Update spring.version (major)#292
Security Report
❌ New vulnerabilities:
| Vulnerability | Severity |  CVSS Score |
Vulnerable Library | Direct Library | Suggested Fix | Issue |
|---|---|---|---|---|---|---|
CVE-2019-13116Path to dependency file: /Struts2Spring3Hibernate/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-collections/commons-collections/3.1/commons-collections-3.1.jar Dependency Hierarchy: -> hibernate-entitymanager-3.6.0.Final.jar (Root Library) -> hibernate-core-3.6.0.Final.jar -> ❌ commons-collections-3.1.jar (Vulnerable Library) |
 Critical |
9.8 | Transitive commons-collections-3.1.jar |
hibernate-entitymanager-3.6.0.Final.jar | Transitive 3.2.2 |
#69 |
CVE-2017-15708Path to dependency file: /Struts2Spring3Hibernate/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-collections/commons-collections/3.1/commons-collections-3.1.jar Dependency Hierarchy: -> hibernate-entitymanager-3.6.0.Final.jar (Root Library) -> hibernate-core-3.6.0.Final.jar -> ❌ commons-collections-3.1.jar (Vulnerable Library) |
Critical |
9.8 | Transitive commons-collections-3.1.jar |
hibernate-entitymanager-3.6.0.Final.jar | Transitive 3.2.2 |
#68 |
CVE-2016-1000031Path to dependency file: /Struts2RemeberMeMaven/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-fileupload/commons-fileupload/1.2.1/commons-fileupload-1.2.1.jar Dependency Hierarchy: -> struts2-core-2.1.8.jar (Root Library) -> ❌ commons-fileupload-1.2.1.jar (Vulnerable Library) |
Critical |
9.8 | Transitive commons-fileupload-1.2.1.jar |
struts2-core-2.1.8.jar | Transitive 1.3.3 |
#47 |
CVE-2016-1000027Path to dependency file: /Struts2Spring3Hibernate/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/5.3.20/spring-web-5.3.20.jar Dependency Hierarchy: -> ❌ spring-web-5.3.20.jar (Vulnerable Library) |
Critical |
9.8 | Direct spring-web-5.3.20.jar |
spring-web-5.3.20.jar | 6.0.0 | #169 |
CVE-2015-7501Path to dependency file: /Struts2Spring3Hibernate/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-collections/commons-collections/3.1/commons-collections-3.1.jar Dependency Hierarchy: -> hibernate-entitymanager-3.6.0.Final.jar (Root Library) -> hibernate-core-3.6.0.Final.jar -> ❌ commons-collections-3.1.jar (Vulnerable Library) |
Critical |
9.8 | Transitive commons-collections-3.1.jar |
hibernate-entitymanager-3.6.0.Final.jar | Transitive org.apache.commons:commons-collections4:4.1 |
#67 |
CVE-2015-4852Path to dependency file: /Struts2Spring3Hibernate/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-collections/commons-collections/3.1/commons-collections-3.1.jar Dependency Hierarchy: -> hibernate-entitymanager-3.6.0.Final.jar (Root Library) -> hibernate-core-3.6.0.Final.jar -> ❌ commons-collections-3.1.jar (Vulnerable Library) |
Critical |
9.8 | Transitive commons-collections-3.1.jar |
hibernate-entitymanager-3.6.0.Final.jar | Transitive 3.2.2 |
#65 |
CVE-2024-22262Path to dependency file: /Struts2Spring3Hibernate/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/5.3.20/spring-web-5.3.20.jar Dependency Hierarchy: -> ❌ spring-web-5.3.20.jar (Vulnerable Library) |
 High |
8.1 | Direct spring-web-5.3.20.jar |
spring-web-5.3.20.jar | 5.3.34 | #275 |
CVE-2024-22259Path to dependency file: /Struts2Spring3Hibernate/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/5.3.20/spring-web-5.3.20.jar Dependency Hierarchy: -> ❌ spring-web-5.3.20.jar (Vulnerable Library) |
High |
8.1 | Direct spring-web-5.3.20.jar |
spring-web-5.3.20.jar | 5.3.33 | #276 |
CVE-2024-22243Path to dependency file: /Struts2Spring3Hibernate/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/5.3.20/spring-web-5.3.20.jar Dependency Hierarchy: -> ❌ spring-web-5.3.20.jar (Vulnerable Library) |
High |
8.1 | Direct spring-web-5.3.20.jar |
spring-web-5.3.20.jar | 5.3.32 | #277 |
WS-2014-0034Path to dependency file: /Struts2RemeberMeMaven/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-fileupload/commons-fileupload/1.2.1/commons-fileupload-1.2.1.jar Dependency Hierarchy: -> struts2-core-2.1.8.jar (Root Library) -> ❌ commons-fileupload-1.2.1.jar (Vulnerable Library) |
High |
7.5 | Transitive commons-fileupload-1.2.1.jar |
struts2-core-2.1.8.jar | Transitive 1.4 |
#49 |
CVE-2025-48976Path to dependency file: /Struts2RemeberMeMaven/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-fileupload/commons-fileupload/1.2.1/commons-fileupload-1.2.1.jar Dependency Hierarchy: -> struts2-core-2.1.8.jar (Root Library) -> ❌ commons-fileupload-1.2.1.jar (Vulnerable Library) |
High |
7.5 | Transitive commons-fileupload-1.2.1.jar |
struts2-core-2.1.8.jar | Transitive 1.6.0 |
None |
CVE-2025-41249Path to dependency file: /Struts2Spring3Hibernate/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-core/5.3.20/spring-core-5.3.20.jar Dependency Hierarchy: -> ❌ spring-core-5.3.20.jar (Vulnerable Library) |
High |
7.5 | Direct spring-core-5.3.20.jar |
spring-core-5.3.20.jar | https://github.com/spring-projects/spring-framework.git - v6.2.11,org.springframework:spring-core:6.2.11 | None |
CVE-2023-49735Path to dependency file: /Struts2Spring3Hibernate/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/tiles/tiles-core/2.0.6/tiles-core-2.0.6.jar,/home/wss-scanner/.m2/repository/org/apache/tiles/tiles-core/2.0.6/tiles-core-2.0.6.jar Dependency Hierarchy: -> struts2-tiles-plugin-2.3.12.jar (Root Library) -> ❌ tiles-core-2.0.6.jar (Vulnerable Library) |
High |
7.5 | Transitive tiles-core-2.0.6.jar |
struts2-tiles-plugin-2.3.12.jar | None | |
CVE-2023-24998Path to dependency file: /Struts2RemeberMeMaven/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-fileupload/commons-fileupload/1.2.1/commons-fileupload-1.2.1.jar Dependency Hierarchy: -> struts2-core-2.1.8.jar (Root Library) -> ❌ commons-fileupload-1.2.1.jar (Vulnerable Library) |
High |
7.5 | Transitive commons-fileupload-1.2.1.jar |
struts2-core-2.1.8.jar | Transitive 1.5 |
#265 |
CVE-2016-3092Path to dependency file: /Struts2RemeberMeMaven/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-fileupload/commons-fileupload/1.2.1/commons-fileupload-1.2.1.jar Dependency Hierarchy: -> struts2-core-2.1.8.jar (Root Library) -> ❌ commons-fileupload-1.2.1.jar (Vulnerable Library) |
High |
7.5 | Transitive commons-fileupload-1.2.1.jar |
struts2-core-2.1.8.jar | Transitive 1.3.2 |
#48 |
CVE-2014-0050Path to dependency file: /Struts2RemeberMeMaven/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-fileupload/commons-fileupload/1.2.1/commons-fileupload-1.2.1.jar Dependency Hierarchy: -> struts2-core-2.1.8.jar (Root Library) -> ❌ commons-fileupload-1.2.1.jar (Vulnerable Library) |
High |
7.3 | Transitive commons-fileupload-1.2.1.jar |
struts2-core-2.1.8.jar | Transitive 1.3.1 |
#46 |
CVE-2013-2186Path to dependency file: /Struts2RemeberMeMaven/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-fileupload/commons-fileupload/1.2.1/commons-fileupload-1.2.1.jar Dependency Hierarchy: -> struts2-core-2.1.8.jar (Root Library) -> ❌ commons-fileupload-1.2.1.jar (Vulnerable Library) |
High |
7.3 | Transitive commons-fileupload-1.2.1.jar |
struts2-core-2.1.8.jar | Transitive 1.3.1 |
#45 |
CVE-2026-22740Path to dependency file: /Struts2Spring3Hibernate/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/5.3.20/spring-web-5.3.20.jar Dependency Hierarchy: -> ❌ spring-web-5.3.20.jar (Vulnerable Library) |
 Medium |
6.5 | Direct spring-web-5.3.20.jar |
spring-web-5.3.20.jar | org.springframework:spring-web:6.2.18,https://github.com/spring-projects/spring-framework.git - v7.0.7,org.springframework:spring-web:7.0.7,https://github.com/spring-projects/spring-framework.git - v6.2.18 | None |
CVE-2025-41242Path to dependency file: /Struts2Spring3Hibernate/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-beans/5.3.20/spring-beans-5.3.20.jar Dependency Hierarchy: -> spring-web-5.3.20.jar (Root Library) -> ❌ spring-beans-5.3.20.jar (Vulnerable Library) |
Medium |
5.9 | Transitive spring-beans-5.3.20.jar |
spring-web-5.3.20.jar | Transitive https://github.com/spring-projects/spring-framework.git - v6.2.10,org.springframework:spring-beans:6.2.10 |
None |
CVE-2024-38828Path to dependency file: /Struts2Spring3Hibernate/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-core/5.3.20/spring-core-5.3.20.jar Dependency Hierarchy: -> ❌ spring-core-5.3.20.jar (Vulnerable Library) |
Medium |
5.3 | Direct spring-core-5.3.20.jar |
spring-core-5.3.20.jar | None | |
CVE-2024-38828Path to dependency file: /Struts2Spring3Hibernate/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/5.3.20/spring-web-5.3.20.jar Dependency Hierarchy: -> ❌ spring-web-5.3.20.jar (Vulnerable Library) |
Medium |
5.3 | Direct spring-web-5.3.20.jar |
spring-web-5.3.20.jar | None | |
CVE-2024-38809Path to dependency file: /Struts2Spring3Hibernate/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/5.3.20/spring-web-5.3.20.jar Dependency Hierarchy: -> ❌ spring-web-5.3.20.jar (Vulnerable Library) |
Medium |
5.3 | Direct spring-web-5.3.20.jar |
spring-web-5.3.20.jar | 5.3.38 | None |
CVE-2013-0248Path to dependency file: /Struts2RemeberMeMaven/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-fileupload/commons-fileupload/1.2.1/commons-fileupload-1.2.1.jar Dependency Hierarchy: -> struts2-core-2.1.8.jar (Root Library) -> ❌ commons-fileupload-1.2.1.jar (Vulnerable Library) |
Medium |
4.0 | Transitive commons-fileupload-1.2.1.jar |
struts2-core-2.1.8.jar | Transitive 1.3 |
#44 |
CVE-2024-38820Path to dependency file: /Struts2Spring3Hibernate/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-core/5.3.20/spring-core-5.3.20.jar Dependency Hierarchy: -> ❌ spring-core-5.3.20.jar (Vulnerable Library) |
 Low |
3.1 | Direct spring-core-5.3.20.jar |
spring-core-5.3.20.jar | org.springframework:spring-context:6.1.14 | None |
CVE-2024-38820Path to dependency file: /Struts2Spring3Hibernate/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/5.3.20/spring-web-5.3.20.jar Dependency Hierarchy: -> ❌ spring-web-5.3.20.jar (Vulnerable Library) |
Low |
