7 matches found
CVE-2026-41842 Spring Framework Denial of Service via Versioned Resources in Spring MVC and WebFlux
Spring MVC and WebFlux applications are vulnerable to Denial of Service DoS attacks when resolving static resources. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0 through 6.1.27; 5.3.0 through 5.3.48...
CVE-2026-41842 Spring Framework Denial of Service via Versioned Resources in Spring MVC and WebFlux
Spring MVC and WebFlux applications are vulnerable to Denial of Service DoS attacks when resolving static resources. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0 through 6.1.27; 5.3.0 through 5.3.48...
CVE-2026-41842
The CVE-2026-41842 entry affects Spring Framework in Spring MVC and WebFlux, reporting a Denial of Service (DoS) when resolving static resources. Affected versions are Spring Framework 7.0.0–7.0.7; 6.2.0–6.2.18; 6.1.0–6.1.27; 5.3.0–5.3.48. The description in both records states the DoS vulnerabil...
Allocation of Resources Without Limits or Throttling
Overview org.springframework:spring-webmvc is a package that provides Model-View-Controller MVC architecture and ready components that can be used to develop flexible and loosely coupled web applications. Affected versions of this package are vulnerable to Allocation of Resources Without Limits o...
Directory Traversal
Overview org.springframework:spring-webflux is a Spring Framework module that contains support for reactive HTTP and WebSocket clients as well as for reactive server web applications including REST, HTML browser, and WebSocket style interactions. Affected versions of this package are vulnerable t...
Allocation of Resources Without Limits or Throttling
Overview org.springframework:spring-webflux is a Spring Framework module that contains support for reactive HTTP and WebSocket clients as well as for reactive server web applications including REST, HTML browser, and WebSocket style interactions. Affected versions of this package are vulnerable t...
CVE-2026-41842: Spring Framework Denial of Service via Versioned Resources in Spring MVC and WebFlux
Spring MVC and WebFlux applications are vulnerable to Denial of Service DoS attacks when resolving static resources. More precisely, an application can be vulnerable when all the following are true: When all the conditions above are met, an attacker can send malicious requests that are slow to...