Vmware Spring_hateoas
2 CVEs affecting Vmware Spring_hateoas. Latest disclosed: 2026-06-09. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-41007 | High | 7.5 | 2026-06-09 | Spring HATEOAS maintains an unbounded static cache of StringLinkRelation instances keyed on attacker-supplied strings. Affected versions: Spring HATEOAS 1.5.0… |
CVE-2026-41006 | High | 7.5 | 2026-06-09 | Spring HATEOAS's internal PropertyUtils.createObjectFromProperties method, used by the Collection+JSON and UBER media type deserializers, performs bean propert… |