Uploaded image for project: 'edge-inn-reach'
  1. edge-inn-reach
  2. EDGINREACH-32

Spring4Shell Morning Glory (CVE-2022-22965)

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • P1
    • Resolution: Duplicate
    • None
    • None
    • None
    • Volaris Sprint 138
    • 0
    • Volaris
    • Morning Glory (R2 2022)
    • TBD

    Description

      On master branch

      • upgrade spring-boot-starter-parent from 2.3.4.RELEASE to >= 2.6.6 or >= 2.5.12.RELEASE
      • or upgrade Spring Framework from 5.2.9.RELEASE to 5.2.20.RELEASE
      • or apply some other effective fix
      • or explain why edge-inn-reach is not affected by Spring4Shell.

      See FOLIO-3466

      TestRail: Results

        Attachments

          Issue Links

            blocks

            Umbrella - FOLIO-3466 Spring4Shell: spring-beans RCE Vulnerability (CVE-2022-22965)

            • P2 - normal priority level, must be included in the current development cycle
            • Closed
            duplicates

            Bug - A problem which impairs or prevents the functions of the product. EDGINREACH-33 Spring4Shell Lotus/Kiwi (CVE-2022-22965)

            • TBD - To be determined
            • Closed
            relates to

            Bug - A problem which impairs or prevents the functions of the product. EDGINREACH-33 Spring4Shell Lotus/Kiwi (CVE-2022-22965)

            • TBD - To be determined
            • Closed

            Activity

              People

                Alex1987 Aleksandr Oleinik
                julianladisch Julian Ladisch
                Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  TestRail: Runs

                    TestRail: Cases