Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.springframework/spring-webmvc@7.0.6
purl pkg:maven/org.springframework/spring-webmvc@7.0.6
Next non-vulnerable version 7.0.7
Latest non-vulnerable version 7.0.7
Risk 3.1
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-33up-jmsk-qffx
Aliases:
CVE-2026-22745
GHSA-6p4f-wcwh-5vvm
spring-webflux: Spring MVC and Spring WebFlux: Denial of Service via slow static resource resolution on Windows
7.0.7
Affected by 0 other vulnerabilities.
VCID-xrqe-h6t7-nkak
Aliases:
CVE-2026-22741
GHSA-wg35-8jpf-2xv3
Spring MVC: Spring WebFlux: Spring MVC and Spring WebFlux: Denial of Service via cache poisoning
7.0.7
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-2t2s-1tfu-efcn org.springframework/spring-webmvc: org.springframework/spring-webflux: Spring MVC and WebFlux: Stream corruption vulnerability when using Server-Sent Events CVE-2026-22735
GHSA-6hcq-hmm3-jj3c
VCID-ze8f-qfgn-a7h6 Spring Framework: Spring Framework: Information disclosure via Java scripting engine enabled template views CVE-2026-22737
GHSA-4773-3jfm-qmx3

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-07T20:54:21.935564+00:00 GHSA Importer Affected by VCID-xrqe-h6t7-nkak https://github.com/advisories/GHSA-wg35-8jpf-2xv3 38.6.0
2026-06-07T20:54:21.231010+00:00 GHSA Importer Affected by VCID-33up-jmsk-qffx https://github.com/advisories/GHSA-6p4f-wcwh-5vvm 38.6.0
2026-06-07T20:52:03.921540+00:00 GHSA Importer Fixing VCID-ze8f-qfgn-a7h6 https://github.com/advisories/GHSA-4773-3jfm-qmx3 38.6.0
2026-06-07T20:52:03.197358+00:00 GHSA Importer Fixing VCID-2t2s-1tfu-efcn https://github.com/advisories/GHSA-6hcq-hmm3-jj3c 38.6.0
2026-06-06T08:20:06.039602+00:00 GitLab Importer Affected by VCID-33up-jmsk-qffx https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-webmvc/CVE-2026-22745.yml 38.6.0
2026-06-06T08:18:44.095111+00:00 GitLab Importer Affected by VCID-xrqe-h6t7-nkak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-webmvc/CVE-2026-22741.yml 38.6.0
2026-06-06T07:31:28.245112+00:00 GitLab Importer Fixing VCID-ze8f-qfgn-a7h6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-webmvc/CVE-2026-22737.yml 38.6.0
2026-06-06T07:31:26.302011+00:00 GitLab Importer Fixing VCID-2t2s-1tfu-efcn https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-webmvc/CVE-2026-22735.yml 38.6.0
2026-06-04T17:00:17.323779+00:00 GithubOSV Importer Fixing VCID-ze8f-qfgn-a7h6 https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-4773-3jfm-qmx3/GHSA-4773-3jfm-qmx3.json 38.6.0
2026-06-04T17:00:14.069916+00:00 GithubOSV Importer Fixing VCID-2t2s-1tfu-efcn https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-6hcq-hmm3-jj3c/GHSA-6hcq-hmm3-jj3c.json 38.6.0