Uploaded image for project: 'edge-caiasoft'
  1. edge-caiasoft
  2. EDGCSOFT-37

Spring4Shell Kiwi R3 2021 (CVE-2022-22965)

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • TBD
    • Resolution: Won't Do
    • 1.1.2
    • None
    • None
    • Firebird
    • TBD

    Description

      On b1.1 branch

      • upgrade spring-boot-starter-parent from 2.3.4.RELEASE to >= 2.6.6 or >= 2.5.12.RELEASE
      • or upgrade Spring Framework from 5.2.9.RELEASE to 5.2.20.RELEASE
      • or apply some other effective fix
      • or explain why edge-caiasoft is not affected by Spring4Shell.

      See FOLIO-3466

      And release a patch version.

      TestRail: Results

        Attachments

          Issue Links

            blocks

            Umbrella - FOLIO-3466 Spring4Shell: spring-beans RCE Vulnerability (CVE-2022-22965)

            • P2 - normal priority level, must be included in the current development cycle
            • Closed

            Activity

              People

                Unassigned Unassigned
                julianladisch Julian Ladisch
                Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  TestRail: Runs

                    TestRail: Cases