Hello guys,
In my company we are using Spring and Spring Boot with Java 11, and for now we do not have an option to update to Java 17 for external reasons.
Lately a CRITICAL vulnerability with all the versions under Spring-Web:6.0.0 appeared. We wanted to update to the 6.0.0 version but it is only compatible with Java 17, something that as I already said, for now we cannot do.
I would like to know if there is anything that we can do to avoid that vulnerability. I thought that maybe the Spring team will decide to release a version 5.x.x (that is compatible with Java 11) with that vulnerability fixed or maybe I can change some internal stuff of the Spring library and maybe I could solve the problem for now.
Do you guys have any idea of how can we solve this issue? I really appreciate any help.
Top comments (0)