Security Issue: On March 31, 2022, a critical security vulnerability was identified in the Spring framework that could lead to remote code execution.
Affected packages:
- Spring Cloud Function <= 3.1.6 or <= 3.2.2
CVE: CVE-2022-22963
04/01/2022
According to current information (as of 03/31/2022), no DRACOON product is affected. Specifically, we confirm that neither our DRACOON Cloud nor our on-premises variants DRACOON Server nor DRACOON LTS are affected.
According to published information, only Spring applications are that use the Spring Cloud Function package are affected - this is not used in any DRACOON application. No action is required.
Comments
0 comments
Please sign in to leave a comment.