View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0005263 | SymmetricDS | Bug | public | 2022-04-08 17:42 | 2022-04-11 19:28 |
| Reporter | elong | Assigned To | pmarzullo | ||
| Priority | normal | ||||
| Status | closed | Resolution | fixed | ||
| Product Version | 3.10.13 | ||||
| Target Version | 3.13.4 | Fixed in Version | 3.13.4 | ||
| Summary | 0005263: CVE-2022-22965: Spring Version needs to use 5.2.20.RELEASE or 5.3.18 in order to not be vulnerable to this security issue | ||||
| Description | CVE-2022-22965 These are the requirements for the specific scenario from the report: JDK 9 or higher Apache Tomcat as the Servlet container Packaged as a traditional WAR (in contrast to a Spring Boot executable jar) spring-webmvc or spring-webflux dependency Spring Framework versions 5.3.0 to 5.3.17, 5.2.0 to 5.2.19, and older versions | ||||
| Tags | security | ||||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2022-04-08 17:42 | elong | New Issue | |
| 2022-04-08 17:42 | elong | Status | new => assigned |
| 2022-04-08 17:42 | elong | Assigned To | => pmarzullo |
| 2022-04-08 17:42 | elong | Tag Attached: security | |
| 2022-04-08 17:42 | elong | Issue generated from: 0005248 | |
| 2022-04-08 17:42 | elong | Relationship added | related to 0005248 |
| 2022-04-08 17:42 | elong | Status | assigned => resolved |
| 2022-04-08 17:42 | elong | Resolution | open => fixed |
| 2022-04-08 17:42 | elong | Fixed in Version | => 3.13.4 |
| 2022-04-08 17:42 | elong | Target Version | 3.13.5 => 3.13.4 |
| 2022-04-11 19:28 | admin | Status | resolved => closed |