Security Advisories for org.springframework:spring-core in maven
High
6 months ago
Spring Framework annotation detection mechanism may result in improper authorization
maven
org.springframework:spring-core
Potential
Moderate
9 months ago
Spring Framework vulnerable to a reflected file download (RFD)
maven
org.springframework:spring-web
Potential
Low
10 months ago
Spring Framework DataBinder Case Sensitive Match Exception
maven
org.springframework:spring-context
Potential
High
about 1 year ago
Spring Framework Path Traversal vulnerability
maven
org.springframework:spring-webmvc, org.springframework:spring-webflux
Potential
Moderate
over 1 year ago
Spring Framework has Authorization Bypass for Case Sensitive Comparisons
maven
org.springframework.security:spring-security-core
Potential
Moderate
over 1 year ago
Spring Framework DataBinder Case Sensitive Match Exception
maven
org.springframework:spring-web, org.springframework:spring-context
Potential
Moderate
over 1 year ago
Spring Framework DoS via conditional HTTP request
maven
org.springframework:spring-web
Potential
High
over 1 year ago
Path traversal vulnerability in functional web frameworks
maven
org.springframework:spring-webflux, org.springframework:spring-webmvc
Potential
Moderate
over 1 year ago
Spring Framework vulnerable to Denial of Service
maven
org.springframework:spring-expression
Potential
High
almost 2 years ago
Spring Framework URL Parsing with Host Validation
maven
org.springframework:spring-web
Potential
High
almost 2 years ago
Spring Framework URL Parsing with Host Validation Vulnerability
maven
org.springframework:spring-web
Potential
High
about 2 years ago
Spring Web vulnerable to Open Redirect or Server Side Request Forgery
maven
org.springframework:spring-web
High
about 2 years ago
Spring Framework server Web DoS Vulnerability
maven
org.springframework:spring-core
Potential
High
over 2 years ago
Spring Framework vulnerable to denial of service
maven
org.springframework:spring-webmvc
Potential
High
almost 3 years ago
Spring Framework vulnerable to denial of service
maven
org.springframework:spring-expression
Likely fork
Critical
almost 3 years ago
Spring Framework is vulnerable to security bypass via mvcRequestMatcher pattern mismatch
maven
org.springframework:spring
Potential
Moderate
almost 3 years ago
Spring Framework vulnerable to denial of service via specially crafted SpEL expression
maven
org.springframework:spring-expression
Potential
High
over 3 years ago
TERASOLUNA Server Framework vulnerable to ClassLoader manipulation
maven
org.terasoluna.gfw:terasoluna-gfw-common
Moderate
almost 4 years ago
Improper Output Neutralization for Logs in Spring Framework
maven
org.springframework:spring, org.springframework:spring-core
Potential
High
almost 4 years ago
Improper Privilege Management in Spring Framework
maven
org.springframework:spring-web
Potential
Critical
almost 4 years ago
Pivotal Spring Framework contains unsafe Java deserialization methods
maven
org.springframework:spring-web
Likely fork
Moderate
almost 4 years ago
Improper Control of Generation of Code ('Code Injection') in Spring Framework
maven
org.springframework:spring
High
almost 4 years ago
Improper Neutralization of Directives in Dynamically Evaluated Code in Spring Framework
maven
org.springframework:spring-core
Moderate
almost 4 years ago
Spring Framework and Spring Security vulnerable to Deserialization of Untrusted Data
maven
org.springframework.security:spring-security-core, org.springframework:spring-core
Potential
Moderate
almost 4 years ago
Improper Neutralization of Input During Web Page Generation in Spring Framework
maven
org.springframework:spring-webmvc
Moderate
almost 4 years ago
Improper Limitation of a Pathname to a Restricted Directory in Spring Framework
maven
org.springframework:spring-core
Potential
High
almost 4 years ago
Improper Restriction of XML External Entity Reference in Spring Framework
maven
org.springframework:spring-webmvc
Potential
Moderate
almost 4 years ago
Improper Limitation of a Pathname to a Restricted Directory in Spring Framework
maven
org.springframework:spring-webmvc
Potential
Moderate
almost 4 years ago
Cross-Site Request Forgery in Spring Framework
maven
org.springframework:spring-web
Potential
Moderate
almost 4 years ago
Cross-Site Request Forgery in Spring Framework
maven
org.springframework:spring-webmvc
Potential
Moderate
almost 4 years ago
Missing XML Validation in Spring Framework
maven
org.springframework:spring-oxm
Potential
Moderate
almost 4 years ago
Cross-Site Request Forgery in Spring Framework
maven
org.springframework:spring-oxm
Potential
Moderate
almost 4 years ago
Allocation of Resources Without Limits or Throttling in Spring Framework
maven
org.springframework:spring-messaging
Potential
High
almost 4 years ago
Denial of service in Spring Framework
maven
org.springframework:spring-beans
Potential
Moderate
almost 4 years ago
Improper Neutralization of Input During Web Page Generation in Spring Framework
maven
org.springframework:spring-web
Moderate
almost 4 years ago
Spring Framework Inefficient Regular Expression Complexity
maven
org.springframework:spring-core
Potential
High
almost 4 years ago
Improper handling of case sensitivity in Spring Framework
maven
org.springframework:spring-context
Potential
Moderate
almost 4 years ago
Allocation of Resources Without Limits or Throttling in Spring Framework
maven
org.springframework:spring-expression
Potential
Critical
almost 4 years ago
Remote Code Execution in Spring Framework
maven
org.springframework.boot:spring-boot-starter-webflux, org.springframework:spring-webflux, org.springframework.boot:spring-boot-starter-web, org.springframework:spring-webmvc, org.springframework:spring-beans
Moderate
about 4 years ago
Log entry injection in Spring Framework
maven
org.springframework:spring-core
Potential
Moderate
about 6 years ago
CSRF attack via CORS preflight requests with Spring MVC or Spring WebFlux
maven
org.springframework:spring-webflux, org.springframework:spring-webmvc
Potential
High
about 6 years ago
RFD attack via Content-Disposition header sourced from request input by Spring MVC or Spring WebFlux Application
maven
org.springframework:spring-webflux, org.springframework:spring-webmvc
High
over 7 years ago
Spring Security and Spring Framework may not recognize certain paths that should be protected
maven
org.springframework.security:spring-security-core, org.springframework:spring-core
High
over 7 years ago
Files or Directories Accessible to External Parties in org.springframework:spring-core
maven
org.springframework:spring-core
Potential
Moderate
over 7 years ago
Pivotal Spring Framework DoS Attack with XML Input
maven
org.springframework:spring-web
Moderate
over 7 years ago
Moderate severity vulnerability that affects org.springframework:spring-core
maven
org.springframework:spring-core
Potential
Critical
over 7 years ago
Spring Framework has Improperly Implemented Security Check for Standard
maven
org.springframework:spring-messaging
High
over 7 years ago
Possible privilege escalation in org.springframework:spring-core
maven
org.springframework:spring-core
Moderate
over 7 years ago
Path Traversal in org.springframework:spring-core
maven
org.springframework:spring-core
Potential
Critical
over 7 years ago
Spring Framework allows applications to expose STOMP over WebSocket endpoints
maven
org.springframework:spring-messaging
High
over 7 years ago
Spring Framework when used in combination with any versions of Spring Security contains an authorization bypass
maven
org.springframework:spring-core
Moderate
over 7 years ago
Denial of Service in org.springframework:spring-core
maven
org.springframework:spring-core
Moderate
over 7 years ago
Improper Input Validation in org.springframework.security:spring-security-core, org.springframework.security:spring-security-core , and org.springframework:spring-core
maven
org.springframework.security:spring-security-core, org.springframework:spring-core
Moderate
over 7 years ago
Moderate severity vulnerability that affects org.springframework:spring-core
maven
org.springframework:spring-core
Potential
Moderate
over 7 years ago
Spring Framework Cross Site Tracing (XST)
maven
org.springframework:spring-web
Potential
High
over 7 years ago
Pivotal Spring Framework Paths provided to the ResourceServlet were not properly sanitized
maven
org.springframework:spring-webmvc