pkg:Maven/org.springframework.cloud:spring-cloud-config-server

7 total CVEsCRITICAL1HIGH3MEDIUM3

✅ Check your installed version

All known vulnerabilities

  • HIGH7.5CVE-2020-5410⚠ KEVDirectory traversal attack in Spring Cloud Config
    >= 2.1.0, < 2.1.9
  • CRITICAL9.1CVE-2026-40982Spring Cloud Config vulnerable to Path Traversal
    >= 3.1.0, <= 3.1.13
  • HIGH8.6CVE-2026-22739Spring Cloud Config Server: Path Traversal via Profile Parameter Allows Arbitrary File Access
    >= 4.3.0, < 4.3.2
  • HIGH7.2CVE-2026-41002Spring Cloud Config Server Susceptible To TOCTOU Attack
    >= 3.1.0, <= 3.1.13
  • MEDIUM6.5CVE-2020-5405Directory traversal attack in Spring Cloud Config
    >= 2.1.0, < 2.1.7
  • MEDIUM6.5CVE-2019-3799Path Traversal in Spring Cloud Config
    from 0, < 1.4.6
  • MEDIUM4.4CVE-2026-41004Spring Cloud Config Server Logged Sensitive Information
    >= 3.1.0, <= 3.1.13