Explore top 10 tips to secure your open-source projects now. Read More
×
Spring Framework could be made to run programs or expose sensitive
information if it received specially crafted network traffic.
Software Description:
- libspring-java: Modular Java/J2EE application framework
Details:
It was discovered that the Spring Framework incorrectly handled web
requests via data binding. An attacker could possibly use this issue to
achieve remote code execution and obtain sensitive information.
The problem can be corrected by updating your system to the following package versions: Ubuntu 24.10 libspring-aop-java 4.3.30-2ubuntu0.24.10.1 libspring-beans-java 4.3.30-2ubuntu0.24.10.1 libspring-context-java 4.3.30-2ubuntu0.24.10.1 libspring-context-support-java 4.3.30-2ubuntu0.24.10.1 libspring-core-java 4.3.30-2ubuntu0.24.10.1 libspring-expression-java 4.3.30-2ubuntu0.24.10.1 libspring-instrument-java 4.3.30-2ubuntu0.24.10.1 libspring-jdbc-java 4.3.30-2ubuntu0.24.10.1 libspring-jms-java 4.3.30-2ubuntu0.24.10.1 libspring-messaging-java 4.3.30-2ubuntu0.24.10.1 libspring-orm-java 4.3.30-2ubuntu0.24.10.1 libspring-oxm-java 4.3.30-2ubuntu0.24.10.1 libspring-transaction-java 4.3.30-2ubuntu0.24.10.1 libspring-web-java 4.3.30-2ubuntu0.24.10.1 libspring-web-portlet-java 4.3.30-2ubuntu0.24.10.1 libspring-web-servlet-java 4.3.30-2ubuntu0.24.10.1 Ubuntu 24.04 LTS libspring-aop-java 4.3.30-2ubuntu0.24.04.1~esm1 Available with Ubuntu Pro libspring-beans-java 4.3.30-2ubuntu0.24.04.1~esm1 Available with Ubuntu Pro libspring-context-java 4.3.30-2ubuntu0.24.04.1~esm1 Available with Ubuntu Pro libspring-context-support-java 4.3.30-2ubuntu0.24.04.1~esm1 Available with Ubuntu Pro libspring-core-java 4.3.30-2ubuntu0.24.04.1~esm1 Available with Ubuntu Pro libspring-expression-java 4.3.30-2ubuntu0.24.04.1~esm1 Available with Ubuntu Pro libspring-instrument-java 4.3.30-2ubuntu0.24.04.1~esm1 Available with Ubuntu Pro libspring-jdbc-java 4.3.30-2ubuntu0.24.04.1~esm1 Available with Ubuntu Pro libspring-jms-java 4.3.30-2ubuntu0.24.04.1~esm1 Available with Ubuntu Pro libspring-messaging-java 4.3.30-2ubuntu0.24.04.1~esm1 Available with Ubuntu Pro libspring-orm-java 4.3.30-2ubuntu0.24.04.1~esm1 Available with Ubuntu Pro libspring-oxm-java 4.3.30-2ubuntu0.24.04.1~esm1 Available with Ubuntu Pro libspring-transaction-java 4.3.30-2ubuntu0.24.04.1~esm1 Available with Ubuntu Pro libspring-web-java 4.3.30-2ubuntu0.24.04.1~esm1 Available with Ubuntu Pro libspring-web-portlet-java 4.3.30-2ubuntu0.24.04.1~esm1 Available with Ubuntu Pro libspring-web-servlet-java 4.3.30-2ubuntu0.24.04.1~esm1 Available with Ubuntu Pro Ubuntu 22.04 LTS libspring-aop-java 4.3.30-1ubuntu0.1~esm1 Available with Ubuntu Pro libspring-beans-java 4.3.30-1ubuntu0.1~esm1 Available with Ubuntu Pro libspring-context-java 4.3.30-1ubuntu0.1~esm1 Available with Ubuntu Pro libspring-context-support-java 4.3.30-1ubuntu0.1~esm1 Available with Ubuntu Pro libspring-core-java 4.3.30-1ubuntu0.1~esm1 Available with Ubuntu Pro libspring-expression-java 4.3.30-1ubuntu0.1~esm1 Available with Ubuntu Pro libspring-instrument-java 4.3.30-1ubuntu0.1~esm1 