Sparx Systems Forum

Enterprise Architect => General Board => Topic started by: Stark798 on April 01, 2022, 12:40:30 am

Title: "SpringShell" Spring Framework Vulnerability
Post by: Stark798 on April 01, 2022, 12:40:30 am

Could someone tell that the Sparx System products are vulnerable to the "Springshell" Spring vulnerability CVE-2022-22963?

Title: Re: "SpringShell" Spring Framework Vulnerability
Post by: Geert Bellekens on April 01, 2022, 12:54:37 am

I guess it's the same story as with the Log4J one.

This is a Java vulnerability, and since EA uses a Microsoft stack, it's not affected.

Geert