Browse Security Advisories
High Security Advisories for https://github.com/spring-projects/spring-framework from github Clear Filters
High
10 months ago
Spring Framework annotation detection mechanism may result in improper authorization
maven
org.springframework:spring-core
High
over 1 year ago
Spring Framework Path Traversal vulnerability
maven
org.springframework:spring-webmvc, org.springframework:spring-webflux
High
almost 2 years ago
Path traversal vulnerability in functional web frameworks
maven
org.springframework:spring-webflux, org.springframework:spring-webmvc
High
about 2 years ago
Spring Framework URL Parsing with Host Validation
maven
org.springframework:spring-web
High
over 2 years ago
Spring Framework URL Parsing with Host Validation Vulnerability
maven
org.springframework:spring-web
High
over 2 years ago
Spring Web vulnerable to Open Redirect or Server Side Request Forgery
maven
org.springframework:spring-web
High
over 2 years ago
Spring Framework vulnerable to denial of service
maven
org.springframework:spring-webmvc
High
about 3 years ago
Spring Framework vulnerable to denial of service
maven
org.springframework:spring-expression
High
over 3 years ago
TERASOLUNA Server Framework vulnerable to ClassLoader manipulation
maven
org.terasoluna.gfw:terasoluna-gfw-common
High
about 4 years ago
Improper Privilege Management in Spring Framework
maven
org.springframework:spring-web
High
about 4 years ago
Improper Neutralization of Directives in Dynamically Evaluated Code in Spring Framework
maven
org.springframework:spring-core
High
about 4 years ago
Improper Restriction of XML External Entity Reference in Spring Framework
maven
org.springframework:spring-webmvc
High
about 4 years ago
Improper handling of case sensitivity in Spring Framework
maven
org.springframework:spring-context
High
over 6 years ago
RFD attack via Content-Disposition header sourced from request input by Spring MVC or Spring WebFlux Application
maven
org.springframework:spring-webflux, org.springframework:spring-webmvc
High
over 7 years ago
Files or Directories Accessible to External Parties in org.springframework:spring-core
maven
org.springframework:spring-core
High
over 7 years ago
Possible privilege escalation in org.springframework:spring-core
maven
org.springframework:spring-core
High
over 7 years ago
Spring Framework when used in combination with any versions of Spring Security contains an authorization bypass
maven
org.springframework:spring-core
High
over 7 years ago
Pivotal Spring Framework Paths provided to the ResourceServlet were not properly sanitized
maven
org.springframework:spring-webmvc
Filter by Severity
Filter by Source
Filter by Ecosystem
npm
2,717
maven
2,589
pypi
2,383
packagist
1,861
go
1,735
nuget
1,338
cargo
541
rubygems
364
hex
39
actions
23
swift
22
pub
6
Filter by Package
Microsoft.ChakraCore
234
openclaw
217
tensorflow
122
tensorflow-cpu
109
tensorflow-gpu
108
magento/community-edition
104
moodle/moodle
68
org.jenkins-ci.main:jenkins-core
61
open-webui
58
wwbn/avideo
56
parse-server
49
flowise
49
com.fasterxml.jackson.core:jackson-databind
45
Django
43
mlflow
42
magento/project-community-edition
41
org.apache.tomcat:tomcat
40
dolibarr/dolibarr
38
pimcore/pimcore
38
apache-airflow
37
github.com/rancher/rancher
36
librenms/librenms
36
drupal/core
32
thorsten/phpmyfaq
32
n8n
32
getgrav/grav
32
typo3/cms-core
31
typo3/cms
31
craftcms/cms
31
gogs.io/gogs
31
salt
31
phpmyadmin/phpmyadmin
28
microweber/microweber
27
Plone
27
praisonai
26
nokogiri
26
org.keycloak:keycloak-services
26
org.apache.tomcat.embed:tomcat-embed-core
26
Magick.NET-Q8-AnyCPU
25
Magick.NET-Q16-AnyCPU
25
Magick.NET-Q8-x86
25
Magick.NET-Q16-HDRI-x86
25
com.liferay.portal:release.portal.bom
25
Magick.NET-Q16-HDRI-AnyCPU
25
Magick.NET-Q16-x86
25
symfony/symfony
25
drupal/drupal
25
org.apache.struts:struts2-core
25
github.com/mattermost/mattermost-server
24
ansible
24
Magick.NET-Q16-HDRI-OpenMP-arm64
