Date: 4th April
Secure Code Warrior is aware of the recently disclosed CVE 2022-22965 (Spring4Shell) Vulnerability and CVE 2022-22963 (Spring Cloud Functions)
We have assessed our internal environment for services that may use the vulnerable Spring Framework components. At the time of this update, Secure Code Warrior confirms we are not impacted. Furthermore, Secure Code Warrior can confirm we don’t use any “Spring Cloud Functions”.
We are actively monitoring this issue, and are working with our critical suppliers to understand impacts in the supply chain that might have an impact on services we offer you
Updates will be posted to this thread as additional information becomes available.