Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

CVE FIX - Spring: CVE-2022-22965

Assignee

Reporter

Labels

Sprint

Description

https://tanzu.vmware.com/security/cve-2022-22965
https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement#am-i-impacted

In order to fix the CVE, upgrade Spring to version 5.3.18 and spring-boot to version 2.3.12

Steps to reproduce

None

Attachments

1
  • 04 Apr 2022, 12:53 PM
100% Done
Type
Key
Summary
Priority
Story Points
Assignee
Status

Activity

Fixed

Details

Priority

Fix versions

QA Testing

UNDECIDED

Created April 1, 2022 at 7:35 AM
Updated March 12, 2024 at 11:49 AM
Resolved April 2, 2022 at 4:23 PM

Flag notifications