Is Clarity affected by the Spring Framework vulnerability CVE-2022-22950?
Clarity PPM does not use Spring Framework, and hence it is not affected.
However, there is an integration with Tibco Jaspersoft that is affected. Jaspersoft Reporting Server uses the Spring Framework. However, Java 9 is required for this vulnerability to be exploited. JRS that is integrated with Clarity PPM, is run using Java 11, so this vulnerability cannot be exploited there.