Skip to content

Critical spring Security vulnerability fixes for spring-security-web

Jayesh Bagul requested to merge az/jb_security_vulnerabilities_147 into master

Type of change

  • Bug Fix
  • Feature

Please provide link to gitlab issue or ADR(Architecture Decision Record)

Does this introduce a change in the core logic?

  • [YES/NO]

Does this introduce a change in the cloud provider implementation, if so which cloud?

  • AWS
  • Azure
  • Google Cloud
  • IBM

Does this introduce a breaking change?

  • [YES/NO]

What is the current behavior?

What is the new/expected behavior?

Have you added/updated Unit Tests and Integration Tests?

Any other useful information

vulnerabilities were detected in https://community.opengroup.org/osdu/platform/system/search-service/-/security/vulnerabilities/27101 and https://community.opengroup.org/osdu/platform/system/search-service/-/security/vulnerabilities/27100

Updated the changes for the non-vulnerable version.

Edited by Jayesh Bagul

Merge request reports