Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

CVE FIX - spring-web

Assignee

Reporter

Labels

Sprint

Description

CVE-2024-22243 - cvssV3: HIGH, score: 8.2

 Standard Output

 Standard Error - spring-web 5.3.28

Standard Error - spring-web 5.3.31

Are we really using 2 different versions? Why?

Steps to reproduce

None

Activity

Kamil Kočí April 17, 2024 at 8:55 AM
Edited

  • The branch has been merged

  • The Jenkins jobs have been deleted

  • Closing

Kamil Kočí April 11, 2024 at 1:53 PM
Edited

Spring-web 5.3.31 is dependency of Spring boot from worker.

The spring library was changed to 5.3.33 version. Version in Spring Boot was not changed.

Fixed

Details

Time tracking

4h logged

Priority

Fix versions

QA Testing

UNDECIDED

Created February 23, 2024 at 8:06 AM
Updated June 25, 2024 at 8:31 AM
Resolved April 12, 2024 at 8:24 AM