Hi Team, Our security team found Spring Framework Path traversal vulnerability on the below dependencies.
jetty-0_0_0_0-8153-cruise_war-_go-any-/webapp/WEB-INF/lib/ *spring-core-4.3.30.RELEASE.jar* jetty-0_0_0_0-8153-cruise_war-_go-any-/webapp/WEB-INF/lib/ *spring-webmvc-4.3.30.RELEASE.jar*Can you please let us know how we can remediate the issue. We are currently running GoCD using docker and version is 24.2.0. (19076-1406870fc6e121194028e55c4facc0c638d70007). docker pull gocd/gocd-agent-ubuntu-24.04:v24.2.0 Appreciate your help. Thanks, Naveen. -- You received this message because you are subscribed to the Google Groups "go-cd" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/d/msgid/go-cd/a0cf1e08-e29e-4dfd-a5cb-11be997f1575n%40googlegroups.com.
