Problem:
Currently running Foreman 3.0.1, is cve-2022-22965 an issue?
Expected outcome:
Foreman and Proxy versions:
Foreman and Proxy plugin versions:
Distribution and version:
Other relevant data:
Problem:
Currently running Foreman 3.0.1, is cve-2022-22965 an issue?
Expected outcome:
Foreman and Proxy versions:
Foreman and Proxy plugin versions:
Distribution and version:
Other relevant data:
We have the same question.
It’s looking like no, but I am hoping to get more of a comprehensive answer.
I’ll write ASAP.
Hello again!
No, this CVE is not an issue.
The only area we wanted to check was Candlepin, but I’ve confirmation that Candlepin doesn’t use Spring at all (neither Spring MVC, or Spring Beans, or Spring Webflux).
Thank you.