Spring Framework
by Vmware
Review your setup
Spring Framework has some exploitation signals but is generally manageable with regular updates.
What to do
- Keep this software updated
- Review your configuration for unnecessary exposure
- Check for known-vulnerable components or plugins
What Attackers Target
Vulnerabilities with high exploit probability
30.6%
Confirmed actively exploited (CISA)
2.8%
Public exploit code available
0.0%
Based on 36 known vulnerabilities. Percentages show the proportion that are actively dangerous — a low percentage means most vulnerabilities in this product are not being exploited.
Most Dangerous Vulnerabilities
| CVE | CVSS | Exploit Probability | Confirmed |
|---|---|---|---|
| CVE-2022-22965 | 9.8 | 94.4% | Yes |
| CVE-2018-1271 | 5.9 | 90.6% | — |
| CVE-2020-5398 | 7.5 | 90.2% | — |
| CVE-2018-1270 | 9.8 | 90.0% | — |
| CVE-2020-5421 | 6.5 | 63.8% | — |
| CVE-2016-1000027 | 9.8 | 60.4% | — |
| CVE-2024-22259 | 8.1 | 56.4% | — |
| CVE-2023-20860 | 7.5 | 56.3% | — |
| CVE-2018-1275 | 9.8 | 38.1% | — |
| CVE-2022-22968 | 5.3 | 20.5% | — |
| CVE-2018-15756 | 7.5 | 18.1% | — |
| CVE-2018-11040 | 7.5 | 7.3% | — |
| CVE-2016-9878 | 7.5 | 5.6% | — |
| CVE-2022-22950 | 6.5 | 4.1% | — |
| CVE-2018-11039 | 5.9 | 2.6% | — |
| CVE-2018-1272 | 7.5 | 2.2% | — |
| CVE-2015-5211 | 9.6 | 1.9% | — |
| CVE-2018-1199 | 5.3 | 1.5% | — |
| CVE-2024-22233 | 7.5 | 1.5% | — |
| CVE-2024-38820 | 3.1 | 1.5% | — |
37
/ 100
moderate-risk
Active Threat
36/50 · High
Exploit Availability
1/50 · Minimal
Score uses Wilson score intervals to account for sample size. Products with few CVEs are scored conservatively.