In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade org.springframework:spring-webmvc
to version 6.1.14 or higher.
org.springframework:spring-webmvc is a package that provides Model-View-Controller (MVC) architecture and ready components that can be used to develop flexible and loosely coupled web applications.
Affected versions of this package are vulnerable to Path Traversal through the functional web frameworks WebMvc.fn
or WebFlux.fn
. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also accessible.
Note: This is similar to CVE-2024-38816, but with different input.