23
Magick.NET-Q16-x64
23
Magick.NET-Q8-OpenMP-arm64
23
github.com/hashicorp/vault
23
Magick.NET-Q16-HDRI-x64
23
Magick.NET-Q16-arm64
23
Magick.NET-Q8-arm64
23
Magick.NET-Q16-HDRI-arm64
23
opencv-contrib-python
23
opencv-python
23
github.com/siyuan-note/siyuan/kernel
22
Magick.NET-Q8-OpenMP-x64
22
next
22
Magick.NET-Q16-OpenMP-arm64
22
Magick.NET-Q16-OpenMP-x64
22
com.thoughtworks.xstream:xstream
22
@anthropic-ai/claude-code
21
pillow
21
django
21
matrix-synapse
21
com.jfinal:jfinal
21
github.com/traefik/traefik/v2
21
Magick.NET-Q8-x64
20
pocketmine/pocketmine-mp
20
github.com/zitadel/zitadel
20
Microsoft.AspNetCore.App.Runtime.win-x64
20
io.undertow:undertow-core
19
com.liferay.portal:release.dxp.bom
19
gradio
19
org.jenkins-ci.plugins:script-security
19
github.com/filebrowser/filebrowser/v2
19
froxlor/froxlor
19
Pillow
18
rdiffweb
18
rack
18
keystone
18
pyload-ng
18
Microsoft.AspNetCore.App.Runtime.win-arm
17
mantisbt/mantisbt
17
Microsoft.AspNetCore.App.Runtime.win-x86
17
getkirby/cms
17
github.com/grafana/grafana
17
Magick.NET-Q16-HDRI-OpenMP-x64
17
directus
17
shopware/platform
17
electron
17
github.com/traefik/traefik/v3
17
axios
17
deno
17
shopware/core
16
github.com/nats-io/nats-server/v2
16
PraisonAI
16
surrealdb
16
org.xwiki.platform:xwiki-platform-oldcore
16
Microsoft.AspNetCore.App.Runtime.win-arm64
16
picklescan
16
vllm
16
openssl-src
16
github.com/usememos/memos
16
litellm
16
Microsoft.AspNetCore.App.Runtime.linux-x64
16
github.com/kyverno/kyverno
15
Microsoft.AspNetCore.App.Runtime.linux-arm
15
Microsoft.AspNetCore.App.Runtime.linux-musl-arm64
15
Microsoft.AspNetCore.App.Runtime.linux-arm64
15
baserproject/basercms
15
praisonaiagents
15
org.apache.solr:solr-core
15
openbabel
15
github.com/mattermost/mattermost/server/v8
15
apache-superset
15
org.apache.tomcat:tomcat-catalina
15
github.com/hashicorp/consul
15
nilsteampassnet/teampass
15
Microsoft.AspNetCore.App.Runtime.linux-musl-x64
14
pnpm
14
vyper
14
concrete5/concrete5
14
@budibase/server
14
net.mingsoft:ms-mcms
14
Microsoft.AspNetCore.App.Runtime.osx-x64
14
devcode-it/openstamanager
14
centreon/centreon
14
org.apache.openmeetings:openmeetings-parent
14
mautic/core
14
phpmyfaq/phpmyfaq
14
snipe/snipe-it
14
statamic/cms
14
org.keycloak:keycloak-core
14
phpoffice/phpspreadsheet
14
mindsdb
14
langflow
13
Microsoft.NetCore.App.Runtime.win-arm
13
github.com/gotenberg/gotenberg/v8
13
github.com/hashicorp/nomad
13
Microsoft.NetCore.App.Runtime.win-x86
13
pgadmin4
13
cockpit-hq/cockpit
13
rubygems-update
13
tar
13
Microsoft.NetCore.App.Runtime.win-x64
13
golang.org/x/net
13
Microsoft.NetCore.App.Runtime.win-arm64
13
silverstripe/framework
12
github.com/argoproj/argo-cd/v2
12
openmage/magento-lts
12
code.gitea.io/gitea
12
github.com/argoproj/argo-cd
12
github.com/ethereum/go-ethereum
12
activerecord
12
praisonai-platform
12
laravel/framework
11
org.keycloak:keycloak-parent
11
github.com/zitadel/zitadel/v2
11
Magick.NET-Q16-OpenMP-x86
11
composer/composer
11
github.com/ollama/ollama
11
actionpack
11
Microsoft.AspNetCore.App.Runtime.linux-musl-arm
11
org.springframework.security:spring-security-core
11
Microsoft.NetCore.App.Runtime.linux-arm
11
intelliants/subrion
11
Microsoft.NetCore.App.Runtime.linux-arm64
11
org.apache.tomcat:tomcat-coyote
11
github.com/docker/docker
10
DotNetNuke.Core
10
yeswiki/yeswiki
10
apollo-router
10
handlebars
10
Glances
10
k8s.io/kubernetes
10
fuxa-server
10
oj
10
lollms
10
@haxtheweb/haxcms-nodejs
10
Microsoft.NetCore.App.Runtime.linux-musl-arm
10
nltk
10
fickling
10
github.com/coredns/coredns
10
github.com/traefik/traefik
10
k8s.io/ingress-nginx
10
admidio/admidio
10
funadmin/funadmin
10
cryptography
10
org.bouncycastle:bcprov-jdk14
10
nova
10
github.com/minio/minio
10
Microsoft.NetCore.App.Runtime.linux-musl-arm64
10
Microsoft.NetCore.App.Runtime.linux-musl-x64
10
neutron
9
Filter by Repository
https://github.com/chakra-core/ChakraCore
204
https://github.com/tensorflow/tensorflow
122
https://github.com/xwiki/xwiki-platform
64
https://github.com/django/django
52
https://github.com/FasterXML/jackson-databind
44
https://github.com/jenkinsci/jenkins
43
https://github.com/apache/tomcat
42
https://github.com/apache/airflow
39
https://github.com/python-pillow/Pillow
35
https://github.com/moodle/moodle
34
https://github.com/keycloak/keycloak
32
https://github.com/pimcore/pimcore
28
https://github.com/librenms/librenms
28
https://github.com/dotnet/runtime
28
https://github.com/rancher/rancher
27
https://github.com/opencv/opencv
25
https://github.com/microweber/microweber
25
https://github.com/symfony/symfony
23
https://github.com/x-stream/xstream
22
https://github.com/Dolibarr/dolibarr
21
https://github.com/sparklemotion/nokogiri
20
https://github.com/apache/struts
20
https://github.com/ansible/ansible
19
https://github.com/spring-projects/spring-framework
19
https://github.com/TYPO3/typo3
18
https://github.com/pmmp/PocketMine-MP
18
https://github.com/thorsten/phpmyfaq
18
https://github.com/zitadel/zitadel
18
https://github.com/parse-community/parse-server
17
https://github.com/ikus060/rdiffweb
17
https://github.com/mlflow/mlflow
16
https://github.com/gradio-app/gradio
16
https://github.com/plone/Products.CMFPlone
16
https://github.com/getgrav/grav
15
https://github.com/kubernetes/kubernetes
15
https://github.com/rails/rails
15
https://github.com/github/advisory-database
15
https://github.com/apache/inlong
15
https://github.com/jenkinsci/script-security-plugin
14
https://github.com/usememos/memos
14
https://github.com/vyperlang/vyper
14
https://github.com/argoproj/argo-cd
14
https://github.com/grafana/grafana
14
https://github.com/openstack/keystone
14
https://github.com/liferay/liferay-portal
13
https://github.com/saltstack/salt
13
https://github.com/mautic/mautic
13
https://github.com/mindsdb/mindsdb
13
https://github.com/matrix-org/synapse
13
https://github.com/undertow-io/undertow
13
https://github.com/directus/directus
12
https://github.com/PHPOffice/PhpSpreadsheet
12
https://github.com/electron/electron
12
https://github.com/hashicorp/consul
12
https://github.com/denoland/deno
12
https://github.com/strapi/strapi
11
https://github.com/silverstripe/silverstripe-framework
11
https://github.com/run-llama/llama_index
11
https://github.com/apache/nifi
11
https://github.com/hashicorp/vault
11
https://github.com/dotnet/aspnetcore
11
https://github.com/rack/rack
10
https://github.com/octobercms/october
10
https://github.com/FlowiseAI/Flowise
10
https://github.com/go-gitea/gitea
10
https://github.com/centreon/centreon
10
https://github.com/netty/netty
10
https://github.com/surrealdb/surrealdb
10
https://github.com/funadmin/funadmin
10
https://github.com/golang/go
10
https://github.com/OpenMage/magento-lts
10
https://github.com/apache/camel
9
https://github.com/cui2shark/cms
9
https://github.com/cloudfoundry/uaa
9
https://github.com/openstack/nova
9
https://github.com/spring-projects/spring-security
9
https://github.com/laravel/framework
9
https://github.com/traefik/traefik
9
https://github.com/vercel/next.js
9
https://github.com/nilsteampassnet/teampass
9
https://github.com/rusqlite/rusqlite
9
https://github.com/nervosnetwork/ckb
9
https://github.com/apollographql/router
9
https://github.com/anthropics/claude-code
9
https://github.com/apache/cxf
9
https://github.com/h2oai/h2o-3
9
https://github.com/pyload/pyload
9
https://github.com/geoserver/geoserver
9
https://github.com/opencontainers/runc
9
https://github.com/snipe/snipe-it
9
https://github.com/bcgit/bc-java
8
https://github.com/phpmyadmin/phpmyadmin
8
https://github.com/craftcms/cms
8
https://github.com/OPCFoundation/UA-.NETStandard
8
https://github.com/apache/kylin
8
https://github.com/nats-io/nats-server
8
https://github.com/PaddlePaddle/Paddle
8
https://github.com/gogs/gogs
8
https://github.com/shopware/platform
8
https://github.com/OpenRefine/OpenRefine
8
