VYPR

Maven package

org.thymeleaf/thymeleaf

pkg:maven/org.thymeleaf/thymeleaf

Vulnerabilities (3)

  • CVE-2026-41901CriMay 12, 2026
    affected < 3.1.5.RELEASEfixed 3.1.5.RELEASE

    Thymeleaf is a server-side Java template engine for web and standalone environments. Prior to 3.1.5.RELEASE, a security bypass vulnerability exists in the expression execution mechanisms of Thymeleaf. Although the library provides mechanisms to avoid the execution of potentially

  • CVE-2026-40478CriApr 17, 2026
    affected < 3.1.4.RELEASEfixed 3.1.4.RELEASE

    Thymeleaf is a server-side Java template engine for web and standalone environments. Versions 3.1.3.RELEASE and prior contain a security bypass vulnerability in the the expression execution mechanisms. Although the library provides mechanisms to prevent expression injection, it f

  • CVE-2026-40477CriApr 17, 2026
    affected < 3.1.4.RELEASEfixed 3.1.4.RELEASE

    Thymeleaf is a server-side Java template engine for web and standalone environments. Versions 3.1.3.RELEASE and prior contain a security bypass vulnerability in the expression execution mechanisms. Although the library provides mechanisms to prevent expression injection, it fails