Spring for Shell

Please find below our most recent information regarding the following two Spring vulnerabilities:

  • Confirmed (Critical, CVSS 9.8): CVE-2022-22965 “Spring4Shell” in Spring Core
  • Confirmed (Critical, CVSS 9.8): CVE-2022-22963 in Spring Cloud Function

Sparxsystems:

Sparx Systems does not use Spring in any of our products.

Posted in News, Sparx News