Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.springframework/spring-webmvc@5.3.25
purl pkg:maven/org.springframework/spring-webmvc@5.3.25
Next non-vulnerable version 6.0.14
Latest non-vulnerable version 7.0.6
Risk 3.1
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-7x5d-wtf5-3kau
Aliases:
CVE-2024-38828
GHSA-w3c8-7r8f-9jp8
Spring MVC controller vulnerable to a DoS attack Spring MVC controller methods with an @RequestBody byte[] method parameter are vulnerable to a DoS attack.
5.3.42
Affected by 0 other vulnerabilities.
6.0.0
Affected by 7 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T23:14:55.175317+00:00 GitLab Importer Affected by VCID-7x5d-wtf5-3kau https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-webmvc/CVE-2024-38828.yml 38.4.0
2026-04-12T00:33:30.645834+00:00 GitLab Importer Affected by VCID-7x5d-wtf5-3kau https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-webmvc/CVE-2024-38828.yml 38.3.0
2026-04-03T00:41:13.679975+00:00 GitLab Importer Affected by VCID-7x5d-wtf5-3kau https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-webmvc/CVE-2024-38828.yml 38.1.0