Hello, since yesterday we're facing the CVE-2021-22112 vulnerability on our spring boot 2.2.13 based projects. Could you please provide an update to the affected libraries in a 2.2.14 update?
Thank you and regards,
Comment From: wilkinsona
Spring Boot 2.2.x reached the end of its OSS support period in October 2020 so no further releases are planned. You should upgrade to Spring Boot 2.3.x or 2.4.x as soon as possible. In the meantime you can use the spring-security.version property to override the version of Spring Security to 5.2.9.RELEASE.
Comment From: ghenadiibatalski
@wilkinsona okay, many thanks for the hint!