Spectrum Spring Security Vulnerability (CVE-2024-38821)
search cancel

Spectrum Spring Security Vulnerability (CVE-2024-38821)

book

Article ID: 382138

calendar_today

Updated On: 02-20-2025

Products

Network Observability Spectrum

Issue/Introduction

We noticed during our latest vulnerability scan that Spectrum has Spring Security libraries that are outdated and vulnerable to CVE-2024-38821.  Are their any plans to update Spring Security in Spectrum?

Environment

Spectrum 23.x / 24.x

Cause

Spring Security CVE-2024-38821 

Resolution

This has been resolved in 24.3.4 as mentioned in the Third Party Acknowledgements here

 

Spring Framework 5.3.42
Spring Security 5.8.16