Search for packages
| purl | pkg:deb/debian/libspring-java@0?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-33up-jmsk-qffx | spring-webflux: Spring MVC and Spring WebFlux: Denial of Service via slow static resource resolution on Windows |
CVE-2026-22745
GHSA-6p4f-wcwh-5vvm |
| VCID-3jwd-72ab-ayf3 | Spring Framework vulnerable to denial of service In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable when all of the following are true: * the application uses Spring MVC or Spring WebFlux * io.micrometer:micrometer-core is on the classpath * an ObservationRegistry is configured in the application to record observations Typically, Spring Boot applications need the org.springframework.boot:spring-boot-actuator dependency to meet all conditions. |
CVE-2023-34053
GHSA-v94h-hvhg-mf9h |
| VCID-6pkk-3mj7-jyag | Cross-Site Request Forgery (CSRF) Spring Framework is vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module) endpoints. |
CVE-2020-5397
GHSA-7pm4-g2qj-j85x |
| VCID-72ga-q9u7-sfav | Improperly Implemented Security Check for Standard Spring Framework allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. |
CVE-2018-1275
GHSA-3rmv-2pg5-xvqj |
| VCID-d66x-bm58-pfgt | Improper Privilege Management Spring Framework WebFlux applications are vulnerable to a privilege escalation. By (re)creating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFlux application, or overwrite arbitrary files with multipart request data. |
CVE-2021-22118
GHSA-gfwj-fwqj-fp3v |
| VCID-envb-buqd-r3dt | Path Traversal Spring Framework allows applications to configure Spring MVC to serve static resources (e.g., CSS, JS, images). When static resources are served from a file system on Windows (as opposed to the classpath, or the `ServletContext`), a malicious user can send a request using a specially crafted URL that can lead a directory traversal attack. |
CVE-2018-1271
GHSA-g8hw-794c-4j9g |
| VCID-h197-qg16-4ug5 | Improper Authentication The `ActiveDirectoryLdapAuthenticator` does not check the password length. If the directory allows anonymous binds then it may incorrectly authenticate a user who supplies an empty password. |
CVE-2014-0097
GHSA-gv9v-c375-hvmg |
| VCID-jeeg-btw1-5yaq | Spring Framework vulnerable to a reflected file download (RFD) In Spring Framework, versions 6.0.x as of 6.0.5, versions 6.1.x and 6.2.x, an application is vulnerable to a reflected file download (RFD) attack when it sets a “Content-Disposition” header with a non-ASCII charset, where the filename attribute is derived from user-supplied input. Specifically, an application is vulnerable when all the following are true: - The header is prepared with `org.springframework.http.ContentDisposition`. - The filename is set via `ContentDisposition.Builder#filename(String, Charset)`. - The value for the filename is derived from user-supplied input. - The application does not sanitize the user-supplied input. - The downloaded content of the response is injected with malicious commands by the attacker (see RFD paper reference for details). An application is not vulnerable if any of the following is true: - The application does not set a “Content-Disposition” response header. - The header is not prepared with `org.springframework.http.ContentDisposition`. - The filename is set via one of: - `ContentDisposition.Builder#filename(String)`, or - `ContentDisposition.Builder#filename(String, ASCII)` - The filename is not derived from user-supplied input. - The filename is derived from user-supplied input but sanitized by the application. - The attacker cannot inject malicious content in the downloaded content of the response. |
CVE-2025-41234
GHSA-6r3c-xf4w-jxjm |
| VCID-qa68-buyg-2bgq | Spring Framework server Web DoS Vulnerability In Spring Framework versions 6.0.15 and 6.1.2, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable when all of the following are true: * the application uses Spring MVC * Spring Security 6.1.6+ or 6.2.1+ is on the classpath Typically, Spring Boot applications need the org.springframework.boot:spring-boot-starter-web and org.springframework.boot:spring-boot-starter-security dependencies to meet all conditions. |
CVE-2024-22233
GHSA-r4q3-7g4q-x89m |
| VCID-tsjn-scdc-fqh3 | Download of Code Without Integrity Check In Spring Framework, an application is vulnerable to a reflected file download (RFD) attack when it sets a `Content-Disposition` header in the response where the filename attribute is derived from user supplied input. |
CVE-2020-5398
GHSA-8wx2-9q48-vm9r |
| VCID-txyw-49ms-n3f4 | Insufficiently random session id in Java SockJS client The Java SockJS client in this package generates predictable session ids, which allows remote attackers to send messages to other sessions via unspecified vectors. |
CVE-2015-0201
GHSA-45vg-2v73-vm62 |