Spring Data REST Vulnerability (CVE-2022-31679)

Engineering | Oliver Drotbohm | September 19, 2022 | ...

Updates

  • [09-19] Vulnerability announced here and Spring Data REST 3.6.7 and 3.7.3 released
  • [09-19] Blog post updated to refer to the CVE report published

The Spring Data 2021.1.7 and 2021.2.3 releases shipped on September 19th contained releases for Spring Data REST 3.6.7 and 3.7.3 which include fixes for CVE-2022-31679. Users are encouraged to update as soon as possible.

Get the Spring newsletter

Stay connected with the Spring newsletter

Subscribe

Get ahead

VMware offers training and certification to turbo-charge your progress.

Learn more

Get support

Tanzu Spring offers support and binaries for OpenJDK™, Spring, and Apache Tomcat® in one simple subscription.

Learn more

Upcoming events

Check out all the upcoming events in the Spring community.

View all