Skip to content

Upgraded Spring WebMVC version.

Derek Hudson requested to merge aws-cve-fixes into master

Type of change

  • Bug Fix
  • Feature

Please provide link to gitlab issue or ADR(Architecture Decision Record)

Does this introduce a change in the core logic?

  • [YES]

Does this introduce a change in the cloud provider implementation, if so which cloud?

  • AWS
  • Azure
  • GCP
  • IBM

Does this introduce a breaking change?

  • [NO]

What is the current behavior?

Currently there is the CVE-2024-38816 vulnerability in the Spring WebMVC.

What is the new/expected behavior?

Upgraded Spring WebMVC to 6.1.13 which removes that vulnerability.

Have you added/updated Unit Tests and Integration Tests?

N/A

Any other useful information

Merge request reports

Loading