Known Vulnerabilities for Spring Framework by VMware
Listed below are 10 of the newest known vulnerabilities associated with "Spring Framework" by "VMware".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-22745 json | Not Provided | 2026-04-29 | 2026-05-04 | |
| CVE-2026-22741 json | Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources. More precisely, an a... | Not Provided | 2026-04-29 | 2026-04-29 |
| CVE-2026-22740 json | Not Provided | 2026-04-29 | 2026-05-04 | |
| CVE-2026-22737 json | Use of Java scripting engine enabled (e.g. JRuby, Jython) template views in Spring MVC and Spring WebFlux applications can re... | Not Provided | 2026-03-20 | 2026-03-20 |
| CVE-2026-22735 json | Not Provided | 2026-03-20 | 2026-04-23 | |
| CVE-2024-22233 json | 7.5 - HIGH | 2024-01-22 | 2024-01-29 | |
| CVE-2023-44794 json | An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload t... | 9.8 - CRITICAL | 2023-10-25 | 2023-10-31 |
| CVE-2023-34053 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-11-28 | 2023-12-04 |
| CVE-2023-20863 json | In spring framework versions prior to 5.2.24 release+ ,5.3.27+ and 6.0.8+ , it is possible for a user to provide a specially ... | 6.5 - MEDIUM | 2023-04-13 | 2023-04-21 |
| CVE-2023-20861 json | In Spring Framework versions 6.0.0 - 6.0.6, 5.3.0 - 5.3.25, 5.2.0.RELEASE - 5.2.22.RELEASE, and older unsupported versions, i... | 6.5 - MEDIUM | 2023-03-23 | 2023-04-20 |