search

ulisesbocchio / jasypt-spring-boot

Jasypt integration for Spring boot
MIT License
2.91k stars 521 forks source link

Is the jasypt-spring-boot affected by Spring4Shell exploit ? #318

Closed Tysnad closed 1 year ago

Tysnad commented 2 years ago

jasypt-spring-boot currently uses spring-beans 5.3.9

Spring4Shell exploit POC link:https://github.com/BobTheShoplifter/Spring4Shell-POC

ulisesbocchio commented 1 year ago

new version 3.0.5, reopen if still an issue