Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

org.springframework:spring-web

Ecosystem:
maven
Package URL:
pkg:maven/org.springframework:spring-web
Total PRs:
939 Dependabot PRs
Latest PR:
18 days ago
Unique Repositories:
459 repositories
Unique Repos (30 days):
3 repositories
Security Advisories
Improper Privilege Management in Spring Framework
GHSA-gfwj-fwqj-fp3v CVE-2021-22118 HIGH published about 4 years ago • updated 13 days ago
In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalatio...
Pivotal Spring Framework contains unsafe Java deserialization methods
GHSA-4wrc-f8pq-fpqp CVE-2016-1000027 CRITICAL published about 4 years ago • updated about 1 month ago
Pivotal Spring Framework before 6.0.0 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data...
Cross-Site Request Forgery in Spring Framework
GHSA-g6hf-f9cq-q7w7 CVE-2013-6429 MODERATE published about 4 years ago • updated about 1 month ago
The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resol...
Spring Web vulnerable to Open Redirect or Server Side Request Forgery
GHSA-ccgv-vj62-xf9h CVE-2024-22243 HIGH published over 2 years ago • updated about 18 hours ago
Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on th...
Spring Framework DoS via conditional HTTP request
GHSA-2rmj-mq67-h97g CVE-2024-38809 MODERATE published over 1 year ago • updated 11 days ago
### Description Applications that parse ETags from `If-Match` or `If-None-Match` request headers are vulnerable to DoS attack. ### Affected Spring...
View all 12 advisories
Recent PRs
RSS Feed
chore(deps): bump the java-minor-patch group across 1 directory with 36 updates

nordic-institute/X-Road #3530

7.0.6 → 7.0.7 Patch PR
Closed 18 days ago 2 comments
nordic-institute
Bump the maven group across 19 directories with 9 updates

dhay3/spring #3

4.3.9.RELEASE → 4.3.20.RELEASE Patch PR
Closed 25 days ago 1 comment
dhay3
Bump the maven group across 18 directories with 24 updates

abrahem79/glowroot #5

2.0.8 → 5.3.38 Major PR
Open about 1 month ago 2 comments
abrahem79
chore(deps): bump org.springframework:spring-web from 5.3.31 to 7.0.7

mjeanroy/springmvc-mustache #1073

5.3.31 → 7.0.7 Major PR
Closed about 1 month ago 1 comment
mjeanroy
Bump the maven group across 22 directories with 18 updates

veteranbv/nifi #6

4.3.10.RELEASE → 6.1.21 Major PR
Closed about 2 months ago 1 comment
veteranbv
Bump org.springframework:spring-web from 5.1.13.RELEASE to 6.1.21 in /traffic-manager

think-ke/ws02-API-Library #4

5.1.13.RELEASE → 6.1.21 Major PR
Closed about 2 months ago 1 comment
think-ke
build(deps): bump org.springframework:spring-web from 6.2.6 to 6.2.8

levelp/webissues_simple #52

6.2.6 → 6.2.8 Patch PR
Closed about 2 months ago 1 comment
levelp
[DT-400-gradle]: Bump the gradle-patch-updates group with 9 updates

DataBiosphere/stairway #217

7.0.2 → 7.0.6 Patch PR
Open 2 months ago 3 comments
DataBiosphere
chore(deps): bump the java-minor-patch group across 1 directory with 40 updates

nordic-institute/X-Road #3405

7.0.4 → 7.0.6 Patch PR
Open 2 months ago 3 comments
nordic-institute
chore(deps): bump the production-deps group with 8 updates

MatrixDai/liquibase #25

7.0.5 → 7.0.6 Patch PR
Closed 2 months ago 2 comments
MatrixDai
chore(deps): bump the java-minor-patch group across 1 directory with 49 updates

nordic-institute/X-Road #3385

7.0.1 → 7.0.6 Patch PR
Open 3 months ago 1 comment
nordic-institute
Bump org.springframework:spring-web from 5.3.39 to 7.0.6

adaptris/interlok-cache #822

5.3.39 → 7.0.6 Major PR
Closed 3 months ago 1 comment
adaptris
Bump org.springframework:spring-web from 5.3.39 to 7.0.6

adaptris/interlok-cache #821

5.3.39 → 7.0.6 Major PR
Closed 3 months ago 1 comment
adaptris
chore(deps): bump the java-minor-patch group across 1 directory with 45 updates

