Uploaded image for project: 'JS - JobScheduler'
  1. JS - JobScheduler
  2. JS-1809

Update Spring Framework core to Version >= 4.3.17 due to vulnerability issues in Spring Framework (CVE-2015-0201, CVE-2015-3192, CVE-2015-5211, CVE-2016-5007, CVE-2018-1257, CVE-2018-1270, CVE-2018-1272, CVE-2018-1275)

    XMLWordPrintable

    Details

    • CVE-ID:
      CVE-2015-0201, CVE-2015-3192, CVE-2015-5211, CVE-2016-5007, CVE-2018-1257, CVE-2018-1270, CVE-2018-1272, CVE-2018-1275

      Description

      Current Situation

      Desired Behavior

      • Due to vulnerability Issues of older Spring Framework core releases the JobScheduler should use the current version 4.3.10 that fixes the issues.

      Maintainer Notes

      • The released versions of the JobScheduler are not affected by those vulnerabilities.
      • The vulnerability issues affect only the internally used integration tests.

        Attachments

          Activity

            People

            • Assignee:
              jz Joacim Zschimmer
              Reporter:
              sp Santiago Aucejo Petzoldt
              Approver:
              Santiago Aucejo Petzoldt
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: