Date: 4th April
Issue:
Secure Code Warrior is aware of the recently disclosed CVE 2022-22965 (Spring4Shell) Vulnerability and CVE 2022-22963 (Spring Cloud Functions)
Impact:
We have assessed our internal environment for services that may use the vulnerable Spring Framework components. At the time of this update, Secure Code Warrior confirms we are not impacted. Furthermore, Secure Code Warrior can confirm we don’t use any “Spring Cloud Functions”.
We are actively monitoring this issue, and are working with our critical suppliers to understand impacts in the supply chain that might have an impact on services we offer you
For more information, please refer to the information below. Read our blog - vulnerabilities-in-spring-libraries-are-you-at-risk
Other resources:
Next Update:
Updates will be posted to this thread as additional information becomes available.
Comments
0 comments
Please sign in to leave a comment.