[prev in list] [next in list] [prev in thread] [next in thread]
List: axis-user-ja
Subject: [jira] [Commented] (AXIS2-6032) About Spring RCE 0Days Vulnerability
From: "yanglin (Jira)" <jira () apache ! org>
Date: 2022-04-08 1:49:00
Message-ID: JIRA.13438086.1649228649000.31813.1649382540045 () Atlassian ! JIRA
[Download RAW message or body]
[ https://issues.apache.org/jira/browse/AXIS2-6032?page=com.atlassian.jira.plugin. \
system.issuetabpanels:comment-tabpanel&focusedCommentId=17519264#comment-17519264 ]
yanglin commented on AXIS2-6032:
--------------------------------
ok thanks
> About Spring RCE 0Days Vulnerability
> ------------------------------------
>
> Key: AXIS2-6032
> URL: https://issues.apache.org/jira/browse/AXIS2-6032
> Project: Axis2
> Issue Type: Bug
> Affects Versions: 1.7.9, 1.8.0
> Reporter: yanglin
> Priority: Critical
>
> Hello !
> Is AXIS2 affected by spring rce vulnerability?
> if so , will a new version be released ?
>
> CVE-2022-22965: A Spring MVC or Spring WebFlux application running on JDK 9+ may be \
> vulnerable to remote code execution (RCE) via data binding \
> https://nvd.nist.gov/vuln/detail/CVE-2022-22965
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic