CVE-2024-28816 - Upgrade Spring from 6.1.10 to 6.1.13 #1431
Comments
corneil
pushed a commit
to corneil/spring-ws
that referenced
this issue
Oct 4, 2024
Update Spring Framework to 6.1.13 Update Spring Security to 6.3.3 Fixes spring-projects#1431
corneil
pushed a commit
to corneil/spring-ws
that referenced
this issue
Oct 4, 2024
Update Spring Framework to 6.1.13 Update Spring Security to 6.3.3 Update WSS4J to 3.0.3 Fixes spring-projects#1431
|
Do you mean CVE-2024-38816? |
corneil
pushed a commit
that referenced
this issue
Oct 4, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In spring-ws 4.0.11 there is a spring-web dependency that is flagging in Sonatype. Spring-web 6.1.10 is flagging on CVE-2024-28816 and the recommended remediation is bumping up to 6.1.13.
The text was updated successfully, but these errors were encountered: