FLAT-CNF93 (CVE-2026-22745)
Asymmetric denial of service In org.springframework:spring-webflux
6.3
Medium
Ecosystem: Maven
Package: org.springframework:spring-webflux
FLAT-IL2MU (CVE-2026-22741)
HTTP request smuggling In org.springframework:spring-webflux
2.4
Low
Ecosystem: Maven
Package: org.springframework:spring-webflux
FLAT-80GYJ (CVE-2026-22740)
Asymmetric denial of service In org.springframework:spring-webflux
6.3
Medium
Ecosystem: Maven
Package: org.springframework:spring-webflux
FLAT-X9Z3O (CVE-2026-22737)
Lack of data validation - Path Traversal In org.springframework:spring-webflux
6.3
Medium
Ecosystem: Maven
Package: org.springframework:spring-webflux
FLAT-IJ0QT (CVE-2026-22735)
Security controls bypass or absence In org.springframework:spring-webmvc
0.5
Low
Ecosystem: Maven
Package: org.springframework:spring-webmvc
FLAT-2CTCO (CVE-2018-11040)
Insecure service configuration In org.springframework:spring-webmvc
4.6
Medium
Ecosystem: Maven
Package: org.springframework:spring-webmvc
FLAT-QHHIX (CVE-2016-5007)
Authentication mechanism absence or evasion In org.springframework:spring-webmvc
0.6
Low
Ecosystem: Maven
Package: org.springframework:spring-webmvc
FLAT-7K94P (CVE-2021-22096)
Log injection In org.springframework:spring-webflux
1.3
Low
Ecosystem: Maven
Package: org.springframework:spring-webflux
FLAT-A52B0 (CVE-2011-2730)
Server side template injection In org.springframework:spring-web
0.6
Low
Ecosystem: Maven
Package: org.springframework:spring-web
FLAT-KEH6H (CVE-2025-41254)
Cross-site request forgery In org.springframework:spring-websocket
0.6
Low
Ecosystem: Maven
Package: org.springframework:spring-websocket
FLAT-ECXVN (CVE-2025-41242)
Lack of data validation - Path Traversal In org.springframework:spring-webmvc
4.6
Medium
Ecosystem: Maven
Package: org.springframework:spring-webmvc
FLAT-8ABRH (CVE-2025-41234)
Lack of data validation In org.springframework:spring-web
1.9
Low
Ecosystem: Maven
Package: org.springframework:spring-web
FLAT-L5SO0 (CVE-2024-38819)
Lack of data validation - Path Traversal In org.springframework:spring-webflux
4.9
Medium
Ecosystem: Maven
Package: org.springframework:spring-webflux
FLAT-ZPFXS (CVE-2024-38828)
Asymmetric denial of service In org.springframework:spring-webmvc
2.7
Low
Ecosystem: Maven
Package: org.springframework:spring-webmvc
FLAT-E62UG (CVE-2024-38816)
Lack of data validation - Path Traversal In org.springframework:spring-webflux
6.6
Medium
Ecosystem: Maven
Package: org.springframework:spring-webflux
FLAT-9B53D (CVE-2024-22262)
Server-side request forgery (SSRF) In org.springframework:spring-web
6.0
Medium
Ecosystem: Maven
Package: org.springframework:spring-web
FLAT-9FI8T (CVE-2024-22259)
Server-side request forgery (SSRF) In org.springframework:spring-web
7.5
High
Ecosystem: Maven
Package: org.springframework:spring-web
FLAT-8CJOS (CVE-2024-22243)
Server-side request forgery (SSRF) In org.springframework:spring-web
6.2
Medium
Ecosystem: Maven
Package: org.springframework:spring-web
FLAT-CTGR9 (CVE-2023-34053)
Asymmetric denial of service In org.springframework:spring-webmvc
4.6
Medium
Ecosystem: Maven
Package: org.springframework:spring-webmvc
FLAT-4HN5T (CVE-2021-22118)
Excessive privileges In org.springframework:spring-web
5.9
Medium
Ecosystem: Maven
Package: org.springframework:spring-web
FLAT-NWM19 (CVE-2016-1000027)
Insecure deserialization In org.springframework:spring-web
5.2
Medium
Ecosystem: Maven
Package: org.springframework:spring-web
FLAT-3YW3Y (CVE-2014-1904)
Reflected cross-site scripting (XSS) In org.springframework:spring-webmvc
1.3
Low
Ecosystem: Maven
Package: org.springframework:spring-webmvc
FLAT-7GC5M (CVE-2014-3625)
Lack of data validation - Path Traversal In org.springframework:spring-webmvc
1.3
Low
Ecosystem: Maven
Package: org.springframework:spring-webmvc
FLAT-4ANNI (CVE-2014-0225)
XML injection (XXE) In org.springframework:spring-webmvc
6.3
Medium
Ecosystem: Maven
Package: org.springframework:spring-webmvc
FLAT-2ZPNV (CVE-2013-6429)
Cross-site request forgery In org.springframework:spring-web
0.6
Low
Ecosystem: Maven
Package: org.springframework:spring-web
FLAT-21LS4 (CVE-2014-0054)
Cross-site request forgery In org.springframework:spring-webmvc
1.3
Low
Ecosystem: Maven
Package: org.springframework:spring-webmvc
FLAT-0V10G (CVE-2013-6430)
Reflected cross-site scripting (XSS) In org.springframework:spring-web
1.2
Low
Ecosystem: Maven
Package: org.springframework:spring-web
FLAT-8KORP (CVE-2020-5397)
Cross-site request forgery In org.springframework:spring-webmvc
2.7
Low
Ecosystem: Maven
Package: org.springframework:spring-webmvc
FLAT-L66WT (CVE-2020-5398)
Reflected cross-site scripting (XSS) In org.springframework:spring-webmvc
5.2
Medium
Ecosystem: Maven
Package: org.springframework:spring-webmvc
FLAT-DS05X (CVE-2015-3192)
Improper resource allocation - Buffer overflow In org.springframework:spring-web
4.6
Medium
Ecosystem: Maven
Package: org.springframework:spring-web
FLAT-EH9FL (CVE-2018-11039)
Cross-site request forgery In org.springframework:spring-web
4.6
Medium
Ecosystem: Maven
Package: org.springframework:spring-web
FLAT-C8N4O (CVE-2016-9878)
Lack of data validation - Path Traversal In org.springframework:spring-webmvc
6.6
Medium
Ecosystem: Maven
Package: org.springframework:spring-webmvc