VMware announced a vulnerability (CVE-2022-22963) in their Spring Framework on March 29, 2022. The vulnerability is within the Spring Cloud function allowing remote code execution.
A further vulnerability (CVE-2022-22965) has also been identified on March 31, 2022. This vulnerability affects the Spring Framework RCE and Spring Boot data-binding, if running Java 9 or above.
We are pleased to state that no DETEC products are affected by this vulnerability.
Apache published a critical vulnerability within the Apache log4j java library on December 6, 2021. This vulnerability allows an attacker who can control log messages or log message parameters to execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.
On December 17, 2021, Apache published a new log4j vulnerability (CVE-2021-45105).
We are pleased to state that no DETEC products are affected by either vulnerability.
Software Support is available on business days between 09:00 am and 05:00 pm for all DETEC products on Client-Server-Systems.
+49 - (0)6152 - 7123-140
+49 - (0)6152 - 7123-199
support@detec.com
We are pleased to announce the availability of DoXite 9.1.0. All relevant information is included in the release notes which the support team is happy to provide you. If you would like to receive them or have any questions, please send an email to support@detec.com or call +49 - (0)6152 - 7123-140.