Hear from the Spring team this January at SpringOne. >
close

CVE Report Published for Spring Tools

We have released STS 4.16.1 for Eclipse and Spring VSCode extensions 1.40.0 to address the following CVE report:
- CVE-2022-31691: Remote Code Execution via YAML editors in STS4 extensions for Eclipse and VSCode

Please review the information in the CVE report and upgrade immediately.

Eclipse: STS upgrade to 4.16.1
VSCode: Spring Boot Tools upgrade to 1.40.0
VSCode: Concourse CI Pipeline Editor upgrade to 1.40.0
VSCode: Bosh Editor upgrade to 1.40.0
VSCode: Cloudfoundry Manifest YML Support upgrade to 1.40.0

See Spring Tools page to find the latest releases

comments powered by Disqus