Environment
SCA and SSC
Situation
Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks.
CVE-2024-38816: Path traversal vulnerability in functional web frameworks
CVE-2024-38819: Path traversal vulnerability in functional web frameworks (2nd report)