Org.springframework:spring-oxm
This hub aggregates every CVE we track for Org.springframework:spring-oxm, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
2
CVEs tracked
0
Critical
0
High
0
In CISA KEV
Severity distribution
MEDIUM2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 2 most recently published vulnerabilities affecting Org.springframework:spring-oxm.
- CVE-2013-7315The Spring MVC in Spring Framework before 3.2.4 and 4.0.0.M1 through 4.0.0.M2 does not disable external entity resolution for the StAX XMLInputFactory, which allows context-dependent attackers to r...6.8
- CVE-2013-4152The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary ...6.8
Product normalization is registry-driven with AI assist and human review. How it works