Home > Net >  Does application Spring4Shell- CVE-2022-22965 vulnerable if using spring-plugin-core : 1.2.0?
Does application Spring4Shell- CVE-2022-22965 vulnerable if using spring-plugin-core : 1.2.0?

Time:04-06

Is the system affected by CVE-2022-22965 if it only uses spring-plugin-core from the mentioned impacted list?

Configuration

  • java 8
  • Spring boot : 2.2.6.RELEASE
  • Packaged as executable JAR
  • spring-plugin-core : 1.2.0.RELEASE

CodePudding user response:

a quick search for Spring Boot 2.2.6.RELEASE shows the maven repository with all vulnerabilities listed: https://mvnrepository.com/artifact/org.springframework.boot/spring-boot/2.2.6.RELEASE

Page link:https//www.codepudding.com/net/361838.html

Prev:Spring Cloud CLI could not find artifact
Next:Firebase Cloud Function triggered by a Table datetime field
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding