Is IM impacted by the Spring vulnerability CVE-2022-22950?
All Identity Manager
IDM is not vulnerable with CVE-2022-22950.
Identity Manager is not using SpEL related classes or jars.
Beyond this, The Suite software has been designed with file upload size restrictions, as well as code validation, to prevent exactly this type of vulnerability from being exploited within the software.