VulnerableCode Package Details - pkg:maven/org.springframework/spring-webmvc@5.3.18

Search for packages

Vulnerability	Summary	Fixed by
VCID-7x5d-wtf5-3kau Aliases: CVE-2024-38828 GHSA-w3c8-7r8f-9jp8	Spring MVC controller vulnerable to a DoS attack Spring MVC controller methods with an @RequestBody byte[] method parameter are vulnerable to a DoS attack.	5.3.42 Affected by 0 other vulnerabilities. 6.0.0 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-7x5d-wtf5-3kau
Aliases:
CVE-2024-38828
GHSA-w3c8-7r8f-9jp8

Spring MVC controller vulnerable to a DoS attack Spring MVC controller methods with an @RequestBody byte[] method parameter are vulnerable to a DoS attack.

5.3.42
Affected by 0 other vulnerabilities.

6.0.0
Affected by 7 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-cyjt-4vjn-mbc7	Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in org.springframework.boot:spring-boot-starter-webflux.	CVE-2022-22965 GHSA-36p3-wjmg-h94x GMS-2022-558 GMS-2022-559 GMS-2022-560 GMS-2022-561

Vulnerability

Summary

Aliases

VCID-cyjt-4vjn-mbc7

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in org.springframework.boot:spring-boot-starter-webflux.

CVE-2022-22965
GHSA-36p3-wjmg-h94x
GMS-2022-558
GMS-2022-559
GMS-2022-560
GMS-2022-561

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T23:14:55.151287+00:00	GitLab Importer	Affected by	VCID-7x5d-wtf5-3kau	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-webmvc/CVE-2024-38828.yml	38.4.0
2026-04-16T21:43:59.447862+00:00	GitLab Importer	Fixing	VCID-cyjt-4vjn-mbc7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-webmvc/CVE-2022-22965.yml	38.4.0
2026-04-12T00:33:30.621146+00:00	GitLab Importer	Affected by	VCID-7x5d-wtf5-3kau	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-webmvc/CVE-2024-38828.yml	38.3.0
2026-04-11T22:59:36.191782+00:00	GitLab Importer	Fixing	VCID-cyjt-4vjn-mbc7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-webmvc/CVE-2022-22965.yml	38.3.0
2026-04-03T00:41:13.648112+00:00	GitLab Importer	Affected by	VCID-7x5d-wtf5-3kau	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-webmvc/CVE-2024-38828.yml	38.1.0
2026-04-02T23:08:17.070593+00:00	GitLab Importer	Fixing	VCID-cyjt-4vjn-mbc7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-webmvc/CVE-2022-22965.yml	38.1.0
2026-04-01T16:00:13.830403+00:00	GHSA Importer	Fixing	VCID-cyjt-4vjn-mbc7	https://github.com/advisories/GHSA-36p3-wjmg-h94x	38.0.0
2026-04-01T13:06:52.422495+00:00	GithubOSV Importer	Fixing	VCID-cyjt-4vjn-mbc7	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/03/GHSA-36p3-wjmg-h94x/GHSA-36p3-wjmg-h94x.json	38.0.0
2026-04-01T12:49:46.588423+00:00	GitLab Importer	Fixing	VCID-cyjt-4vjn-mbc7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-webmvc/CVE-2022-22965.yml	38.0.0