Spring Framework: Path Traversal Vulnerability in Static Resource Serving - Proactive Insights and Support For Open-Source Applications

In Spring Framework versions 5.3.0 to 5.3.40, 6.0.0 to 6.0.24, and 6.1.0 to 6.1.13 a high severity vulnerability CVE-2024-38816 was detected. This vulnerability allows attackers to perform path traversal attacks, enabling them to access any file on the system that the Spring application has access to. Currently, there is no fix version for this issue. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-38816.