Comment From: marcusdacoregio
Closed via https://github.com/spring-projects/spring-security/commit/8f5793afb1345b4312c23d67609cfd6992da2dfc
Comment From: lyoum
Regarding this fix to the spring vulnerability, is the dependency itself safe to use without WebFlux?
Comment From: marcusdacoregio
I don't think I follow @lyoum, are you asking if you can use PathPatternParser without WebFlux in a safe manner? If so, it depends on how you use it.
Comment From: lyoum
The original intention of my question was: whether this vulnerability affects Spring Web, since Spring mentioned WebFlux in it's CVE but did not state clearly whether the vulnerability only affects usage of spring-security with WebFlux.
I later found out it indeed only affects spring-security with WebFlux. Thanks for the prompt response @marcusdacoregio