CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-41234 – RFD Attack via “Content-Disposition” Header Sourced from Request
https://notcve.org/view.php?id=CVE-2025-41234
12 Jun 2025 — Description In Spring Framework, versions 6.0.x as of 6.0.5, versions 6.1.x and 6.2.x, an application is vulnerable to a reflected file download (RFD) attack when it sets a “Content-Disposition” header with a non-ASCII charset, where the filename attribute is derived from user-supplied input. Specifically, an application is vulnerable when all the following are true: * The header is prepared with org.springframework.http.ContentDisposition. * The filename is set via ContentDisposition.Builder#filename(Strin... • https://spring.io/security/cve-2025-41234 • CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') •
CVSS: 3.1EPSS: 0%CPEs: 4EXPL: 0CVE-2025-22233 – Spring Framework DataBinder Case Sensitive Match Exception
https://notcve.org/view.php?id=CVE-2025-22233
16 May 2025 — CVE-2024-38820 ensured Locale-independent, lowercase conversion for both the configured disallowedFields patterns and for request parameter names. However, there are still cases where it is possible to bypass the disallowedFields checks. Affected Spring Products and Versions Spring Framework: * 6.2.0 - 6.2.6 * 6.1.0 - 6.1.19 * 6.0.0 - 6.0.27 * 5.3.0 - 5.3.42 * Older, unsupported versions are also affected Mitigation Users of affected versions should upgrade to the corresponding fixed version. Affected versi... • https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N&version=3.1 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2024-22233 – CVE-2024-22233: Spring Framework server Web DoS Vulnerability
https://notcve.org/view.php?id=CVE-2024-22233
22 Jan 2024 — In Spring Framework versions 6.0.15 and 6.1.2, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable when all of the following are true: * the application uses Spring MVC * Spring Security 6.1.6+ or 6.2.1+ is on the classpath Typically, Spring Boot applications need the org.springframework.boot:spring-boot-starter-web and org.springframework.boot:spring-boot-starter-security dependencies to meet all... • https://security.netapp.com/advisory/ntap-20240614-0005 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-34053 – Spring Framework server Web Observations DoS Vulnerability
https://notcve.org/view.php?id=CVE-2023-34053
28 Nov 2023 — In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable when all of the following are true: * the application uses Spring MVC or Spring WebFlux * io.micrometer:micrometer-core is on the classpath * an ObservationRegistry is configured in the application to record observations Typically, Spring Boot applications need the org.springframework.boot:spring-boot-... • https://security.netapp.com/advisory/ntap-20231214-0007 •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-20863 – springframework: Spring Expression DoS Vulnerability
https://notcve.org/view.php?id=CVE-2023-20863
13 Apr 2023 — In spring framework versions prior to 5.2.24 release+ ,5.3.27+ and 6.0.8+ , it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service (DoS) condition. A flaw was found in Spring Framework. Certain versions of Spring Framework's Expression Language were not restricting the size of Spring Expressions. This could allow an attacker to craft a malicious Spring Expression to cause a denial of service on the server. This release of Camel for Spring Boot 3.20.1 serv... • https://security.netapp.com/advisory/ntap-20240524-0015 • CWE-400: Uncontrolled Resource Consumption CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') •
CVSS: 9.0EPSS: 55%CPEs: 2EXPL: 1CVE-2023-20860 – springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern
https://notcve.org/view.php?id=CVE-2023-20860
27 Mar 2023 — Spring Framework running version 6.0.0 - 6.0.6 or 5.3.0 - 5.3.25 using "**" as a pattern in Spring Security configuration with the mvcRequestMatcher creates a mismatch in pattern matching between Spring Security and Spring MVC, and the potential for a security bypass. A flaw was found in Spring Framework. In this vulnerability, a security bypass is possible due to the behavior of the wildcard pattern. Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing ... • https://github.com/limo520/CVE-2023-20860 • CWE-155: Improper Neutralization of Wildcards or Matching Symbols •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-20861 – springframework: Spring Expression DoS Vulnerability
https://notcve.org/view.php?id=CVE-2023-20861
23 Mar 2023 — In Spring Framework versions 6.0.0 - 6.0.6, 5.3.0 - 5.3.25, 5.2.0.RELEASE - 5.2.22.RELEASE, and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service (DoS) condition. A flaw found was found in Spring Framework. This flaw allows a malicious user to use a specially crafted SpEL expression that causes a denial of service (DoS). Red Hat support for Spring Boot provides an application platform that reduces the complexity of develop... • https://security.netapp.com/advisory/ntap-20230420-0007 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 1CVE-2022-22971 – springframework: DoS with STOMP over WebSocket
https://notcve.org/view.php?id=CVE-2022-22971
12 May 2022 — In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user. En spring framework versiones anteriores a 5.3.20+ , 5.2.22+ y las versiones antiguas no soportadas, la aplicación con un endpoint STOMP sobre WebSocket es vulnerable a un ataque de denegación de servicio por parte de un usuario autenticado A flaw was found in Spring Framework Applications. Applications th... • https://github.com/tchize/CVE-2022-22971 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.3EPSS: 0%CPEs: 10EXPL: 1CVE-2022-22970 – springframework: DoS via data binding to multipartFile or servlet part
https://notcve.org/view.php?id=CVE-2022-22970
12 May 2022 — In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object. En spring Framework versiones anteriores a 5.3.20+ , 5.2.22+ y las versiones antiguas no soportadas, las aplicaciones que manejan cargas de archivos son vulnerables a un ataque de denegación de servicio si dependen de la vinculación de datos para establec... • https://github.com/Performant-Labs/CVE-2022-22970 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.3EPSS: 22%CPEs: 12EXPL: 1CVE-2022-22968 – Framework: Data Binding Rules Vulnerability
https://notcve.org/view.php?id=CVE-2022-22968
14 Apr 2022 — In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions, the patterns for disallowedFields on a DataBinder are case sensitive which means a field is not effectively protected unless it is listed with both upper and lower case for the first character of the field, including upper and lower case for the first character of all nested fields within the property path. En Spring Framework versiones 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, y en las versiones anteriores no soportadas, los... • https://github.com/MarcinGadz/spring-rce-poc • CWE-20: Improper Input Validation CWE-178: Improper Handling of Case Sensitivity •