Lucene search
Alex BoykoSPRING:8461E6E3AA6750C19B95D577EB32B9C4HistoryNov 04, 2022 - 1:00 a.m.
CVE Report Published for Spring Tools
2022-11-0401:00:00
Alex Boyko
spring.io
23
cve report
remote code execution
eclipse
vscode
sts4 extensions
spring boot tools
concourse ci pipeline editor
bosh editor
cloudfoundry manifest yml support
EPSS
0.007
Percentile
80.8%
We have released STS 4.16.1 for Eclipse and Spring VSCode extensions1.40.0 to address the following CVE report:
- CVE-2022-31691: Remote Code Execution via YAML editors in STS4 extensions for Eclipse and VSCode
Please review the information in the CVE report and upgrade immediately.
Eclipse: STS upgrade to 4.16.1
VSCode: Spring Boot Tools upgrade to 1.40.0
VSCode: Concourse CI Pipeline Editor upgrade to 1.40.0
VSCode: Bosh Editor upgrade to 1.40.0
VSCode: Cloudfoundry Manifest YML Support upgrade to 1.40.0
See Spring Tools page to find the latest releases
Related
nessus
nessus
cvelist
cvelist
CVE-2022-31691
2022-11-04 00:00:00
cve
cve
CVE-2022-31691
2022-11-04 19:15:10
nvd
nvd
CVE-2022-31691
2022-11-04 19:15:10
prion
prion
Remote code execution
2022-11-04 19:15:00