Return
-
Title
Impact of CVE-2022-22965 Spring4Shell and CVE-2022-22963 Spring Cloud Function vulnerabilities -
Description
A critical vulnerability was recently discovered related to systems/software that run Spring MVC or Spring WebFlux application on JDK 9+
More information about this vulnerability can be found here National Vulnerability Database - CVE-2022-22965 (nist.gov) and here National Vulnerability Database - CVE-2022-22963 (nist.gov)
-
Cause
This is an industry-wide vulnerability and is not specific to Netvault -
Resolution
These vulnerabilities were discovered in the Java Spring Framework and its Spring Cloud Function component, respectively, and Netvault does not use these components, therefore is not affected.