You are here

Security Updates Addressing "Spring4Shell" and Spring Cloud Function Vulnerabilities

Security Updates Addressing "Spring4Shell" and Spring Cloud Function Vulnerabilities

Created: Tuesday, April 5, 2022 - 14:24
Categories:
Cybersecurity

The Cybersecurity and Infrastructure Security Agency (CISA) has published an advisory on the release of Spring updates that address the remote code execution (RCE) vulnerability CVE-2022-22965, also known as “Spring4Shell.” Cloud Function versions 3.1.7 and 3.2.3 and Spring Framework versions 5.3.18 and 5.2.20 are available on the Spring by VMWare blog. CISA encourages users and administrators to immediately apply the necessary updates found in the blog posts, as well as reviewing the relevant vulnerability reports. Read the full advisory at CISA.