[ https://issues.apache.org/jira/browse/KYLIN-1893?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
kangkaisen closed KYLIN-1893. ----------------------------- Resolution: Duplicate > Upgrade spring-boot framework because of security vulnerabilities > ----------------------------------------------------------------- > > Key: KYLIN-1893 > URL: https://issues.apache.org/jira/browse/KYLIN-1893 > Project: Kylin > Issue Type: Bug > Components: REST Service > Affects Versions: v1.5.2 > Reporter: kangkaisen > Assignee: Zhong,Jason > Priority: Critical > > The Spring Boot Framework has a expression of SPEL type injection common > vulnerabilities, which affect versions is 1.1-1.3.0. > we need upgrade to version 1.3.1 or later. > https://www.chinacybersafety.com/tag/the-common-vulnerabilities-and-high-risk-vulnerabilities-early-warning-framework-spring-boot -- This message was sent by Atlassian JIRA (v6.3.4#6332)