org.springframework:spring-webflux vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-22741Loworg.springframework:spring-webflux: Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources.CVE-2026-22740Mediumorg.springframework:spring-webflux: Spring Framework DoS with Multipart Temp Files in WebFluxCVE-2026-22745Mediumorg.springframework:spring-webflux: Spring MVC and WebFlux applications are vulnerable to Denial of Service attacks when resolving static resourcesCVE-2026-22735Loworg.springframework:spring-webmvc: Spring MVC and WebFlux has Server Sent Event stream corruptionCVE-2026-22737Mediumorg.springframework:spring-webmvc: Spring Framework Improper Path Limitation with Script View TemplatesCVE-2024-38819Highorg.springframework:spring-webflux: Spring Framework Path Traversal vulnerabilityCVE-2024-38816Highorg.springframework:spring-webmvc: Path traversal vulnerability in functional web frameworksCVE-2022-22965Criticalorg.springframework:spring-beans: Remote Code Execution in Spring FrameworkCVE-2020-5397Mediumorg.springframework:spring-webmvc: CSRF attack via CORS preflight requests with Spring MVC or Spring WebFluxCVE-2020-5398Highorg.springframework:spring-webmvc: RFD attack via Content-Disposition header sourced from request input by Spring MVC or Spring WebFlux Application

Stop the waste.
Protect your environment with Kodem.