Uploaded image for project: 'Ranger'
  1. Ranger
  2. RANGER-3691

Upgrade spring to 5.3.18 CVE-2022-22965

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Blocker
    • Resolution: Fixed
    • None
    • 3.0.0, 2.3.0
    • admin, kms
    • None

    Description

      https://tanzu.vmware.com/security/cve-2022-22965

      https://github.com/spring-projects/spring-framework/releases

       

      Spring has a new 0day Remote-Code-Execution problem, related to spring-beans and JDK9+

      Fixed at spring 5.3.18 / 5.2.20

       

      Attachments

        Activity

          People

            kirbyzhou kirby zhou
            kirbyzhou kirby zhou
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: