VulnerableCode Package Details - pkg:maven/org.springframework/spring-webmvc@6.0.14

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-85tn-8nj1-xyak	Spring Framework vulnerable to denial of service In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable when all of the following are true: * the application uses Spring MVC or Spring WebFlux * io.micrometer:micrometer-core is on the classpath * an ObservationRegistry is configured in the application to record observations Typically, Spring Boot applications need the org.springframework.boot:spring-boot-actuator dependency to meet all conditions.	CVE-2023-34053 GHSA-v94h-hvhg-mf9h

Vulnerability

Summary

Aliases

VCID-85tn-8nj1-xyak

Spring Framework vulnerable to denial of service In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable when all of the following are true: * the application uses Spring MVC or Spring WebFlux * io.micrometer:micrometer-core is on the classpath * an ObservationRegistry is configured in the application to record observations Typically, Spring Boot applications need the org.springframework.boot:spring-boot-actuator dependency to meet all conditions.

CVE-2023-34053
GHSA-v94h-hvhg-mf9h

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T22:44:08.201846+00:00	GitLab Importer	Fixing	VCID-85tn-8nj1-xyak	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-webmvc/CVE-2023-34053.yml	38.4.0
2026-04-12T00:03:44.966462+00:00	GitLab Importer	Fixing	VCID-85tn-8nj1-xyak	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-webmvc/CVE-2023-34053.yml	38.3.0
2026-04-03T00:08:25.693507+00:00	GitLab Importer	Fixing	VCID-85tn-8nj1-xyak	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-webmvc/CVE-2023-34053.yml	38.1.0
2026-04-02T17:00:45.526127+00:00	GHSA Importer	Fixing	VCID-85tn-8nj1-xyak	https://github.com/advisories/GHSA-v94h-hvhg-mf9h	38.1.0
2026-04-01T12:58:48.903521+00:00	GithubOSV Importer	Fixing	VCID-85tn-8nj1-xyak	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/11/GHSA-v94h-hvhg-mf9h/GHSA-v94h-hvhg-mf9h.json	38.0.0
2026-04-01T12:52:10.013749+00:00	GitLab Importer	Fixing	VCID-85tn-8nj1-xyak	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-webmvc/CVE-2023-34053.yml	38.0.0