Available with Ubuntu Pro libspring-jdbc-java 4.3.30-1ubuntu0.1~esm1 Available with Ubuntu Pro libspring-jms-java 4.3.30-1ubuntu0.1~esm1 Available with Ubuntu Pro libspring-messaging-java 4.3.30-1ubuntu0.1~esm1 Available with Ubuntu Pro libspring-orm-java 4.3.30-1ubuntu0.1~esm1 Available with Ubuntu Pro libspring-oxm-java 4.3.30-1ubuntu0.1~esm1 Available with Ubuntu Pro libspring-transaction-java 4.3.30-1ubuntu0.1~esm1 Available with Ubuntu Pro libspring-web-java 4.3.30-1ubuntu0.1~esm1 Available with Ubuntu Pro libspring-web-portlet-java 4.3.30-1ubuntu0.1~esm1 Available with Ubuntu Pro libspring-web-servlet-java 4.3.30-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 20.04 LTS libspring-aop-java 4.3.22-4ubuntu0.1~esm1 Available with Ubuntu Pro libspring-beans-java 4.3.22-4ubuntu0.1~esm1 Available with Ubuntu Pro libspring-context-java 4.3.22-4ubuntu0.1~esm1 Available with Ubuntu Pro libspring-context-support-java 4.3.22-4ubuntu0.1~esm1 Available with Ubuntu Pro libspring-core-java 4.3.22-4ubuntu0.1~esm1 Available with Ubuntu Pro libspring-expression-java 4.3.22-4ubuntu0.1~esm1 Available with Ubuntu Pro libspring-instrument-java 4.3.22-4ubuntu0.1~esm1 Available with Ubuntu Pro libspring-jdbc-java 4.3.22-4ubuntu0.1~esm1 Available with Ubuntu Pro libspring-jms-java 4.3.22-4ubuntu0.1~esm1 Available with Ubuntu Pro libspring-messaging-java 4.3.22-4ubuntu0.1~esm1 Available with Ubuntu Pro libspring-orm-java 4.3.22-4ubuntu0.1~esm1 Available with Ubuntu Pro libspring-oxm-java 4.3.22-4ubuntu0.1~esm1 Available with Ubuntu Pro libspring-transaction-java 4.3.22-4ubuntu0.1~esm1 Available with Ubuntu Pro libspring-web-java 4.3.22-4ubuntu0.1~esm1 Available with Ubuntu Pro libspring-web-portlet-java 4.3.22-4ubuntu0.1~esm1 Available with Ubuntu Pro libspring-web-servlet-java 4.3.22-4ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS libspring-aop-java 4.3.22-1~18.04.1~esm1 Available with Ubuntu Pro libspring-beans-java 4.3.22-1~18.04.1~esm1 Available with Ubuntu Pro libspring-context-java 4.3.22-1~18.04.1~esm1 Available with Ubuntu Pro libspring-context-support-java 4.3.22-1~18.04.1~esm1 Available with Ubuntu Pro libspring-core-java 4.3.22-1~18.04.1~esm1 Available with Ubuntu Pro libspring-expression-java 4.3.22-1~18.04.1~esm1 Available with Ubuntu Pro libspring-instrument-java 4.3.22-1~18.04.1~esm1 Available with Ubuntu Pro libspring-jdbc-java 4.3.22-1~18.04.1~esm1 Available with Ubuntu Pro libspring-jms-java 4.3.22-1~18.04.1~esm1 Available with Ubuntu Pro libspring-messaging-java 4.3.22-1~18.04.1~esm1 Available with Ubuntu Pro libspring-orm-java 4.3.22-1~18.04.1~esm1 Available with Ubuntu Pro libspring-oxm-java 4.3.22-1~18.04.1~esm1 Available with Ubuntu Pro libspring-transaction-java 4.3.22-1~18.04.1~esm1 Available with Ubuntu Pro libspring-web-java 4.3.22-1~18.04.1~esm1 Available with Ubuntu Pro libspring-web-portlet-java 4.3.22-1~18.04.1~esm1 Available with Ubuntu Pro libspring-web-servlet-java 4.3.22-1~18.04.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-7165-1
CVE-2022-22965
Get the latest Linux and open source security news straight to your inbox.