Get ahead
VMware offers training and certification to turbo-charge your progress.
Learn moreSpring Cloud Gateway CVE reports published
Two vulnerabilities in Spring Cloud Gateway have been identified and fixed. Versions 3.1.1 and 3.0.7 were released to address the vulnerabilities. Please see the CVE reports below for specific upgrade and mitigation instructions:
- CVE-2022-22947: Spring Cloud Gateway Code Injection Vulnerability
- CVE-2022-22946: Spring Cloud Gateway HTTP2 Insecure TrustManager
Spring Cloud users should upgrade to 2021.0.1 (which includes 3.1.1) or for 2020.0.x users should upgrade Spring Cloud Gateway to 3.0.7.
Get support
Tanzu Spring offers support and binaries for OpenJDK™, Spring, and Apache Tomcat® in one simple subscription.
Learn moreUpcoming events
Check out all the upcoming events in the Spring community.
View all