Hyland is aware of the Spring Framework Remote Code Execution (RCE) vulnerability related to CVE-2022-22950, CVE-2022-22963 and CVE-2022-22965, and we are actively investigating whether any of Hyland's products or internal systems may be impacted. For up-to-date information on which products and systems are impacted, not impacted or under review, as well as mitigation information, please reference the Spring Framework RCE wiki page.
Please continue to monitor the wiki pages as we will communicate updates and mitigations as more information becomes available. We will also update this blog post to notify you when new information is shared on the wiki pages. If you’d like to receive notifications when updates are posted, click the follow button at the bottom of this post.
The security of our products and systems is a top priority. We appreciate your patience as we continue to work to determine the extent to which Hyland or its products and systems are possibly impacted.
