Announcement

Collapse
No announcement yet.

Open-Xchange Statement on Vulnerability in the Spring Framework

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Open-Xchange Statement on Vulnerability in the Spring Framework

    Open-Xchange Statement on Vulnerability in the Spring Framework

    A remote code-execution vulnerability has been found in the Spring Framework, currently named "SpringShell" (CVE-2022-22965).

    We have analyzed the issue and our exposure to it based on current information. OX App Suite deployments are using Java 8, the vulnerability does affect systems using Java 9 and newer. At this point, we have no indication that your deployments are vulnerable.

    However, we will continue to monitor the situation closely and update affected components as a precaution.
    Last edited by Karl-Heinz Grasser; 03-31-2022, 05:07 PM.
Working...
X