Update Spring Framework to 5.3.19

XMLWordPrintable

    • 4

      CVE-2022-22965

      For information about CVE-2022-22965 as it applies to Atlassian's products see https://confluence.atlassian.com/kb/faq-for-cve-2022-22965-1115149136.html

      The Spring Spring Framework version used in Bitbucket Server/Data Center should be updated to 5.3.19.

      Note that while CVE-2022-22965 is addressed in 5.3.18, some of the restrictions break non-bundled plugins. This is fixed in Spring 5.3.19 as described here: https://github.com/spring-projects/spring-framework/issues/28269

              Assignee:
              Unassigned
              Reporter:
              Ben Humphreys
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: