Uploaded image for project: 'Kylin'
  1. Kylin
  2. KYLIN-1893

Upgrade spring-boot framework because of security vulnerabilities

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Critical
    • Resolution: Duplicate
    • v1.5.2
    • None
    • REST Service
    • None

    Description

      The Spring Boot Framework has a expression of SPEL type injection common vulnerabilities, which affect versions is 1.1-1.3.0.
      we need upgrade to version 1.3.1 or later.

      https://www.chinacybersafety.com/tag/the-common-vulnerabilities-and-high-risk-vulnerabilities-early-warning-framework-spring-boot

      Attachments

        Issue Links

          is duplicated by

          Improvement - An improvement or enhancement to an existing feature or task. KYLIN-1867 Upgrade dependency libraries

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Activity

            People

              zhongjian Jason Zhong
              kangkaisen Kaisen Kang
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: