Himanshu Maurya created RANGER-4038: ---------------------------------------
Summary: Upgrade springframework.version (spring-core) from 5.3.23 to 6.0.0 Key: RANGER-4038 URL: https://issues.apache.org/jira/browse/RANGER-4038 Project: Ranger Issue Type: Bug Components: Ranger Reporter: Himanshu Maurya Pivotal Spring Framework through 5.3.16 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authentication may be required. NOTE: the vendor's position is that untrusted data is not an intended use case. The product's behavior will not be changed because some users rely on deserialization of trusted data. -- This message was sent by Atlassian Jira (v8.20.10#820010)