nordic-institute/X-Road #3380

7.0.1 → 7.0.5 Patch PR
Open 3 months ago 2 comments
nordic-institute
Bump the safe-patch-updates group with 20 updates

hhund/dsf #9

6.2.15 → 6.2.16 Patch PR
Closed 3 months ago 1 comment
hhund
chore(deps): bump the java-minor-patch group across 1 directory with 90 updates

nordic-institute/X-Road #3373

7.0.1 → 7.0.5 Patch PR
Closed 3 months ago 2 comments
nordic-institute
Bump the spring-framework group with 5 updates

inetsoft-technology/datatest #26

6.2.10 → 7.0.5 Major PR
Open 3 months ago 1 comment
inetsoft-technology
Bump the maven group across 9 directories with 21 updates

yathin51/tutorials #18

4.3.4.RELEASE → 6.1.21 Major PR
Closed 3 months ago 1 comment
yathin51
Bump org.springframework:spring-web from 7.0.3 to 7.0.5 in /dashgit-updater

javiertuya/dashgit #268

7.0.3 → 7.0.5 Patch PR
Closed 3 months ago 2 comments
javiertuya
Bump the maven-dependencies group across 1 directory with 20 updates

Blackdread/rest-filter #402

7.0.2 → 7.0.5 Patch PR
Closed 3 months ago 1 comment
Blackdread
chore(deps): bump org.springframework:spring-web from 5.3.39 to 6.1.21 in /sa-token-spring-boot2-dependencies

dromara/Sa-Token #904

5.3.39 → 6.1.21 Major PR
Closed 3 months ago 1 comment
dromara
Bump the maven group across 3 directories with 8 updates

Excecrable/javamelody #5

3.1.0.RELEASE → 6.1.21 Major PR
Closed 3 months ago 1 comment
Excecrable
Bump org.springframework:spring-web from 5.3.39 to 7.0.5

adaptris/interlok-cache #813

5.3.39 → 7.0.5 Major PR
Closed 3 months ago 1 comment
adaptris
Bump org.springframework:spring-web from 5.3.39 to 7.0.5

adaptris/interlok-cache #811

5.3.39 → 7.0.5 Major PR
Closed 3 months ago 1 comment
adaptris
Bump org.springframework:spring-web from 3.2.0.RELEASE to 6.1.21 in /sample-web-app

aliz-ai/java2typescript #8

3.2.0.RELEASE → 6.1.21 Major PR
Closed 3 months ago 1 comment
aliz-ai
Bump the maven group across 27 directories with 24 updates

abhinavm24/tutorials #13

4.3.8.RELEASE → 6.1.21 Major PR
Closed 3 months ago 1 comment
abhinavm24
Bump the all-maven-deps group across 3 directories with 46 updates

craftercms/craftercms #8551

7.0.3 → 7.0.4 Patch PR
Closed 3 months ago 1 comment
craftercms
deps: bump org.springframework:spring-web from 6.0.6 to 7.0.4

Mattilsynet/produksjonsdyr-api #181

6.0.6 → 7.0.4 Major PR
Closed 4 months ago 1 comment
Mattilsynet
deps(deps): bump the maven group across 1 directory with 9 updates

cbwinslow/OpenLegislation-local-dev #275

5.3.39 → 6.1.21 Major PR
Open 4 months ago 9 comments
cbwinslow
Bump org.springframework:spring-web from 6.2.8 to 7.0.4

dungeon-hub/dungeon-hub-api #48

6.2.8 → 7.0.4 Major PR
Closed 4 months ago 1 comment
dungeon-hub
Bump org.springframework:spring-web from 5.3.39 to 7.0.4

adaptris/interlok-cache #806

5.3.39 → 7.0.4 Major PR
Closed 4 months ago 1 comment
adaptris
Bump org.springframework:spring-web from 7.0.3 to 7.0.4

