6.3.4+ due to CVE-2024-38821

Disha Talreja (Jira) Wed, 06 Nov 2024 12:08:40 -0800

Disha Talreja created ATLAS-4915:
------------------------------------

             Summary: Upgrade Spring Security to 5.7.13/5.8.15/6.2.7/6.3.4+ due 
to CVE-2024-38821
                 Key: ATLAS-4915
                 URL: https://issues.apache.org/jira/browse/ATLAS-4915
             Project: Atlas
          Issue Type: Task
          Components:  atlas-core
            Reporter: Disha Talreja
            Assignee: Disha Talreja



Upgrade Spring Security to 5.7.13/5.8.15/6.2.7/6.3.4+ due to CVE-2024-38821

Affected versions of this package are vulnerable to Missing Authorization 
allowing Spring Security authorization rules to be bypassed for static 
resources.

[https://nvd.nist.gov/vuln/detail/CVE-2024-38821] 

[https://security.snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORKSECURITY-8309135] 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (ATLAS-4915) Upgrade Spring Security to 5.7.13/5.8.15/6.2.7/6.3.4+ due to CVE-2024-38821

Reply via email to