In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, 2.6.0 - 2.6.14, 2.5.0 - 2.5.14 and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. References: https://spring.io/security/cve-2023-20873 https://github.com/spring-projects/spring-boot/commit/307f3c339912466e78fcdac648fff95a4edea573 https://github.com/spring-projects/spring-boot/commit/3522714c13b47af03bf42e7f2d5994af568cb1a7 https://github.com/spring-projects/spring-boot/issues/35085 https://github.com/spring-projects/spring-boot/releases/tag/v2.7.11
Created log4j tracking bugs for this issue: Affects: fedora-all [bug 2231492]
This issue has been addressed in the following products: RHINT Camel-Springboot 3.18.3.2 Via RHSA-2023:5147 https://access.redhat.com/errata/RHSA-2023:5147
This issue has been addressed in the following products: RHINT Camel-Springboot 3.20.2 Via RHSA-2023:5148 https://access.redhat.com/errata/RHSA-2023:5148
This issue has been addressed in the following products: Red Hat AMQ Streams 2.6.0 Via RHSA-2023:7678 https://access.redhat.com/errata/RHSA-2023:7678