CVE-2022-22965 "Spring4Shell" Response
Incident Report for Aptible
This incident has been resolved.
Posted Apr 01, 2022 - 14:21 EDT
Recently a series of vulnerabilities in the popular Java framework Spring were found, notably CVE-2022-22965 [0] (dubbed "Spring4Shell") and CVE-2022-22963 [1]. Aptible does not use the Spring framework in any of our internal applications, and has verified that none of our offered services that use Java are vulnerable either. We will continue monitoring the situation.

Posted Mar 31, 2022 - 16:57 EDT
This incident affected: Aptible Deploy.