Uploaded image for project: 'Atlas'
  1. Atlas
  2. ATLAS-4915

Upgrade Spring Security to 5.7.13/5.8.15/6.2.7/6.3.4+ due to CVE-2024-38821

    XMLWordPrintableJSON

Details

    • Task
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 3.0.0, 2.4.0
    • atlas-core
    • None

    Description

      Upgrade Spring Security to 5.7.13/5.8.15/6.2.7/6.3.4+ due to CVE-2024-38821

      Affected versions of this package are vulnerable to Missing Authorization allowing Spring Security authorization rules to be bypassed for static resources.

      https://nvd.nist.gov/vuln/detail/CVE-2024-38821 

      https://security.snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORKSECURITY-8309135 

      Attachments

        1. ATLAS-4915.patch
          0.9 kB
          Disha Talreja

        Activity

          People

            dishatalreja Disha Talreja
            dishatalreja Disha Talreja
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: