The Puppet Security Team has examined Puppet Enterprise, the puppetlabs-puppet_agent module, Puppet Comply, Puppet Bolt, and Continuous Delivery for Puppet Enterprise for usage of the Spring Framework or Spring Cloud Function library to ensure we are not vulnerable to CVE-2022-22965 (Spring4Shell) or CVE-2022-22963 (Spring Cloud Function). Puppet Enterprise, the puppetlabs-puppet_agent module, Puppet Comply, Puppet Bolt, and Continuous Delivery for Puppet Enterprise do not contain the Spring Framework or Spring Cloud Function libraries and are not vulnerable to either of these issues.
Spring4Shell statement
Did this solve your problem?
0 out of 0 found this helpful
How can we improve this article?
0 comments
Please sign in to leave a comment.
Related articles