Org.springframework:spring-webflux
This hub aggregates every CVE we track for Org.springframework:spring-webflux, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
5
CVEs tracked
1
Critical
3
High
1
In CISA KEV
Severity distribution
HIGH3MEDIUM1CRITICAL1
Monthly trend
0
0
1
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 5 most recently published vulnerabilities affecting Org.springframework:spring-webflux.
- CVE-2024-38819Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtai...7.5
- CVE-2024-38816CVE-2024-38816: Path traversal vulnerability in functional web frameworks7.5
- CVE-2022-22965A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a W...KEV9.8
- CVE-2020-5397CSRF Attack via CORS Preflight Requests with Spring MVC or Spring WebFlux5.3
- CVE-2020-5398RFD Attack via "Content-Disposition" Header Sourced from Request Input by Spring MVC or Spring WebFlux Application7.5
Product normalization is registry-driven with AI assist and human review. How it works