Spring4Shell Overview

CData is aware of the recently disclosed CVE-2022-22963, a remote code execution in Spring Cloud Function by malicious Spring Expression Spring4Shell (CVE-2022-22965).

Date Entered: 04/06/2022 Last Updated: 04/06/2022

Spring4Shell Notice

CData understands the importance of security and is committed to managing its products and services with the most advanced security technologies possible for customers around the world.

CData is aware of these vulnerabilities disclosed by VMware.

CVE-2022-22963, a remote code execution in Spring Cloud Function by malicious Spring Expression
Spring4Shell (CVE-2022-22965), a remote code execution in Spring Framework via Data Binding on Java Development Kit (JDK) version 9 or later

The CData Security Team have investigated this as a high-priority issue and have confirmed as of April 6th 2022 that these vulnerabilities do not affect any of the CData products or services.

We appreciate your feedback. If you have any questions, comments, or suggestions about this entry, please contact our support team at [email protected].

CData Software is a leading provider of data access and connectivity solutions. Our standards-based connectors streamline data access and insulate customers from the complexities of integrating with on-premise or cloud databases, SaaS, APIs, NoSQL, and Big Data.

Connect With Us

Get Started

Data Connectors

ETL/ ELT Solutions

Cloud & API Connectivity

OEM & Custom Drivers

Connect With Us

Get Started

Data Visualization

Company

Resources