This page collects WhisperX intelligence signals tagged #Thymeleaf. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
一个广泛使用的 Java 开发框架组件被曝存在严重安全漏洞。在 WebGoat 项目的代码库中,安全扫描工具检测到 `spring-boot-starter-thymeleaf-2.7.1.jar` 依赖项引入了三个安全漏洞,其中最高严重性评分为 CVSS 9.0。该漏洞位于其底层依赖库 `thymeleaf-3.0.15.RELEASE.jar` 中,路径指向项目根目录的 `pom.xml` 文件。这表明任何使用此特定版本 Spring Boot Thymeleaf 启动器的 Java 应用程序都可能面临潜在的攻击面。 漏洞详情显示,问题根源在于 `org.thymeleaf:thymeleaf` 库的 3.0.15.RELEA...
A WhiteSource security scan has flagged the spring-boot-starter-thymeleaf library at version 2.7.1 as containing five distinct vulnerabilities, with the highest carrying a CVSS score of 9.0—placing it firmly in critical territory. The scan, triggered on a Maven project dependency file, identified the vulnerable artifac...