A software vulnerability regarding applications that use the Spring Framework for Java was published on 29. March 2022 by the cyberkendra security blog, and given CVE ID: CVE-2022-22965 on 31. March 2022.
Does Templafy use this utility? Does this vulnerability affect Templafy?
Templafy does not have any Java code, neither on our servers, nor deployed to clients.
Templafy’s security engineers have analyzed the vulnerability and verified that the vulnerability only occurs when this specific Java framework is used. Hence, it does not affect Templafy.
Furthermore, we’ve verified that neither our codebase, nor any libraries we have deployed to servers or clients, contains references to or are using the Spring framework in any way.