VulnerableCode Package Details - pkg:maven/org.springframework/spring-web@4.0.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/org.springframework/spring-web@4.0.0

Essentials
History (1)

purl	pkg:maven/org.springframework/spring-web@4.0.0
Tags	Ghost

Next non-vulnerable version	6.1.12
Latest non-vulnerable version	6.2.8
Risk	3.1

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-2nff-p7we-tuax Aliases: CVE-2015-3192 GHSA-6v7w-535j-rq5m	Pivotal Spring Framework before 3.2.14 and 4.x before 4.1.7 do not properly process inline DTD declarations when DTD is not entirely disabled, which allows remote attackers to cause a denial of service (memory consumption and out-of-memory errors) via a crafted XML file.	4.1.7 Affected by 0 other vulnerabilities. 4.1.7.RELEASE Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 5.0.0.RC3 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-2nff-p7we-tuax
Aliases:
CVE-2015-3192
GHSA-6v7w-535j-rq5m

Pivotal Spring Framework before 3.2.14 and 4.x before 4.1.7 do not properly process inline DTD declarations when DTD is not entirely disabled, which allows remote attackers to cause a denial of service (memory consumption and out-of-memory errors) via a crafted XML file.

4.1.7
Affected by 0 other vulnerabilities.

4.1.7.RELEASE
Affected by 5 other vulnerabilities.

5.0.0.RC3
Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T15:56:59.446574+00:00	GHSA Importer	Affected by	VCID-2nff-p7we-tuax	https://github.com/advisories/GHSA-6v7w-535j-rq5m	38.0.0