A vulnerability on the Spring Framework RCE, CVE 2022 22965, was disclosed on 31 Mar 2022. 

The Spring Framework exploit allows a Spring MVC or WebFlux running on JDK 9+ to be vulnerable to remote code execution (RCE) via data binding.

Planisware has not to date noted any impact to the security of our cloud services and product.

More information on the vulnerability:

Products

Planisware Orchestra

Adaptive Project Management at its best
Portfolio management to project execution
A turnkey cloud solution to quickly streamline your project decision-making, foster collaboration and ensure best practice across your whole organization.
Learn more Request a demo

Planisware Enterprise

Strategic Portfolio Management at scale
Advanced portfolio and project delivery
Built to capture your strategy, align your portfolio, execute your projects, accelerate your products to market, and co-ordinate your teams efficiently.
Learn more Request a demo