[RANGER-3691] Upgrade spring to 5.3.18 CVE-2022-22965 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Blocker
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 3.0.0, 2.3.0
Component/s: admin, kms
Labels:
None

Description

https://tanzu.vmware.com/security/cve-2022-22965

https://github.com/spring-projects/spring-framework/releases

Spring has a new 0day Remote-Code-Execution problem, related to spring-beans and JDK9+

Fixed at spring 5.3.18 / 5.2.20

Attachments

Activity

People

Assignee:: kirby zhou

Reporter:: kirby zhou

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 01/Apr/22 06:15

Updated:: 12/Apr/22 16:07

Resolved:: 04/Apr/22 07:21