Lucene search
K

113 matches found

Snyk
Snyk
added 2026/04/17 12:0 a.m.10 views

HTTP Request Smuggling

Overview org.springframework:spring-webmvc is a package that provides Model-View-Controller MVC architecture and ready components that can be used to develop flexible and loosely coupled web applications. Affected versions of this package are vulnerable to HTTP Request Smuggling via the static...

5.9CVSS5.7AI score0.00236EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/03/20 2:41 a.m.8 views

ai.platon.pulsar:pulsar-e2e-tests (>=4.5.0 <=4.6.0), ai.platon.pulsar:pulsar-it-tests (>=4.5.0 <=4.6.0) +1565 more potentially affected by CVE-2026-22737 via org.springframework:spring-webmvc (>=7.0.0-M1 <=7.0.5)

org.springframework:spring-webmvc MAVEN version =7.0.0-M1, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =2.0.0-beta-1, =0.1.1, =0.2.0, =0.5.0, =0.7.0, =0.5.0, =0.5.0, =0.7.5 and more Source cves: CVE-2026-22737 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORK-15701845...

5.9CVSS6AI score0.00385EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/20 2:41 a.m.11 views

ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:lmos-operator (>=0.0.4 <=0.6.0) +10067 more potentially affected by CVE-2026-22737 via org.springframework:spring-webmvc (>=6.0.0 <=6.2.16)

org.springframework:spring-webmvc MAVEN version =6.0.0, =0.2.0, =0.0.4, =0.5.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.7.5, =0.8.3, =0.7.0, =0.5.0, =0.5.0, =0.8.7 and more Source cves: CVE-2026-22737 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORK-15701845...

5.9CVSS6AI score0.00385EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/20 12:31 a.m.16 views

ai.platon.pulsar:pulsar-e2e-tests (>=4.5.0 <=4.6.0), ai.platon.pulsar:pulsar-it-tests (>=4.5.0 <=4.6.0) +1565 more potentially affected by CVE-2026-22735 via org.springframework:spring-webmvc (>=7.0.0-M1 <=7.0.5)

org.springframework:spring-webmvc MAVEN version =7.0.0-M1, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =2.0.0-beta-1, =0.1.1, =0.2.0, =0.5.0, =0.7.0, =0.5.0, =0.5.0, =0.7.5 and more Source cves: CVE-2026-22735 Source advisory: OSV:GHSA-6HCQ-HMM3-JJ3C...

2.6CVSS5.7AI score0.00112EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/20 12:31 a.m.12 views

ai.ancf.lmos:lmos-operator (>=0.5.0 <=0.6.0), ai.telosforge:kimaira-starter-dms (>=1.2.4 <=1.2.6) +4926 more potentially affected by CVE-2026-22735 via org.springframework:spring-webmvc (>=6.2.0 <=6.2.16)

org.springframework:spring-webmvc MAVEN version =6.2.0, =0.5.0, =1.2.4, =1.2.4, =1.17.0, =0.0.1, =0.1.0, =0.1.0, =0.1.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.8.1 and more Source cves: CVE-2026-22735 Source advisory: OSV:GHSA-6HCQ-HMM3-JJ3C...

2.6CVSS5.7AI score0.00112EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/20 12:31 a.m.13 views

africa.absa:inception-api (>=1.1.0 <=1.2.0), africa.absa:inception-codes-api (>=1.1.0 <=1.2.0) +10651 more potentially affected by CVE-2026-22735 via org.springframework:spring-webmvc (>=5.3.0 <=5.3.39)

org.springframework:spring-webmvc MAVEN version =5.3.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =4.4.0.2, =j11.2.6.0, =j11.2.6.0, =j11.2.6.0, =j11.2.6.2 and more Source cves: CVE-2026-22735 Source advisory: OSV:GHSA-6HCQ-HMM3-JJ3C...

2.6CVSS5.7AI score0.00112EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/20 12:31 a.m.7 views

ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (=0.28.0), ai.ancf.lmos:lmos-operator (>=0.0.4 <=0.4.0) +6480 more potentially affected by CVE-2026-22737 via org.springframework:spring-webmvc (>=6.0.0 <=6.1.21)

org.springframework:spring-webmvc MAVEN version =6.0.0, =0.0.4, =0.5.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.7.5, =0.8.3, =0.7.0, =0.5.0, =0.5.0, =0.5.0, =cloud-0.1, =cloud-0.2.1 and more Source cves: CVE-2026-22737 Source advisory: OSV:GHSA-4773-3JFM-QMX3...

5.9CVSS6AI score0.00385EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/20 12:31 a.m.11 views

ai.ancf.lmos:lmos-operator (>=0.5.0 <=0.6.0), ai.telosforge:kimaira-starter-dms (>=1.2.4 <=1.2.6) +4926 more potentially affected by CVE-2026-22737 via org.springframework:spring-webmvc (>=6.2.0 <=6.2.16)

org.springframework:spring-webmvc MAVEN version =6.2.0, =0.5.0, =1.2.4, =1.2.4, =1.17.0, =0.0.1, =0.1.0, =0.1.0, =0.1.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.8.1 and more Source cves: CVE-2026-22737 Source advisory: OSV:GHSA-4773-3JFM-QMX3...

5.9CVSS6AI score0.00385EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/20 12:31 a.m.8 views

africa.absa:inception-api (>=1.1.0 <=1.2.0), africa.absa:inception-codes-api (>=1.1.0 <=1.2.0) +10651 more potentially affected by CVE-2026-22737 via org.springframework:spring-webmvc (>=5.3.0 <=5.3.39)

org.springframework:spring-webmvc MAVEN version =5.3.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =4.4.0.2, =j11.2.6.0, =j11.2.6.0, =j11.2.6.0, =j11.2.6.2 and more Source cves: CVE-2026-22737 Source advisory: OSV:GHSA-4773-3JFM-QMX3...

5.9CVSS6AI score0.00385EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/20 12:31 a.m.11 views

ai.platon.pulsar:pulsar-e2e-tests (>=4.5.0 <=4.6.0), ai.platon.pulsar:pulsar-it-tests (>=4.5.0 <=4.6.0) +687 more potentially affected by CVE-2026-22731 via org.springframework.boot:spring-boot-starter-actuator (>=4.0.0-M1 <=4.0.3)

org.springframework.boot:spring-boot-starter-actuator MAVEN version =4.0.0-M1, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.0.0.0-M2, =4.0.0.0-M2, =4.0.0.0-M2, =4.0.0.0-M2, =4.0.0.0-M2, =3.1.0, =3.3.0 and more Source cves: CVE-2026-22731 Source advisory: OSV:GHSA-8HFC-FQ58-R658...

8.2CVSS7.2AI score0.00334EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/19 12:0 a.m.6 views

ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:lmos-operator (>=0.0.4 <=0.6.0) +10067 more potentially affected by CVE-2026-22735 via org.springframework:spring-webmvc (>=6.0.0 <=6.2.16)

org.springframework:spring-webmvc MAVEN version =6.0.0, =0.2.0, =0.0.4, =0.5.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.7.5, =0.8.3, =0.7.0, =0.5.0, =0.5.0, =0.8.7 and more Source cves: CVE-2026-22735 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORK-15701756...

2.6CVSS5.7AI score0.00112EPSS
Exploits0
Snyk
Snyk
added 2026/03/19 12:0 a.m.5 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Overview org.springframework:spring-webmvc is a package that provides Model-View-Controller MVC architecture and ready components that can be used to develop flexible and loosely coupled web applications. Affected versions of this package are vulnerable to Improper Neutralization of Special...

2.6CVSS5.8AI score0.00112EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/03/19 12:0 a.m.14 views

acegisecurity:acegi-security (=0.7.0), acegisecurity:acegi-security-cas (=0.7.0) +4 more potentially affected by CVE-2026-22735 via springframework:spring-webmvc (>=1.1.3 <=1.2.1)

springframework:spring-webmvc MAVEN version =1.1.3, =1.0-rc2, =1.0-rc3 Source cves: CVE-2026-22735 Source advisory: SNYK:JAVA-SPRINGFRAMEWORK-15701757...

