Medium severity5.3NVD Advisory· Published Nov 18, 2024· Updated Apr 15, 2026
CVE-2024-38828
CVE-2024-38828
Description
Spring MVC controller methods with an @RequestBody byte[] method parameter are vulnerable to a DoS attack.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.springframework:spring-webmvcMaven | >= 5.3.0, < 5.3.42 | 5.3.42 |
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5News mentions
0No linked articles in our index yet.