Question

Does Mendix make use of the Spring Core Framework?

2

Hi all, Since there was a vulnerability detected in one of the Java libraries, I'm wondering if Mendix uses the Spring Core Framework. https://www.ncsc.nl/actueel/nieuws/2022/maart/31/ernstige-kwetsbaarheid-ontdekt-in-spring-core-framework

asked 2022-04-01

Yordee van Eijk

1 answers

Ronald Catersels · Accepted Answer · 2022-04-01

Mendix will probably also react here but the response from slack from the CISO:
Mendix Runtime doesn't use Spring, Marketplace components might use them, however 'The specific exploit requires the application to run on Tomcat as a WAR deployment.' which isn't used in Mendix Cloud

Regards,

Ronald