In our project spring-boot: 2.2.6.RELEASE spring-cloud: Hoxton.SR4
There are some other spring cloud middleware such as hystrix nacos rabbitmq
How can I upgrade to resolve CVE-2022-22965?
Comment From: zhangbx3
It is difficult to have the corresponding relationship of the completed version for my reference
Comment From: bclozel
This CVE advisory states that Spring Boot 2.6.6 is the minimum version with the fix. You should ensure that you're always on a supported version. As for the Spring Cloud compatibility, this is documented here.
As stated in the issue template, for further questions, please use StackOverflow.