Security Issue: On March 31, 2022, a critical security vulnerability was identified in the Spring framework that could lead to remote code execution.
- Spring Core <= 5.3.17
According to current information (as of 03/31/2022), no DRACOON product is affected. We therefore confirm that neither our DRACOON Cloud nor our on-premises variants DRACOON Server or DRACOON LTS are affected.
According to published information, only Spring applications that use Tomcat standalone are affected. No action is therefore required.