DEBIAN-CVE-2026-41841
- Source
- https://security-tracker.debian.org/tracker/CVE-2026-41841
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-41841.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2026-41841
- Upstream
- Published
- 2026-06-09T05:16:36.087Z
- Modified
- 2026-06-11T09:04:09.912057820Z
- Summary
- [none]
- Details
-
Spring MVC and WebFlux applications are vulnerable to Information Disclosure attacks when resolving static resources. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0 through 6.1.27; 5.3.0 through 5.3.48.
- References
Affected packages
Debian:11 / libspring-java
Package
- Name
- libspring-java
- Purl
- pkg:deb/debian/libspring-java?arch=source&distro=bullseye
Debian:12 / libspring-java
Package
- Name
- libspring-java
- Purl
- pkg:deb/debian/libspring-java?arch=source&distro=bookworm
Debian:13 / libspring-java
Package
- Name
- libspring-java
- Purl
- pkg:deb/debian/libspring-java?arch=source&distro=trixie
Debian:14 / libspring-java
Package
- Name
- libspring-java
- Purl
- pkg:deb/debian/libspring-java?arch=source&distro=forky