New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVE-2022-41923 Discussion #844
Comments
Is this considered a local or remote vulnerability? Understanding the scope can help determine how to mitigate. |
The CVSS details are here: CVSS for CVE-2022-41923 Attack vector: network If your application is vulnerable and is exposed to the remote network/Internet, then it can be attacked remotely. |
I updated the plugin from version 4.0.3 to 4.0.5 and now I'm getting the following error: ExceptionLog.txt Any ideas? Been stuck with this issue for a while now. Thank you. |
@jaabax Please check that your project has at least that version of the Spring Framework. You can determine what versions of each dependency are being used for each configuration by running a gradle dependency report. |
Additional details are available from Synacktiv who discovered this issue: |
Issue description
This issue has been opened to facilitate discussion about CVE-2022-41923.
Technical details have not yet been released. We are providing a period of time for users to patch their applications before providing any technical details.
Patch
For information on patches, please see the Grails blog post.
Workaround
For a workaround, please see the Workaround repo.
More Information
If you have comments and/or questions, please add them here.
The text was updated successfully, but these errors were encountered: