Spectrum Spring Security Vulnerability (CVE-2024-38821)
Article ID: 382138
Updated On:
Products
Network Observability
Spectrum
Issue/Introduction
We noticed during our latest vulnerability scan that Spectrum has Spring Security libraries that are outdated and vulnerable to CVE-2024-38821. Are their any plans to update Spring Security in Spectrum?
Environment
Spectrum 23.x / 24.x
Cause
Spring Security CVE-2024-38821
Resolution
This has been resolved in 24.3.4 as mentioned in the Third Party Acknowledgements here
Spring Framework 5.3.42
Spring Security 5.8.16
Feedback
Yes
No
Powered by
