4.3CVSS7.2AI score0.00536EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/09 5:17 p.m.6 views

spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression

A flaw was found in the Spring framework package. A maliciously crafted Spring Expression Language SePL may trigger uncontrolled CPU usage, leading to a denial of service in the application consuming it. To be considered vulnerable, one application has to evaluate user-supplied SpEL expressions...

4.3CVSS7.2AI score0.00536EPSS
Exploits0References5
OSV
OSV
added 2024/08/20 8:15 a.m.2 views

UBUNTU-CVE-2024-38808

In Spring Framework versions 5.3.0 - 5.3.38 and older unsupported versions, it is possible for a user to provide a specially crafted Spring Expression Language SpEL expression that may cause a denial of service DoS condition. Specifically, an application is vulnerable when the following is true:...

4.3CVSS7.1AI score0.00536EPSS
Exploits0References3
Rows per page
Query Builder