Update Spring to 5.3.18+ to mitigate CVE-2022-22965

XMLWordPrintable

    • Type: Bug
    • Resolution: Fixed
    • Priority: Low
    • 8.0.7, 8.2.2, 8.1.6
    • Affects Version/s: 8.0.0, 8.1.1, 8.2.0
    • Component/s: Security
    • None
    • Severity 1 - Critical

      Issue Summary

      Spring dependency should be upgraded to 5.3.18+ to fix CVE-2022-22965 which is critical for JDK 11 environment

      Steps to Reproduce

      1. See dependencies at WEB-INF/lib

      Expected Results

      spring-beans 5.3.18+ is  expected

      Actual Results

      spring-beans 5.3.10 is used

      Workaround

      Currently there is no known workaround for this behavior. A workaround will be added here when available

            Assignee:
            Alexey Chystoprudov
            Reporter:
            Alexey Chystoprudov
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: