Skip to content

📦 Bump org.springframework:spring-core:5.3.9 from 5.3.9 to 5.3.38#8

Open
softforgeinc wants to merge 1 commit intomainfrom
devtask/LINEAJE-TASK-1048
Open

📦 Bump org.springframework:spring-core:5.3.9 from 5.3.9 to 5.3.38#8
softforgeinc wants to merge 1 commit intomainfrom
devtask/LINEAJE-TASK-1048

Conversation

@softforgeinc
Copy link

@softforgeinc softforgeinc commented Oct 9, 2025

Lineaje has automatically created this pull request to resolve the following CVEs:

CVE ID Severity Description
CVE-2021-22060 Medium In Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older
unsupported versions, it is possible for a user to provide malicious input to
cause the insertion of additional log entries. This is a follow-up to
CVE-2021-22096 that protects against additional types of input and in more places
of the Spring Framework codebase.
CVE-2021-22096 Medium In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older
unsupported versions, it is possible for a user to provide malicious input to
cause the insertion of additional log entries.

You can merge this PR once the tests pass and the changes are reviewed.

Thank you for reviewing the update! 🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@softforgeinc

Comments