pkg:Maven/org.springframework:spring-webflux

All known vulnerabilities

• CRITICAL9.8CVE-2022-22965⚠ KEVRemote Code Execution in Spring Framework
  from 0, < 5.2.20.RELEASE
• HIGH7.5CVE-2024-38819Spring Framework Path Traversal vulnerability
  >= 6.1.0, < 6.1.14
• HIGH7.5Path traversal vulnerability in functional web frameworks
  >= 6.1.0, < 6.1.13
• HIGH7.5RFD attack via Content-Disposition header sourced from request input by Spring MVC or Spring WebFlux Application
  >= 5.2.0.RELEASE, < 5.2.3.RELEASE
• MEDIUM5.9Spring Framework Improper Path Limitation with Script View Templates
  >= 7.0.0-M1, < 7.0.6
• MEDIUM5.3Spring MVC and WebFlux applications are vulnerable to Denial of Service attacks when resolving static resources
  >= 7.0.0, < 7.0.7
• MEDIUM5.3CSRF attack via CORS preflight requests with Spring MVC or Spring WebFlux
  >= 5.2.0, < 5.2.3
• LOW2.6Spring MVC and WebFlux has Server Sent Event stream corruption
  >= 7.0.0-M1, < 7.0.6
• NONE0.0Spring Framework DoS with Multipart Temp Files in WebFlux
  >= 7.0.0, < 7.0.7
• NONE0.0Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources.
  >= 7.0.0, < 7.0.7