Skip to content

Commit

Permalink
fix: Upgrades springboot to 3.2.5 for CVE-2024-22262
Browse files Browse the repository at this point in the history 
* The CVE requires the upgrade of spring products to 6.1.6+. To achieve
  this upgrade both the spring version and the springboot version in the
  pom configuration.

* See CVE described by https://spring.io/security/cve-2024-22262
  • Loading branch information
@phantomjinx
phantomjinx committed Apr 24, 2024
1 parent 961ebe1 commit f6d9287
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions pom.xml
View file
Expand Up @@ -54,8 +54,8 @@
<!-- Quarkus -->
<quarkus-version>3.8.2</quarkus-version>
<!-- Spring -->
<spring-version>6.1.5</spring-version>
<spring-boot-version>3.2.3</spring-boot-version>
<spring-version>6.1.6</spring-version>
<spring-boot-version>3.2.5</spring-boot-version>
<!-- Jetty -->
<jetty-version>11.0.20</jetty-version>
<!-- Keycloak -->
Expand Down

0 comments on commit f6d9287

Please sign in to comment.