Hello, I have read about this vulnerability on the Spring Framework Github, it seems an old venerability.
It seems the issue is around the deprecated Spring HTTP Invoker, are Spring Security 5.6.1 and 5.4.10 exposed to it?
Thanks a lot in advance for you attention.
Comment From: rwinch
Spring Security is not known to be impacted by it otherwise it would be on the report. If you find out otherwise, please refer to our security policy for how to report and discuss security issues securely.
Comment From: blackat
Thanks a lot @rwinch for your super fast response, much appreciated 🙇🏼