Vulnerability Directory

If you’re currently using these frameworks in your application’s tech stack, your application could be vulnerable.

Secure drop-in replacements for open source software from HeroDevs helps you stay secure, compliant, and compatible while you migrate.

Switch to Never-Ending Support (NES) from HeroDevs to immediately mitigate these vulnerabilities.
Talk to Our Experts
Get Pricing
Arrow down

Vulnerability Directory

If you’re currently using these frameworks in your application’s tech stack, your application could be vulnerable.

Secure drop-in replacements for open source software from HeroDevs helps you stay secure, compliant, and compatible while you migrate.

Switch to Never-Ending Support (NES) from HeroDevs to immediately mitigate these vulnerabilities.

Talk to Our Experts
Get Pricing
Codey gradient
Search here
Clear
Filter by Severity
Clear
Filter by Technology
Sign up for the latest vulnerability alerts
Rss feed icon
Subscribe via RSS
or
Thanks for signing up for our Newsletter! We look forward to connecting with you.
Oops! Something went wrong while submitting the form.
Severity
ID
Technology
Libraries Affected
Category
Version(s) Affected
Published Date
High
Open in new tab icon
CVE-2023-49735
Struts
Apache Struts
Path Traversal
<1.3.10, >=2.0.0
May 12, 2025
Medium
Open in new tab icon
CVE-2023-34396
Struts
Apache Struts
Denial of Service
<1.3.10, >=2.0.5 <2.5.31, >=6.0.0 <6.1.2.1
May 12, 2025
Low
Open in new tab icon
CVE-2008-2025
Struts
Apache Struts
Cross-Site Scripting
<1.2.9
May 12, 2025
Low
Open in new tab icon
CVE-2006-1548
Struts
Apache Struts
Cross-Site Scripting
<1.2.9
May 12, 2025
High
Open in new tab icon
CVE-2006-1547
Struts
Apache Struts
Denial of Service
<1.2.9
May 12, 2025
High
Open in new tab icon
CVE-2006-1546
Struts
Apache Struts
Authorization Bypass
<1.2.9
May 12, 2025
High
Open in new tab icon
CVE-2024-22257
Spring
Spring Security
Authorization Bypass
>=5.7.0 <5.7.12, >=5.8.0 <5.8.11, >=6.0.0 <6.0.10, >=6.1.0 <6.1.8, >=6.2.0 <6.2.3
May 8, 2025
Medium
Open in new tab icon
CVE-2025-0716
AngularJS
AngularJS
Content Spoofing
>=0.0.0
Apr 29, 2025
Medium
Open in new tab icon
CVE-2025-22235
Spring
Spring Boot
Incorrectly Configured Access Control
<2.7.0, >=2.7.0 <2.7.25, >=3.1.0 <3.1.16, >=3.2.0 <3.2.14, >=3.3.0 <3.3.11, >=3.4.0 <3.4.5
Apr 25, 2025
Medium
Open in new tab icon
CVE-2025-22234
Spring
Spring Security
Information Exposure
=5.7.16, =5.8.18, =6.0.16, =6.1.14, =6.2.10, =6.3.8, =6.4.4
Apr 22, 2025
Low
Open in new tab icon
CVE-2025-24859
Apache Roller
Apache Roller
Broken Access
>1.0.0 <=6.1.4
Apr 14, 2025
Medium
Open in new tab icon
CVE-2025-22232
Spring
Spring Cloud Config
Authorization Bypass
>=2.2.0 <=2.2.8, >=3.0.0 <=3.0.7, >=3.1.0 <3.1.10, >=4.0.0 <=4.0.5, >=4.1.0 <4.1.6, >=4.2.0 <4.2.1
Apr 10, 2025
Medium
Open in new tab icon
CVE-2022-31777
Apache Spark
Apache Spark
Cross-Site Scripting
3.3.0 <=3.2.1
Apr 9, 2025
Critical
Open in new tab icon
CVE-2023-22946
Apache Spark
Apache Spark
Broken Access
<3.4.0 >=3.3.0 <=3.3.1 >=3.2.0 <=3.2.3 >=3.1.0 <=3.1.3 >=3.0.0 <=3.0.3 >=2.4.8
Apr 9, 2025
High
Open in new tab icon
CVE-2023-32007
Apache Spark
Apache Spark
Command Injection
>=3.2.0 <=3.2.1 >=3.1.1 <=3.1.3 <=3.0.3
Apr 9, 2025
Exclamation icon
No results found

Please enter a valid Vulnerability ID number or Technology name.

By clicking "Accept", you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

PreferencesRejectAccept
Manage Consent Preferences by Category
Essentials
Always active

Necessary for the site to function. Always On.

Used for targeted advertising.

Remembers your preferences and provides enhanced features.

Measures usage and improves your experience.

Reject AllAccept All
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.