https://github.com/vllm-project/vllm
8
https://github.com/pyca/cryptography
8
https://github.com/cockpit-hq/cockpit
8
https://github.com/dnnsoftware/Dnn.Platform
8
https://github.com/backstage/backstage
8
https://github.com/TYPO3/TYPO3.CMS
8
https://github.com/open-webui/open-webui
8
https://github.com/MobSF/Mobile-Security-Framework-MobSF
7
https://github.com/shopware/shopware
7
https://github.com/xuxueli/xxl-job
7
https://github.com/mantisbt/mantisbt
7
https://github.com/contao/contao
7
https://github.com/YesWiki/yeswiki
7
https://github.com/rubygems/rubygems
7
https://github.com/composer/composer
7
https://github.com/DSpace/DSpace
7
https://github.com/eclipse/jetty.project
7
https://github.com/faucetsdn/ryu
7
https://github.com/parisneo/lollms
7
https://github.com/smarty-php/smarty
7
https://github.com/cobbler/cobbler
7
https://github.com/apache/activemq
7
https://github.com/filebrowser/filebrowser
7
https://github.com/magento/magento2
7
https://github.com/mattermost/mattermost
7
https://github.com/PHPMailer/PHPMailer
7
https://github.com/cosmos/cosmos-sdk
6
https://github.com/quarkusio/quarkus
6
https://github.com/aubio/aubio
6
https://github.com/DrunkenShells/Disclosures
6
https://github.com/langchain-ai/langchain
6
https://github.com/containers/podman
6
https://github.com/nautobot/nautobot
6
https://github.com/guzzle/guzzle
6
https://github.com/getsentry/sentry
6
https://github.com/gravitl/netmaker
6
https://github.com/npm/node-tar
6
https://github.com/froxlor/froxlor
6
https://github.com/CVEProject/cvelist
6
https://github.com/intelliants/subrion
6
https://github.com/getkirby/kirby
6
https://github.com/kyverno/kyverno
6
https://github.com/cilium/cilium
6
https://github.com/OpenZeppelin/openzeppelin-contracts
6
https://github.com/cefsharp/CefSharp
6
https://github.com/dromara/hutool
6
https://github.com/goharbor/harbor
6
https://github.com/protocolbuffers/protobuf
6
https://github.com/WWBN/AVideo
6
https://github.com/minio/minio
6
https://github.com/opencast/opencast
6
https://github.com/hyperledger/fabric
6
https://github.com/sequelize/sequelize
6
https://github.com/nilsteampassnet/TeamPass
6
https://github.com/TYPO3-CMS/core
6
https://github.com/ethyca/fides
6
https://github.com/haxtheweb/issues
6
https://github.com/bodil/sized-chunks
6
https://github.com/ImageMagick/ImageMagick
6
https://github.com/istio/istio
6
https://github.com/pgadmin-org/pgadmin4
6
https://github.com/drupal/core
6
https://github.com/matrix-org/matrix-js-sdk
6
https://github.com/OpenNMS/opennms
6
https://github.com/kiwitcms/Kiwi
6
https://github.com/Graylog2/graylog2-server
6
https://github.com/RaspAP/raspap-webgui
6
https://github.com/beego/beego
5
https://github.com/cloudflare/cfrpki
5
https://github.com/ethereum/go-ethereum
5
https://github.com/PrestaShop/PrestaShop
5
https://github.com/apache/hadoop
5
https://sourceforge.net/projects/phpmyadmin.sourceforge.net
5
https://github.com/element-hq/synapse
5
https://github.com/IBAX-io/go-ibax
5
https://github.com/forkcms/forkcms
5
https://github.com/BlackFan/client-side-prototype-pollution
5
https://github.com/vantage6/vantage6
5
https://github.com/zopefoundation/Zope
5
https://github.com/apache/geode
5
https://github.com/codeigniter4/CodeIgniter4
5
https://github.com/n8n-io/n8n
5
https://github.com/answerdev/answer
5
https://github.com/hashicorp/go-getter
5
https://github.com/pear/Archive_Tar
5
https://github.com/statamic/cms
5
https://github.com/zendframework/zendframework
5
https://github.com/docker/docker
5
https://github.com/yiisoft/yii2
5
https://github.com/thorsten/phpMyFAQ
5
https://github.com/sebhildebrandt/systeminformation
5
https://github.com/opencart/opencart
5
https://github.com/hpcng/singularity
5
https://github.com/faisalman/ua-parser-js
5
https://github.com/bolt/bolt
5
https://github.com/cri-o/cri-o
5
https://github.com/cometbft/cometbft
5
https://github.com/openstack/neutron
5
https://github.com/HumanSignal/label-studio
5