A vulnerability on the Spring Framework RCE, CVE 2022 22965, was disclosed on 31 Mar 2022. 

The Spring Framework exploit allows a Spring MVC or WebFlux running on JDK 9+ to be vulnerable to remote code execution (RCE) via data binding.

Planisware has not to date noted any impact to the security of our cloud services and product.

More information on the vulnerability:

Every type of project. One platform.

Powered by AI.
Leverage experience,
Accelerate adoption.
Make an impact.

Planisware Orchestra
Turnkey PPM Solution for PMOs

Quickly streamline your project decision-making, foster collaboration and ensure best practice across your organization.

Learn more
Planisware Horizon
IT Strategic Portfolio Management

Integrate projects and IT information to shape & align investments, reduce technical debt and accelerate transformation.

Learn more
Planisware Nova
SPM for Product Development

Unify products, programs, and resources to prioritize the right innovation bets, eliminate portfolio blind spots, and accelerate time to market.

Learn more
Planisware Enterprise
Business Transformation at Scale

The integrated solution that brings together budgets, forecasts, schedules, resources, and actuals at the enterprise level.

Learn more