Description

None

Environment

None

Potential Workaround

None

Linked issues

blocks

FOLIO-3466

Spring4Shell: spring-beans RCE Vulnerability (CVE-2022-22965)

Checklist

hide

TestRail: Results

Activity

Show:

Pavlo Smahin

made 3 changes

April 12, 2022 at 9:25 AM

Status

Open

Closed

Assignee

Yahor Sviarchkou

Unassigned

Resolution

None

Done

Pavlo Smahin

made 2 changes

April 12, 2022 at 9:10 AM

Assignee

Unassigned

Yahor Sviarchkou

Description

Update Spring from 5.3.16 to >= 5.3.18. This fixes * CVE-2022-22950 (medium-severe) - Denial of Service (DoS) in Spring Expression (SpEL) * CVE-2022-22965 (critical) - "Spring4Shell" or Remote Code Execution (RCE) in Spring Core = FOLIO-3466

Pavlo Smahin

changed the assigneeApril 7, 2022 at 2:06 PM

Pavlo Smahin

Unassigned

Khalilah Gambrell

made 4 changes

April 7, 2022 at 11:50 AM

Labels

None

back-end epam-spitfire

Issue Type

Bug

Tech Debt

Rank

None

Ranked lower

Julian Ladisch

made 2 changes

April 5, 2022 at 5:32 PM

Priority

TBD

Linked Issues

None

This issue blocks FOLIO-3466

Julian Ladisch

created the IssueApril 5, 2022 at 5:32 PM

Something went wrong on our end

If this keeps happening, share this information with your admin, who should contact support.

Hash IPD42T
Trace 691c8623a2624329801f008283db330a

Details
Assignee
Unassigned
Reporter
Julian Ladisch
Priority
P2
Development Team
Spitfire
Affects versions
1.5.0
TestRail: Cases
Open TestRail: Cases
TestRail: Runs
Open TestRail: Runs

Configure

TestRail: Cases

TestRail: Runs

Description

Environment

Potential Workaround

Linked issues

blocks

Checklist

TestRail: Results

Activity

DetailsAssigneeUnassignedReporterJulian LadischPriorityP2Development TeamSpitfireAffects versions1.5.0TestRail: CasesOpen TestRail: CasesTestRail: RunsOpen TestRail: Runs

Details

Assignee

Reporter

Priority

Development Team

Affects versions

TestRail: Cases

TestRail: Runs

Flag notifications

Something's gone wrong

Something's gone wrong

Something's gone wrong

Details
Assignee
Unassigned
Reporter
Julian Ladisch
Priority
P2
Development Team
Spitfire
Affects versions
1.5.0
TestRail: Cases
Open TestRail: Cases
TestRail: Runs
Open TestRail: Runs