Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Spring Framework — Vulnerabilities & Security Advisories 40

All 40 CVE vulnerabilities found in Spring Framework, with AI-generated Chinese analysis, references, and POCs.

Vendor: Pivotal

CVE IDTitleCVSSSeverityPublished
CVE-2026-22737 Spring Framework Improper Path Limitation with Script View Templates 5.9 Medium2026-03-19
CVE-2025-41254 Spring Framework STOMP CSRF Vulnerability CWE-352 4.3 Medium2025-10-16
CVE-2025-41249 CVE-2025-41249: Spring Framework Annotation Detection Vulnerability 7.5 High2025-09-16
CVE-2025-41242 CVE-2025-41242: Path traversal vulnerability on non-compliant Servlet containers 5.9 Medium2025-08-18
CVE-2025-41234 RFD Attack via “Content-Disposition” Header Sourced from Request CWE-113 6.5 Medium2025-06-12
CVE-2025-22233 Spring Framework DataBinder Case Sensitive Match Exception CWE-20 3.1 Low2025-05-16
CVE-2024-38819 VMware Spring Framework 安全漏洞 CWE-22 7.5 High2024-12-19
CVE-2024-38809 VMware Spring Framework 安全漏洞 5.3 Medium2024-09-27
CVE-2024-38808 CVE-2024-38808: Spring Expression DoS Vulnerability 4.3 Medium2024-08-20
CVE-2024-22262 CVE-2024-22262: Spring Framework URL Parsing with Host Validation 8.1 High2024-04-16
CVE-2024-22259 CVE-2024-22259: Spring Framework URL Parsing with Host Validation (2nd report) 8.1 High2024-03-16
CVE-2024-22243 CVE-2024-22243: Spring Framework URL Parsing with Host Validation 8.1 High2024-02-23
CVE-2024-22233 CVE-2024-22233: Spring Framework server Web DoS Vulnerability 7.5 High2024-01-22
CVE-2023-34053 Spring Framework server Web Observations DoS Vulnerability 5.3 Medium2023-11-28
CVE-2023-20863 Spring Framework 安全漏洞 CWE-400 6.5 -2023-04-13
CVE-2023-20860 Spring Framework 安全漏洞 7.5 -2023-03-27
CVE-2023-20861 Spring Framework 安全漏洞 6.5 -2023-03-23
CVE-2022-22971 Spring Framework 输入验证错误漏洞 CWE-770 6.5 -2022-05-12
CVE-2022-22970 Spring Framework 输入验证错误漏洞 CWE-770 6.5 -2022-05-12
CVE-2022-22968 Vmware Spring Framework 安全特征问题漏洞 4.3 -2022-04-14
CVE-2022-22950 Vmware Spring Framework 安全漏洞 CWE-770 6.5 -2022-04-01
CVE-2022-22965 Spring Framework 代码注入漏洞 CWE-94 9.8 -2022-04-01
CVE-2021-22060 Vmware Spring Framework 安全漏洞 4.3 -2022-01-07
CVE-2021-22096 Vmware Spring Framework 安全漏洞 CWE-117 4.3 -2021-10-28
CVE-2021-22118 Vmware Spring Framework 权限许可和访问控制问题漏洞 CWE-269 7.8 -2021-05-27
CVE-2020-5421 RFD Protection Bypass via jsessionid 7.9 -2020-09-19
CVE-2020-5397 CSRF Attack via CORS Preflight Requests with Spring MVC or Spring WebFlux CWE-352 8.1 -2020-01-17
CVE-2020-5398 RFD Attack via "Content-Disposition" Header Sourced from Request Input by Spring MVC or Spring WebFlux Application CWE-79 7.5 -2020-01-16
CVE-2018-15756 DoS Attack via Range Requests 8.2 -2018-10-18
CVE-2018-11039 Pivotal Spring Framework 安全漏洞 3.7 -2018-06-25

All 40 known CVE vulnerabilities affecting Spring Framework with full Chinese analysis, references, and POCs where available.