CVE-2022-22970 and CVE-2022-22971 on JIRA spring-core-5.3.10.jar

XMLWordPrintable

    • Type: Suggestion
    • Resolution: Duplicate
    • None
    • Component/s: Security
    • None
    • 33

      Problem:

      Jira is working with the version of the spring framework spring-core-5.0.10. This spring framework is vulnerable to CVE-2022-22970 and CVE-2022-22971

      Suggested Solution

      The remediation  for these CVE's are update the spring framework library. The recommendation is updating to the version 5.3.21.

      Why This Is Important

      Security team and scanners raised concerns 

      Workaround

      None available 

              Assignee:
              Unassigned
              Reporter:
              Roman Ventura (Inactive)
              Votes:
              19 Vote for this issue
              Watchers:
              18 Start watching this issue

                Created:
                Updated:
                Resolved: