Skip to content

Commit 3b04e88

Browse files
advisory-database[bot]advisory-database[bot]
committed
Publish Advisories
GHSA-4773-3jfm-qmx3 GHSA-6hcq-hmm3-jj3c GHSA-8hfc-fq58-r658 GHSA-mf92-479x-3373 GHSA-mgvc-8q2h-5pgc GHSA-4773-3jfm-qmx3 GHSA-6hcq-hmm3-jj3c GHSA-8hfc-fq58-r658 GHSA-mf92-479x-3373 GHSA-mgvc-8q2h-5pgc
1 parent 10cbaa9 commit 3b04e88

10 files changed

Lines changed: 780 additions & 180 deletions

File tree

advisories/github-reviewed/2026/03/GHSA-4773-3jfm-qmx3/GHSA-4773-3jfm-qmx3.json

Lines changed: 194 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,194 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-4773-3jfm-qmx3",
4+
"modified": "2026-03-20T20:41:46Z",
5+
"published": "2026-03-20T00:31:28Z",
6+
"aliases": [
7+
"CVE-2026-22737"
8+
],
9+
"summary": "Spring Framework Improper Path Limitation with Script View Templates",
10+
"details": "Use of Java scripting engine enabled (e.g. JRuby, Jython) template views in Spring MVC and Spring WebFlux applications can result in disclosure of content from files outside the configured locations for script template views. This issue affects Spring Framework: from 7.0.0 through 7.0.5, from 6.2.0 through 6.2.16, from 6.1.0 through 6.1.25, from 5.3.0 through 5.3.46.",
11+
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
15+
}
16+
],
17+
"affected": [
18+
{
19+
"package": {
20+
"ecosystem": "Maven",
21+
"name": "org.springframework:spring-webmvc"
22+
},
23+
"ranges": [
24+
{
25+
"type": "ECOSYSTEM",
26+
"events": [
27+
{
28+
"introduced": "7.0.0-M1"
29+
},
30+
{
31+
"fixed": "7.0.6"
32+
}
33+
]
34+
}
35+
]
36+
},
37+
{
38+
"package": {
39+
"ecosystem": "Maven",
40+
"name": "org.springframework:spring-webmvc"
41+
},
42+
"ranges": [
43+
{
44+
"type": "ECOSYSTEM",
45+
"events": [
46+
{
47+
"introduced": "6.2.0"
48+
},
49+
{
50+
"fixed": "6.2.17"
51+
}
52+
]
53+
}
54+
]
55+
},
56+
{
57+
"package": {
58+
"ecosystem": "Maven",
59+
"name": "org.springframework:spring-webmvc"
60+
},
61+
"ranges": [
62+
{
63+
"type": "ECOSYSTEM",
64+
"events": [
65+
{
66+
"introduced": "6.0.0"
67+
},
68+
{
69+
"last_affected": "6.1.21"
70+
}
71+
]
72+
}
73+
]
74+
},
75+
{
76+
"package": {
77+
"ecosystem": "Maven",
78+
"name": "org.springframework:spring-webmvc"
79+
},
80+
"ranges": [
81+
{
82+
"type": "ECOSYSTEM",
83+
"events": [
84+
{
85+
"introduced": "5.3.0"
86+
},
87+
{
88+
"last_affected": "5.3.39"
89+
}
90+
]
91+
}
92+
]
93+
},
94+
{
95+
"package": {
96+
"ecosystem": "Maven",
97+
"name": "org.springframework:spring-webflux"
98+
},
99+
"ranges": [
100+
{
101+
"type": "ECOSYSTEM",
102+
"events": [
103+
{
104+
"introduced": "7.0.0-M1"
105+
},
106+
{
107+
"fixed": "7.0.6"
108+
}
109+
]
110+
}
111+
]
112+
},
113+
{
114+
"package": {
115+
"ecosystem": "Maven",
116+
"name": "org.springframework:spring-webflux"
117+
},
118+
"ranges": [
119+
{
120+
"type": "ECOSYSTEM",
121+
"events": [
122+
{
123+
"introduced": "6.2.0"
124+
},
125+
{
126+
"fixed": "6.2.17"
127+
}
128+
]
129+
}
130+
]
131+
},
132+
{
133+
"package": {
134+
"ecosystem": "Maven",
135+
"name": "org.springframework:spring-webflux"
136+
},
137+
"ranges": [
138+
{
139+
"type": "ECOSYSTEM",
140+
"events": [
141+
{
142+
"introduced": "6.0.0"
143+
},
144+
{
145+
"last_affected": "6.1.21"
146+
}
147+
]
148+
}
149+
]
150+
},
151+
{
152+
"package": {
153+
"ecosystem": "Maven",
154+
"name": "org.springframework:spring-webflux"
155+
},
156+
"ranges": [
157+
{
158+
"type": "ECOSYSTEM",
159+
"events": [
160+
{
161+
"introduced": "5.3.0"
162+
},
163+
{
164+
"last_affected": "5.3.39"
165+
}
166+
]
167+
}
168+
]
169+
}
170+
],
171+
"references": [
172+
{
173+
"type": "ADVISORY",
174+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22737"
175+
},
176+
{
177+
"type": "PACKAGE",
178+
"url": "https://github.com/spring-projects/spring-framework"
179+
},
180+
{
181+
"type": "WEB",
182+
"url": "https://spring.io/security/cve-2026-22737"
183+
}
184+
],
185+
"database_specific": {
186+
"cwe_ids": [
187+
"CWE-22"
188+
],
189+
"severity": "MODERATE",
190+
"github_reviewed": true,
191+
"github_reviewed_at": "2026-03-20T20:41:46Z",
192+
"nvd_published_at": "2026-03-20T00:16:15Z"
193+
}
194+
}

advisories/github-reviewed/2026/03/GHSA-6hcq-hmm3-jj3c/GHSA-6hcq-hmm3-jj3c.json

Lines changed: 194 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,194 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-6hcq-hmm3-jj3c",
4+
"modified": "2026-03-20T20:41:16Z",
5+
"published": "2026-03-20T00:31:28Z",
6+
"aliases": [
7+
"CVE-2026-22735"
8+
],
9+
"summary": "Spring MVC and WebFlux has Server Sent Event stream corruption",
10+
"details": "Spring MVC and WebFlux applications are vulnerable to stream corruption when using Server-Sent Events (SSE). This issue affects Spring Foundation: from 7.0.0 through 7.0.5, from 6.2.0 through 6.2.16, from 6.1.0 through 6.1.25, from 5.3.0 through 5.3.46.",
11+
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N"
15+
}
16+
],
17+
"affected": [
18+
{
19+
"package": {
20+
"ecosystem": "Maven",
21+
"name": "org.springframework:spring-webmvc"
22+
},
23+
"ranges": [
24+
{
25+
"type": "ECOSYSTEM",
26+
"events": [
27+
{
28+
"introduced": "7.0.0-M1"
29+
},
30+
{
31+
"fixed": "7.0.6"
32+
}
33+
]
34+
}
35+
]
36+
},
37+
{
38+
"package": {
39+
"ecosystem": "Maven",
40+
"name": "org.springframework:spring-webmvc"
41+
},
42+
"ranges": [
43+
{
44+
"type": "ECOSYSTEM",
45+
"events": [
46+
{
47+
"introduced": "6.2.0"
48+
},
49+
{
50+
"fixed": "6.2.17"
51+
}
52+
]
53+
}
54+
]
55+
},
56+
{
57+
"package": {
58+
"ecosystem": "Maven",
59+
"name": "org.springframework:spring-webmvc"
60+
},
61+
"ranges": [
62+
{
63+
"type": "ECOSYSTEM",
64+
"events": [
65+
{
66+
"introduced": "6.0.0"
67+
},
68+
{
69+
"last_affected": "6.1.21"
70+
}
71+
]
72+
}
73+
]
74+
},
75+
{
76+
"package": {
77+
"ecosystem": "Maven",
78+
"name": "org.springframework:spring-webmvc"
79+
},
80+
"ranges": [
81+
{
82+
"type": "ECOSYSTEM",
83+
"events": [
84+
{
85+
"introduced": "5.3.0"
86+
},
87+
{
88+
"last_affected": "5.3.39"
89+
}
90+
]
91+
}
92+
]
93+
},
94+
{
95+
"package": {
96+
"ecosystem": "Maven",
97+
"name": "org.springframework:spring-webflux"
98+
},
99+
"ranges": [
100+
{
101+
"type": "ECOSYSTEM",
102+
"events": [
103+
{
104+
"introduced": "7.0.0-M1"
105+
},
106+
{
107+
"fixed": "7.0.6"
108+
}
109+
]
110+
}
111+
]
112+
},
113+
{
114+
"package": {
115+
"ecosystem": "Maven",
116+
"name": "org.springframework:spring-webflux"
117+
},
118+
"ranges": [
119+
{
120+
"type": "ECOSYSTEM",
121+
"events": [
122+
{
123+
"introduced": "6.2.0"
124+
},
125+
{
126+
"fixed": "6.2.17"
127+
}
128+
]
129+
}
130+
]
131+
},
132+
{
133+
"package": {
134+
"ecosystem": "Maven",
135+
"name": "org.springframework:spring-webflux"
136+
},
137+
"ranges": [
138+
{
139+
"type": "ECOSYSTEM",
140+
"events": [
141+
{
142+
"introduced": "6.0.0"
143+
},
144+
{
145+
"last_affected": "6.1.21"
146+
}
147+
]
148+
}
149+
]
150+
},
151+
{
152+
"package": {
153+
"ecosystem": "Maven",
154+
"name": "org.springframework:spring-webflux"
155+
},
156+
"ranges": [
157+
{
158+
"type": "ECOSYSTEM",
159+
"events": [
160+
{
161+
"introduced": "5.3.0"
162+
},
163+
{
164+
"last_affected": "5.3.39"
165+
}
166+
]
167+
}
168+
]
169+
}
170+
],
171+
"references": [
172+
{
173+
"type": "ADVISORY",
174+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22735"
175+
},
176+
{
177+
"type": "PACKAGE",
178+
"url": "https://github.com/spring-projects/spring-framework"
179+
},
180+
{
181+
"type": "WEB",
182+
"url": "https://spring.io/security/cve-2026-22735"
183+
}
184+
],
185+
"database_specific": {
186+
"cwe_ids": [
187+
"CWE-667"
188+
],
189+
"severity": "LOW",
190+
"github_reviewed": true,
191+
"github_reviewed_at": "2026-03-20T20:41:16Z",
192+
"nvd_published_at": "2026-03-20T00:16:15Z"
193+
}
194+
}

0 commit comments

Comments
 (0)