x

Is Square affected by the "Spring4Shell" (cve-2022-22965) Vulnerability?

Can someone from Square please let me know if the vulnerability labeled "Spring4Shell" identified late last week affects the Square platform?

 

See https://tanzu.vmware.com/security/cve-2022-22965 for more information about the vulnerability.

 

Thanks

440 Views
Message 1 of 3
Report
2 REPLIES 2
Square Champion

@jeffb213 I don't think so.  From what I read about this vulnerability it only affects certain versions of Java and Tomcat applications and is not like the log4shell vulnerability.  That being said, I haven't heard anything about this with square.  

 

As an extra bit of information, square is a huge company and takes security very very very seriously.  Here is more info:

 

https://squareup.com/us/en/security 

 

It is interesting to read especially about their organizational security.

Donnie
Multi-Unit Manager
Order Up Cafe/Tombras Cafe/Riverview Cafe/City County Cafe
Roddy Vending Company, Inc.
www.OrderUpCafe.com

Using Square since July, 2017
Square Champion
Breaker of Things

"Good judgment comes from experience, and experience comes from bad judgment."

"You can have everything in life you want, if you will just help other people get what they want." Z.Z.
Do you want to have great restaurant menus that are easy to edit and don't cost a fortune? I use MustHaveMenus and you can too!
MustHaveMenus
398 Views
Message 2 of 3
Report

Thanks @Donnie-M 

357 Views
Message 3 of 3
Report