Update Spring Framework to 5.3.19

XMLWordPrintable

    • 4

      CVE-2022-22965

      For information about CVE-2022-22965 as it applies to Atlassian's products see https://confluence.atlassian.com/kb/faq-for-cve-2022-22965-1115149136.html

      The Spring Spring Framework version used in Bitbucket Server/Data Center should be updated to 5.3.19.

      Note that while CVE-2022-22965 is addressed in 5.3.18, some of the restrictions break non-bundled plugins. This is fixed in Spring 5.3.19 as described here: https://github.com/spring-projects/spring-framework/issues/28269

            Assignee:
            Unassigned
            Reporter:
            Ben Humphreys
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: