Lucene search
Alex BoykoSPRING:8461E6E3AA6750C19B95D577EB32B9C4HistoryNov 04, 2022 - 1:00 a.m.
CVE Report Published for Spring Tools
2022-11-0401:00:00
Alex Boyko
spring.io
21
cve report
remote code execution
eclipse
vscode
sts4 extensions
spring boot tools
concourse ci pipeline editor
bosh editor
cloudfoundry manifest yml support
0.007 Low
EPSS
Percentile
80.8%
We have released STS 4.16.1 for Eclipse and Spring VSCode extensions1.40.0 to address the following CVE report:
- CVE-2022-31691: Remote Code Execution via YAML editors in STS4 extensions for Eclipse and VSCode
Please review the information in the CVE report and upgrade immediately.
Eclipse: STS upgrade to 4.16.1
VSCode: Spring Boot Tools upgrade to 1.40.0
VSCode: Concourse CI Pipeline Editor upgrade to 1.40.0
VSCode: Bosh Editor upgrade to 1.40.0
VSCode: Cloudfoundry Manifest YML Support upgrade to 1.40.0
See Spring Tools page to find the latest releases
Related
nessus
nessus
prion
prion
Remote code execution
2022-11-04 19:15:00
cve
cve
CVE-2022-31691
2022-11-04 19:15:10
nvd
nvd
CVE-2022-31691
2022-11-04 19:15:10
cvelist
cvelist
CVE-2022-31691
2022-11-04 00:00:00