Skip to content

[GHSA-wg35-8jpf-2xv3] Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources.#7862

Merged
advisory-database[bot] merged 1 commit into
yuki-matsuhashi/advisory-improvement-7862from
yuki-matsuhashi-GHSA-wg35-8jpf-2xv3
Jul 2, 2026
Merged

[GHSA-wg35-8jpf-2xv3] Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources.#7862
advisory-database[bot] merged 1 commit into
yuki-matsuhashi/advisory-improvement-7862from
yuki-matsuhashi-GHSA-wg35-8jpf-2xv3

Conversation

@yuki-matsuhashi

Copy link
Copy Markdown

Updates

  • Affected products
  • CVSS v3

Comments
The CVE record was initially published with a CVSS vector that differed from the vendor advisory and was later corrected. NVD now reflects it, while this advisory still appears to use the earlier value. This updates A:N to A:L to align with the current CVSS vector.

@github-actions github-actions Bot changed the base branch from main to yuki-matsuhashi/advisory-improvement-7862 May 31, 2026 15:13
@advisory-database advisory-database Bot merged commit 66809f4 into yuki-matsuhashi/advisory-improvement-7862 Jul 2, 2026
4 checks passed
@advisory-database

Copy link
Copy Markdown
Contributor

Hi @yuki-matsuhashi! Thank you so much for contributing to the GitHub Advisory Database. This database is free, open, and accessible to all, and it's people like you who make it great. Thanks for choosing to help others. We hope you send in more contributions in the future!

@advisory-database advisory-database Bot deleted the yuki-matsuhashi-GHSA-wg35-8jpf-2xv3 branch July 2, 2026 21:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant