https://community.qlik.com/t5/Management-Governance/CVE-2022-22980-Spring-Data-MongoDB-SpEL-Expression-injection/m-p/1951695#M30483 <P>Hi,&nbsp;</P> <P>Is any of Qliks products affected by the security issue called Spring Data MongoDB SpEL Expression injection vulnerability(CVE-2022-22980)?&nbsp;</P> <P>If so, what products and how to mitigate?&nbsp;</P> <P>Regards,</P> <P>Balaji</P> Wed, 29 Jan 2025 16:38:32 GMT balajim1 2025-01-29T16:38:32Z https://community.qlik.com/t5/Management-Governance/CVE-2022-22980-Spring-Data-MongoDB-SpEL-Expression-injection/m-p/1951695#M30483 <P>Hi,&nbsp;</P> <P>Is any of Qliks products affected by the security issue called Spring Data MongoDB SpEL Expression injection vulnerability(CVE-2022-22980)?&nbsp;</P> <P>If so, what products and how to mitigate?&nbsp;</P> <P>Regards,</P> <P>Balaji</P> Wed, 29 Jan 2025 16:38:32 GMT https://community.qlik.com/t5/Management-Governance/CVE-2022-22980-Spring-Data-MongoDB-SpEL-Expression-injection/m-p/1951695#M30483 balajim1 2025-01-29T16:38:32Z https://community.qlik.com/t5/Management-Governance/CVE-2022-22980-Spring-Data-MongoDB-SpEL-Expression-injection/m-p/1953711#M30484 <P>Hello&nbsp;<a href="https://community.qlik.com/t5/user/viewprofilepage/user-id/150928">@balajim1</a>&nbsp;,</P> <P>Thanks for posting.</P> <P>Have you seen any reference on Qlik products to Spring Data MongoDB?</P> <P>I cannot recall any of our products using such application and if you have a products that uses it you need to upgrade to:</P> <UL> <LI>Spring Data MongoDB <UL> <LI>3.4.1+</LI> <LI>3.3.5+</LI> </UL> </LI> </UL> <P>Reference:&nbsp;&nbsp;<A href="https://tanzu.vmware.com/security/cve-2022-22980" target="_blank">CVE-2022-22980 | Security | VMware Tanzu</A></P> <P>Cheers,</P> <P>Albert</P> Sun, 10 Jul 2022 14:24:49 GMT https://community.qlik.com/t5/Management-Governance/CVE-2022-22980-Spring-Data-MongoDB-SpEL-Expression-injection/m-p/1953711#M30484 Albert_Candelario 2022-07-10T14:24:49Z