BSA-2022-1769
21302
04 April 2022
04 April 2022
Closed
Critical
9.8
N/A
CVE-2022-22965
Summary Security Advisory ID : BSA-2022-1769 Component : Spring Framework RCE Revision : 1.0
Brocade PSIRT has become aware of an RCE vulnerability in the Spring Framework. A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding.
More information is available at:
- Spring Framework RCE, Early Announcement
- CVE-2022-22965: Spring Framework RCE via Data Binding on JDK 9+
Affected Products
No Brocade Fibre Channel Products from Broadcom products are currently known to be affected by CVE-2022-22965.
Version | Change | Date |
---|---|---|
1.0 | Initial Publication | April 4th, 2022 |