Package "libspring-web-java"

Name:	libspring-web-java
Description:	modular Java/J2EE application framework - Web
Latest version:	4.3.30-2ubuntu0.24.10.1
Release:	oracular (24.10)
Level:	updates
Repository:	universe
Head package:	libspring-java
Homepage:	https://spring.io/projects/spring-framework

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "libspring-web-java"

All arch deb package

APT INSTALL

Other versions of "libspring-web-java" in Oracular

Repository	Area	Version
base	universe	4.3.30-2
security	universe	4.3.30-2ubuntu0.24.10.1

Changelog

Version: 4.3.30-2ubuntu0.24.10.1 2024-12-18 02:06:47 UTC

libspring-java (4.3.30-2ubuntu0.24.10.1) oracular-security; urgency=medium * SECURITY UPDATE: Remote code execution through PropertyDescriptor. - debian/patches/CVE-2022-22965.patch: Don't allow binding non-class properties name variants in .../beans/CachedIntrospectionResults.java. - CVE-2022-22965 -- Hlib Korzhynskyy <email address hidden> Thu, 12 Dec 2024 16:08:29 -0330

CVE-2022-22965

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit

About - Send Feedback to @ubuntu_updates

Package "libspring-web-java"

Links

Download "libspring-web-java"

Other versions of "libspring-web-java" in Oracular

Changelog

Share this page

Bookmarks

Latest updates

updates

proposed

security

PPA updates