spring boot web starter dependency security issue
Answered
CVE-2022-41854 6.5 Out-of-bounds Write vulnerability with medium severity found
CVE-2022-1471 9.8 Deserialization of Untrusted Data vulnerability with high severity found
Please sign in to leave a comment.
Hi Aman Prasoon,
IntelliJ IDEA Spring wizard relies on https://start.spring.io
Please see the links below for more information about mentioned security problems:
- https://github.com/spring-projects/spring-boot/issues/33457
- https://github.com/spring-projects/spring-boot/issues/34561