Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Spring4Shell Morning Glory (CVE-2022-22965)

Description

On master branch

  • upgrade spring-boot-starter-parent from 2.3.4.RELEASE to >= 2.6.6 or >= 2.5.12.RELEASE

  • or upgrade Spring Framework from 5.2.9.RELEASE to 5.2.20.RELEASE

  • or apply some other effective fix

  • or explain why edge-inn-reach is not affected by Spring4Shell.

See FOLIO-3466

CSP Request Details

None

CSP Rejection Details

None

Potential Workaround

None

Checklist

hide

TestRail: Results

Activity

Show:
Duplicate

Details

Assignee

Reporter

Priority

Story Points

Sprint

Development Team

Volaris

Release

Morning Glory (R2 2022)

RCA Group

TBD

TestRail: Cases

Open TestRail: Cases

TestRail: Runs

Open TestRail: Runs

Created April 1, 2022 at 12:23 PM
Updated April 21, 2022 at 2:07 PM
Resolved April 21, 2022 at 2:07 PM
TestRail: Cases
TestRail: Runs