Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Qlik Connect 2024! Seize endless possibilities! LEARN MORE
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
balajim1
Contributor II
Contributor II
‎2022-07-05 05:42 AM

CVE-2022-22980: Spring Data MongoDB SpEL Expression injection vulnerability

Hi, 

Is any of Qliks products affected by the security issue called Spring Data MongoDB SpEL Expression injection vulnerability(CVE-2022-22980)? 

If so, what products and how to mitigate? 

Regards,

Balaji

Labels (1)
Labels
355 Views
0 Likes
1 Reply
Albert_Candelario
Support
Support
‎2022-07-10 10:24 AM

Hello @balajim1 ,

Thanks for posting.

Have you seen any reference on Qlik products to Spring Data MongoDB?

I cannot recall any of our products using such application and if you have a products that uses it you need to upgrade to:

  • Spring Data MongoDB
    • 3.4.1+
    • 3.3.5+

Reference:  CVE-2022-22980 | Security | VMware Tanzu

Cheers,

Albert

Please, remember to mark the thread as solved once getting the correct answer
293 Views
0 Likes