CVE-2022-22980 Update Spring Data Stack due to CVE in MongoDB integration #31492
Labels
status: duplicate
A duplicate of another issue
Comments
spring-projects-issues
added
the
status: waiting-for-triage
|
Duplicates #31349 |
bclozel
added
status: duplicate
|
naive question: i know i can declare the spring-data-mongo dependency on its own, so that i could just ask devs to upgrade spring-boot to 2.7.1 or 2.6.9 ? Thank you |
|
You can find the milestones with their scheduled date here: https://github.com/spring-projects/spring-boot/milestones Both, 2.6.9 and 2.7.1, are scheduled for tomorrow. |
|
@mbimbij Brian closed the issue with a reference to an issue that provides you that information. |
This comment was marked as resolved.
This comment was marked as resolved.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello,
we use currently Spring Boot Stack 2.6.8 with MongoDB integration. Please update the Spring Data Stack to 3.3.5+ as described by https://tanzu.vmware.com/security/cve-2022-22980
Many thanks and best regards,
G. Batalski
The text was updated successfully, but these errors were encountered: