Critical spring Security vulnerability fixes for spring-security-web (!471) · Merge requests · OSDU Software / OSDU Data Platform / System / Search · GitLab

Jayesh Bagul requested to merge az/jb_security_vulnerabilities_147 into master Mar 24, 2023

Type of change

Bug Fix
Feature

Please provide link to gitlab issue or ADR(Architecture Decision Record)

Does this introduce a change in the core logic?

[YES/NO]

Does this introduce a change in the cloud provider implementation, if so which cloud?

AWS
Azure
Google Cloud
IBM

Does this introduce a breaking change?

[YES/NO]

What is the current behavior?

What is the new/expected behavior?

Have you added/updated Unit Tests and Integration Tests?

Any other useful information

vulnerabilities were detected in https://community.opengroup.org/osdu/platform/system/search-service/-/security/vulnerabilities/27101 and https://community.opengroup.org/osdu/platform/system/search-service/-/security/vulnerabilities/27100

Updated the changes for the non-vulnerable version.

Edited Mar 29, 2023 by Jayesh Bagul