Author Topic: "SpringShell" Spring Framework Vulnerability  (Read 655 times)

Stark798

  • EA Novice
  • *
  • Posts: 6
  • Karma: +0/-0
    • View Profile
"SpringShell" Spring Framework Vulnerability
« on: April 01, 2022, 12:40:30 am »
Could someone tell that the Sparx System products are vulnerable to the "Springshell" Spring vulnerability CVE-2022-22963?

Geert Bellekens

  • EA Guru
  • *****
  • Posts: 11937
  • Karma: +465/-33
  • Make EA work for YOU!
    • View Profile
    • Enterprise Architect Consultant and Value Added Reseller
Re: "SpringShell" Spring Framework Vulnerability
« Reply #1 on: April 01, 2022, 12:54:37 am »
I guess it's the same story as with the Log4J one.

This is a Java vulnerability, and since EA uses a Microsoft stack, it's not affected.

Geert