Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.springframework.boot/spring-boot@4.0.6
purl pkg:maven/org.springframework.boot/spring-boot@4.0.6
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-nt71-r2ww-7yen Spring Boot: Spring Boot: Arbitrary Code Execution and Session Hijacking via predictable temporary directory CVE-2026-40973
GHSA-wwpq-f5c3-7hvx
VCID-u2ba-3q7e-97bm Spring Boot: Spring Boot: Security bypass due to ineffective default web security CVE-2026-40976
GHSA-8v8j-3hxp-93wr

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-07T20:54:18.859648+00:00 GHSA Importer Fixing VCID-nt71-r2ww-7yen https://github.com/advisories/GHSA-wwpq-f5c3-7hvx 38.6.0
2026-06-07T20:54:18.034530+00:00 GHSA Importer Fixing VCID-u2ba-3q7e-97bm https://github.com/advisories/GHSA-8v8j-3hxp-93wr 38.6.0
2026-06-06T08:18:31.754397+00:00 GitLab Importer Fixing VCID-nt71-r2ww-7yen https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.boot/spring-boot/CVE-2026-40973.yml 38.6.0
2026-06-06T08:18:23.539955+00:00 GitLab Importer Fixing VCID-u2ba-3q7e-97bm https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.boot/spring-boot/CVE-2026-40976.yml 38.6.0
2026-06-04T16:51:41.508116+00:00 GithubOSV Importer Fixing VCID-u2ba-3q7e-97bm https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/04/GHSA-8v8j-3hxp-93wr/GHSA-8v8j-3hxp-93wr.json 38.6.0
2026-06-04T16:51:36.898070+00:00 GithubOSV Importer Fixing VCID-nt71-r2ww-7yen https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/04/GHSA-wwpq-f5c3-7hvx/GHSA-wwpq-f5c3-7hvx.json 38.6.0