[ https://issues.apache.org/jira/browse/RANGER-3788?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Christian Pfarr updated RANGER-3788: ------------------------------------ External issue URL: https://github.com/apache/ranger/pull/152 > Upgrade spring to 5.3.20 > ------------------------- > > Key: RANGER-3788 > URL: https://issues.apache.org/jira/browse/RANGER-3788 > Project: Ranger > Issue Type: Bug > Components: admin > Affects Versions: 2.2.0 > Reporter: Christian Pfarr > Priority: Major > Fix For: 3.0.0, 2.3.0 > > Time Spent: 10m > Remaining Estimate: 0h > > [https://nvd.nist.gov/vuln/detail/CVE-2022-22970] > [https://nvd.nist.gov/vuln/detail/CVE-2022-22971] > [https://github.com/spring-projects/spring-framework/releases/tag/v5.3.20] > Spring seems to be vulnerable to DoS attacks when handling file uploads. > We´ve got some Security Reports and need a fix in future releases. > Upgrading to 5.3.20 should be enough. -- This message was sent by Atlassian Jira (v8.20.7#820007)