2.6CVSS5.8AI score0.00112EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/19 12:0 a.m.9 views

ai.platon.pulsar:pulsar-e2e-tests (>=4.5.0 <=4.6.0), ai.platon.pulsar:pulsar-it-tests (>=4.5.0 <=4.6.0) +1553 more potentially affected by CVE-2026-22735 via org.springframework:spring-webmvc (>=7.0.0 <=7.0.5)

org.springframework:spring-webmvc MAVEN version =7.0.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =2.0.0-beta-1, =0.1.1, =0.2.0, =0.5.0, =0.7.0, =0.5.0, =0.5.0, =0.7.5 and more Source cves: CVE-2026-22735 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORK-15701756...

2.6CVSS5.7AI score0.00112EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2018-15756

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide suppor...

7.5CVSS7.4AI score0.09513EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/08/18 9:31 a.m.6 views

ai.ancf.lmos:lmos-operator (>=0.5.0 <=0.6.0), ai.timefold.solver:spring-boot-integration-test (>=1.17.0 <=1.18.0) +2041 more potentially affected by CVE-2025-41242 via org.springframework:spring-webmvc (>=6.2.0 <=6.2.1)

org.springframework:spring-webmvc MAVEN version =6.2.0, =0.5.0, =1.17.0, =0.0.1, =1.1.9, =1.1.9, =1.1.9, =1.1.9, =2.3.0, =2.3.0, =2.3.0, =2.3.1 - ch.ralscha:extdirectspring =2.1.0 - city.hiperium:functions-parent-pom =1.1.0 - cloud.gatekeeperid:gatekeeper-spring-boot-starter =0.1.1 -...

5.9CVSS6.4AI score0.01916EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/08/18 9:31 a.m.7 views

ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (=0.28.0), ai.ancf.lmos:lmos-operator (>=0.0.4 <=0.4.0) +4629 more potentially affected by CVE-2025-41242 via org.springframework:spring-webmvc (>=6.1.0 <=6.1.21)

org.springframework:spring-webmvc MAVEN version =6.1.0, =0.0.4, =0.5.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.7.5, =0.8.3, =0.7.0, =0.5.0, =0.5.0, =0.5.0, =cloud-0.1, =cloud-0.2.1 and more Source cves: CVE-2025-41242 Source advisory: OSV:GHSA-R936-GWX5-V52F...

5.9CVSS6.4AI score0.01916EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/08/18 9:31 a.m.6 views

be.dnsbelgium:rdap-server (>=4.0.0 <=4.0.3), be.personify.iam:personify-api (>=1.5.0.RELEASE <=1.5.2.RELEASE) +2820 more potentially affected by CVE-2025-41242 via org.springframework:spring-webmvc (>=6.0.0 <=6.0.23)

org.springframework:spring-webmvc MAVEN version =6.0.0, =4.0.0, =1.5.0.RELEASE, =1.5.1.RELEASE, =1.5.0.RELEASE, =2.1.0.RELEASE, =3.0.0, =2.10.0, =2.10.0, =2.10.0, =2.10.0, =2.10.0, =3.4.0 and more Source cves: CVE-2025-41242 Source advisory...

5.9CVSS6.4AI score0.01916EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/08/18 9:31 a.m.11 views

africa.absa:inception-api (>=1.1.0 <=1.2.0), africa.absa:inception-codes-api (>=1.1.0 <=1.2.0) +10791 more potentially affected by CVE-2025-41242 via org.springframework:spring-webmvc (>=5.3.0 <=5.3.4)

org.springframework:spring-webmvc MAVEN version =5.3.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =4.4.0.2, =1.4.2, =1.6.6, =1.6.6.1 - ai.platon:distributed-lock-example =1.4.2 and more Source cves: CVE-2025-41242 Source advisory: OSV:GHSA-R936-GWX5-V52F...

5.9CVSS6.4AI score0.01916EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/10 8:59 a.m.8 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in spring-webmvc-5.3.27.jar

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of spring-webmvc-5.3.27.jar Vulnerability Details CVEID:CVE-2024-38828 DESCRIPTION: Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack. CWE:CWE-400: Uncontrolled Resource...

5.3CVSS6.7AI score0.00729EPSS
Exploits0Affected Software1
Rows per page
Query Builder