pkg:Maven/org.thymeleaf:thymeleaf-spring5

All known vulnerabilities

• CRITICAL9.8CVE-2021-43466Template injection in thymeleaf-spring5
  from 0, < 3.0.13.RELEASE
• CRITICAL9.0CVE-2026-41901Sandboxed Thymeleaf expressions vulnerable to improper recognition of unauthorized syntax patterns
  from 0, < 3.1.5.RELEASE
• CRITICAL9.0CVE-2026-40478Improper neutralization of specific syntax patterns for unauthorized expressions in Thymeleaf
  from 0, < 3.1.4.RELEASE
• CRITICAL9.0Improper restriction of the scope of accessible objects in Thymeleaf expressions
  from 0, < 3.1.4.RELEASE