[GHSA-cx7f-g6mp-7hqm] Path traversal vulnerability in functional web frameworks

github / advisory-database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Creative Commons Attribution 4.0 International

1.75k stars 336 forks source link

[GHSA-cx7f-g6mp-7hqm] Path traversal vulnerability in functional web frameworks #4985

Closed AlexeyTsvetkov closed 3 weeks ago

AlexeyTsvetkov commented 3 weeks ago

Updates

Affected products

Comments spring-webflux artifacts are also vulnerable. That is explicitly mentioned in the issue description (https://spring.io/security/cve-2024-38816), and also in alternative databases. For example Snyk mentions both: https://security.snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-7945491 https://security.snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-7945491

advisory-database[bot] commented 3 weeks ago

Hi @AlexeyTsvetkov! Thank you so much for contributing to the GitHub Advisory Database. This database is free, open, and accessible to all, and it's people like you who make it great. Thanks for choosing to help others. We hope you send in more contributions in the future!