[ERM-2083] Determine if any modules affected by Spring4Shell (CVE-2022-22965) - FOLIO Issue Tracker

XML

Word

Printable

Details

Type: Task
Status: Closed (View Workflow)
Priority: P3
Resolution: Done
Component/s: mod-agreements
Labels:
None

Template:
Sprint:
ERM Sprint 155-156
Development Team:
K-Int
RCA Group:
TBD

Description

See ~~FOLIO-3466~~

Is mod-agreements affected by Spring4Shell? If not please explain why and close this Jira.

If yes or if unable to determine then

update Grails Core from 4.0.4 to >= 5.1.6
or update Spring Framework from 5.1.16.RELEASE to >= 5.3.18 or >= 5.2.20

TestRail: Results

Attachments

Issue Links

blocks

FOLIO-3466 Spring4Shell: spring-beans RCE Vulnerability (CVE-2022-22965)

Closed

mentioned in: Page Loading...; Page Loading...; Page Loading...

Activity

People

Assignee:: Unassigned

Reporter:: Julian Ladisch

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 05/Apr/22 5:10 PM

Updated:: 11/Jan/23 9:45 AM

Resolved:: 09/Jan/23 3:49 PM

TestRail: Runs

TestRail: Cases