Peer Knowledge Base
Breadcrumbs

Security Advisory: Spring Framework Vulnerability (CVE-2022-22965)


Last Updated

04 Apr 2022

Peer Software has been monitoring the news around the recently discovered remote code execution vulnerability that involves the Spring Framework (CVE-2022-22965).  As this vulnerability is new, we will continue to review and post updates to this advisory as necessary.

Based on the information currently available, this vulnerability does not affect any of our products.  More details can be found below.

Product/Tool

Version(s)

Status

Description

Peer Global File Service

All

Not impacted

PeerGFS uses Spring Boot (which uses Spring Framework) in a few places, but does not use any packaged WAR files.

PeerLink

All

Not impacted

PeerLink does not use Spring Framework.

PeerSync

All

Not impacted

PeerSync does not use Spring Framework.

PeerLock

All

Not impacted

PeerLock does not use Spring Framework.

File System Analyzer

All

Not impacted

File System Analyzer does not use Spring Framework.

File Activity Analyzer

All

Not impacted

File Activity Analyzer does not use Spring Framework.

Health Checker

All

Not impacted

Health Checker does not use Spring Framework.

Some additional notes on this and related vulnerabilities:

If you have additional questions, please contact our support team via Peer Service Desk.