PCGen/pcgen #7512

7.0.3 → 7.0.4 Patch PR
Closed 4 months ago 2 comments
PCGen
chore(deps): bump org.springframework:spring-web from 5.3.31 to 7.0.4

mjeanroy/springmvc-mustache #1042

5.3.31 → 7.0.4 Major PR
Closed 4 months ago 1 comment
mjeanroy
chore(deps): Bump org.springframework:spring-web from 6.2.11 to 7.0.3 in /backend

raimonvibe/chatbot-java-spring-ai #118

6.2.11 → 7.0.3 Major PR
Open 4 months ago 2 comments
raimonvibe
Bump the maven group across 1 directory with 2 updates

nanamix/scouter #1

4.3.18.RELEASE → 6.1.21 Major PR
Closed 4 months ago 1 comment
nanamix
Build(deps): Bump org.springframework:spring-web from 6.2.7 to 6.2.8 in /json-io-spring

jdereg/json-io #430

6.2.7 → 6.2.8 Patch PR
Closed 4 months ago 2 comments
jdereg
Bump the java group across 1 directory with 15 updates

openviglet/dumont #16

7.0.2 → 7.0.3 Patch PR
Closed 4 months ago 1 comment
openviglet
Bump org.springframework:spring-web from 7.0.2 to 7.0.3

avereon/seenc #28

7.0.2 → 7.0.3 Patch PR
Closed 4 months ago 1 comment
avereon
chore(deps): bump the production-deps group with 6 updates

liquibase/liquibase #7524

7.0.2 → 7.0.3 Patch PR
Open 5 months ago 4 comments
liquibase
chore(deps): bump the production-deps group with 6 updates

liquibase/liquibase #7517

7.0.2 → 7.0.3 Patch PR
Closed 5 months ago 3 comments
liquibase
chore: [DevOps] bump the production-major group across 1 directory with 9 updates

SAP/ai-sdk-java #701

6.2.12 → 7.0.2 Major PR
Closed 5 months ago 1 comment
SAP
Bump the all-maven-deps group across 3 directories with 63 updates

craftercms/craftercms #8480

6.2.15 → 7.0.2 Major PR
Closed 5 months ago 2 comments
craftercms
Bump the all-maven-deps group across 3 directories with 64 updates

craftercms/craftercms #8479

6.2.15 → 7.0.2 Major PR
Open 5 months ago 4 comments
craftercms
Bump the all-maven-deps group across 3 directories with 64 updates

craftercms/craftercms #8478

6.2.15 → 7.0.2 Major PR
Open 5 months ago 7 comments
craftercms
Bump the all-maven-deps group across 3 directories with 86 updates

craftercms/craftercms #8474

7.0.1 → 7.0.2 Patch PR
Open 5 months ago 3 comments
craftercms
Bump the all-maven-deps group across 3 directories with 122 updates

QuocKhanh2002/craftercms #13

6.2.10 → 7.0.2 Major PR
Closed 5 months ago 1 comment
QuocKhanh2002
Bump the all-maven-deps group across 3 directories with 121 updates

craftercms/craftercms #8464

7.0.1 → 7.0.2 Patch PR
Closed 5 months ago 1 comment
craftercms
Bump the all-maven-deps group across 3 directories with 118 updates

craftercms/craftercms #8460

7.0.1 → 7.0.2 Patch PR
Closed 6 months ago 1 comment
craftercms
Bump the gradle-version-updates group in /hooks/persistence-defectdojo/hook with 4 updates

secureCodeBox/secureCodeBox #3418

7.0.1 → 7.0.2 Patch PR
Open 6 months ago 4 comments
secureCodeBox
Bump org.springframework:spring-web from 5.3.39 to 7.0.2

adaptris/interlok-cache #782

5.3.39 → 7.0.2 Major PR
Closed 6 months ago 1 comment
adaptris
Package Details
Name: org.springframework:spring-web
Ecosystem: maven
PURL Type: maven
Package URL: pkg:maven/org.springframework:spring-web
JSON API: View JSON
Security Advisories

12

Active advisories
CRITICAL 1
HIGH 4
MODERATE 7
View All maven Advisories
Package Information
Description:

Spring Web

Repository: https://github.com/spring-projects/spring-framework
Homepage: https://github.com/spring-projects/spring-framework
Latest Release: 6.2.7
about 1 year ago
Dependent Repos: 153,377
Dependent Packages: 6,673
Ranking: Top 0.0054% by dependent repos Top 0.0092% by dependent pkgs
PR Status
Open 408 (43.5%)
Merged 186 (19.8%)
Closed 267 (28.4%)
PR Types
Major 275 (29.3%)
Minor 62 (6.6%)
Patch 524 (55.8%)