Spring Product Security Update Advisory (CVE-2026-22750)
Spring product security update advisory (CVE-2026-22750). Affected products and scope of impact. the affected product is Spring Cloud Gateway version 4.2.0. Vulnerability overview. the vulnerability (CVE-2026-22750) is an issue where SSL bundle settings are unceremoniously ignored. this could allow an application to establish a connection without applying the intended TLS
Spring Product Security Update Advisory
overview We have released security updates that address vulnerabilities in Spring products. users of affected products are encouraged to update to the latest version. affected products Cve-2026-22738, cve-2026-22742, cve-2026-22743, cve-2026-22744 Spring AI version: 1.0.0 or higher but lower than 1.0.5Spring AI version: 1.1.0 or later and less than 1.1.4 resolved
Spring Product Security Update Advisory (CVE-2026-22739)
overview We have released security updates that address vulnerabilities in Spring products. users of affected products are encouraged to update to the latest version. affected products CVE-2026-22739 Spring Cloud Config Version: 3.1.xSpring Cloud Config version: 4.1.xSpring Cloud Config version: 4.2.xSpring Cloud Config version: 4.3.xSpring Cloud Config version: 5.0.x resolved vulnerabilities
Spring Product Security Update Advisory
overview We have released security updates that address vulnerabilities in Spring products. users of affected products are encouraged to update to the latest version. affected products CVE-2026-22731 Spring Boot version: 4.0.0 or higher and 4.0.3 or lowerSpring Boot version: 3.5.0 or later and 3.5.11 or earlierSpring Boot version: 3.4.0 or
Spring Product Security Update Advisory
overview We have released security updates that address vulnerabilities in Spring products. users of affected products are encouraged to update to the latest version. affected products Cve-2026-22729, cve-2026-22730 Spring AI version: 1.0.xSpring AI version: 1.1.x resolved vulnerabilities JSONPath injection vulnerability in FilterExpressionConverter in Spring AI Vector Stores (CVE-2026-22729)SQL injection vulnerability
Spring Product Security Update Advisory (CVE-2024-38819)
Overview We have released an update to address a vulnerability in our Spring products. Users...
Spring Product Security Update Advisory (CVE-2025-41253)
Overview We have released security updates to fix vulnerabilities in Spring products. Users of affected products are advised to update to the latest version. Affected Products CVE-2025-41253 Spring Cloud Gateway version: 4.3.0 or higher but lower than 4.3.2Spring Cloud Gateway version: 4.2.0 or later but not
Spring Product Security Update Advisory
Overview We have released security updates to fix vulnerabilities in Spring products. Users of affected products are advised to update to the latest version. Affected Products CVE-2025-41243 Spring Cloud Gateway version: 4.3.0 or higher and lower than 4.3.1Spring Cloud Gateway version: 4.2.0 or later but not
Spring Product Security Update Advisory (CVE-2025-22228)
Overview We have released security updates to fix vulnerabilities in Spring products. Users of affected products are advised to update to the latest version. Affected Products CVE-2025-22228 Spring Security versions: 5.7.0 through 5.7.15 (inclusive)Spring Security versions: 5.8.0 through 5.8.17 (inclusive)Spring Security versions: 6.0.0 through 6.0.15 (inclusive)Spring Security versions:
Spring Product Security Update Advisory (CVE-2024-38821)
Overview An update has been released to address vulnerabilities in Spring Products. Users of...