3.1 | Direct spring-web-5.3.20.jar |
spring-web-5.3.20.jar | org.springframework:spring-context:6.1.14 | None |
CVE-2026-22735Path to dependency file: /Struts2Spring3Hibernate/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/5.3.20/spring-web-5.3.20.jar Dependency Hierarchy: -> ❌ spring-web-5.3.20.jar (Vulnerable Library) |
Low |
2.6 | Direct spring-web-5.3.20.jar |
spring-web-5.3.20.jar | org.springframework:spring-web:7.0.6,org.springframework:spring-web:6.2.17,org.springframework:spring-webmvc:6.2.17,https://github.com/spring-projects/spring-framework.git - v6.2.17,https://github.com/spring-projects/spring-framework.git - v6.1.21,https://github.com/spring-projects/spring-framework.git - v7.0.6,org.springframework:spring-webmvc:7.0.6 | None |
✔️ Remediated vulnerabilities:
| Vulnerability | Vulnerable Library |
|---|---|
| CVE-2019-13116 | commons-collections-3.1-URBA2209RC1.jar |
| CVE-2016-1000031 | commons-fileupload-1.2.1-URBA2209RC1.jar |
| CVE-2015-3192 | spring-web-3.2.0.RELEASE.jar |
| WS-2016-7112 | spring-context-3.2.0.RELEASE.jar |
| CVE-2014-0050 | commons-fileupload-1.2.1-URBA2209RC1.jar |
| CVE-2013-6430 | spring-web-3.2.0.RELEASE.jar |
| CVE-2013-2186 | commons-fileupload-1.2.1-URBA2209RC1.jar |
| CVE-2014-3578 | spring-core-3.2.0.RELEASE.jar |
| CVE-2025-22233 | spring-context-3.2.0.RELEASE.jar |
| WS-2021-0174 | spring-beans-3.2.0.RELEASE.jar |
| CVE-2014-0054 | spring-web-3.2.0.RELEASE.jar |
| CVE-2014-0225 | spring-web-3.2.0.RELEASE.jar |
| CVE-2024-22259 | spring-web-3.2.0.RELEASE.jar |
| CVE-2015-5211 | spring-web-3.2.0.RELEASE.jar |
| CVE-2023-20861 | spring-expression-3.2.0.RELEASE.jar |
| CVE-2013-7315 | spring-web-3.2.0.RELEASE.jar |
| CVE-2024-38808 | spring-expression-3.2.0.RELEASE.jar |
| CVE-2018-1272 | spring-web-3.2.0.RELEASE.jar |
| CVE-2017-15708 | commons-collections-3.1-URBA2209RC1.jar |
| CVE-2016-1000027 | spring-web-3.2.0.RELEASE.jar |
| CVE-2022-22970 | spring-core-3.2.0.RELEASE.jar |
| CVE-2013-0248 | commons-fileupload-1.2.1-URBA2209RC1.jar |
| CVE-2024-38809 | spring-web-3.2.0.RELEASE.jar |
| CVE-2022-22965 | spring-beans-3.2.0.RELEASE.jar |
| CVE-2018-1199 | spring-core-3.2.0.RELEASE.jar |
| CVE-2023-20863 | spring-expression-3.2.0.RELEASE.jar |
| CVE-2025-41242 | spring-beans-3.2.0.RELEASE.jar |
| CVE-2023-24998 | commons-fileupload-1.2.1-URBA2209RC1.jar |
| CVE-2024-38820 | spring-web-3.2.0.RELEASE.jar |
| CVE-2013-6429 | spring-web-3.2.0.RELEASE.jar |
| CVE-2022-22970 | spring-beans-3.2.0.RELEASE.jar |
| CVE-2021-22096 | spring-web-3.2.0.RELEASE.jar |
| WS-2014-0034 | commons-fileupload-1.2.1-URBA2209RC1.jar |
| CVE-2024-22262 | spring-web-3.2.0.RELEASE.jar |
| CVE-2024-22243 | spring-web-3.2.0.RELEASE.jar |
| CVE-2015-4852 | commons-collections-3.1-URBA2209RC1.jar |
| CVE-2015-7501 | commons-collections-3.1-URBA2209RC1.jar |
| CVE-2022-22950 | spring-expression-3.2.0.RELEASE.jar |
| CVE-2016-3092 | commons-fileupload-1.2.1-URBA2209RC1.jar |
| CVE-2020-5421 | spring-web-3.2.0.RELEASE.jar |
| CVE-2022-22968 | spring-context-3.2.0.RELEASE.jar |
| CVE-2024-38820 | spring-context-3.2.0.RELEASE.jar |
| CVE-2025-48976 | commons-fileupload-1.2.1-URBA2209RC1.jar |
Base branch total remaining vulnerabilities: 735
Base branch commit: null
Total libraries scanned: 131
Scan token: 7fbbeec585d242b5aa05a4e35b18a0c9