Search for packages
| purl | pkg:maven/org.springframework/spring-webmvc@6.2.10 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-33up-jmsk-qffx
Aliases: CVE-2026-22745 GHSA-6p4f-wcwh-5vvm |
spring-webflux: Spring MVC and Spring WebFlux: Denial of Service via slow static resource resolution on Windows |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-xrqe-h6t7-nkak
Aliases: CVE-2026-22741 GHSA-wg35-8jpf-2xv3 |
Spring MVC: Spring WebFlux: Spring MVC and Spring WebFlux: Denial of Service via cache poisoning |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-hqmh-eegu-aqb3 | Spring Framework MVC Applications Path Traversal Vulnerability Spring Framework MVC applications can be vulnerable to a “Path Traversal Vulnerability” when deployed on a non-compliant Servlet container. An application can be vulnerable when all the following are true: |
CVE-2025-41242
GHSA-r936-gwx5-v52f |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-06T08:20:05.817418+00:00 | GitLab Importer | Affected by | VCID-33up-jmsk-qffx | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-webmvc/CVE-2026-22745.yml | 38.6.0 |
| 2026-06-06T08:18:43.879939+00:00 | GitLab Importer | Affected by | VCID-xrqe-h6t7-nkak | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-webmvc/CVE-2026-22741.yml | 38.6.0 |
| 2026-06-04T17:12:04.933188+00:00 | GithubOSV Importer | Fixing | VCID-hqmh-eegu-aqb3 | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/08/GHSA-r936-gwx5-v52f/GHSA-r936-gwx5-v52f.json | 38.6.0 |
| 2026-06-04T16:24:39.352447+00:00 | GitLab Importer | Fixing | VCID-hqmh-eegu-aqb3 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-webmvc/CVE-2025-41242.yml | 38.6.0 |