Uploaded image for project: 'ERM Platform'
  1. ERM Platform
  2. ERM-2082

Spring4Shell mod-agreements Morning Glory R2 2022 (CVE-2022-22965)

    XMLWordPrintable

Details

    • ERM Sprint 140
    • Bienenvolk
    • Morning Glory R2 2022
    • TBD

    Description

      See FOLIO-3466

      mod-agreements uses an affected spring-beans version (as reported by grails dependency-report runtime | grep spring-beans): 5.1.16.RELEASE

      Is mod-agreements affected by Spring4Shell? If not please explain why and close this Jira.

      If yes or if unable to determine then

      • update Grails Core from 4.0.4 to >= 5.1.6
      • or update Spring Framework from 5.1.16.RELEASE to >= 5.3.18 or >= 5.2.20

      TestRail: Results

        Attachments

          Issue Links

            Activity

              People

                Unassigned Unassigned
                julianladisch Julian Ladisch
                Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  TestRail: Runs

                    TestRail: Cases