Project

General

Profile

Actions
Copy link

Bug #22045

closed

Rudder - Bug #22044: Spring-security is impacted by CVE-2022-31692

Spring security CVE-2022-31692 on oauth2 module

Bug #22045: Spring security CVE-2022-31692 on oauth2 module

Added by François ARMAND over 3 years ago. Updated over 2 years ago.

Status:
Resolved
Priority:
N/A
Assignee:
François ARMAND
Target version:
Rudder plugins - 7.2
Pull Request:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
To do
Fix check:
To do
Regression:
No

Description

https://tanzu.vmware.com/security/cve-2022-31692

We are not impacted since we don't use spring security authorization. Still, we can update to be at the same version as parent project and avoid false positive.

Updated by François ARMAND over 3 years ago Actions
Copy link
 #1

  • Status changed from New to In progress
  • Assignee set to François ARMAND

Updated by François ARMAND over 3 years ago Actions
Copy link
 #2

  • Subject changed from Spring security CVE-2022-31692 on oauth2 module to Spring security CVE-2022-31692 on oauth2 module
  • Status changed from In progress to Resolved

It will be automatically resolved by parent, there is not specific version for oauth2 plugin, it uses rudder main one.

Updated by Vincent MEMBRÉ over 2 years ago Actions
Copy link
 #3

  • Target version changed from 7.2-next to 7.2
Actions
Copy link

Also available in: PDF Atom