Hey Everyone,
we are using Camunda platform version 7.18 and spring-boot version 2.7.2. With this combination our security scan automation is reporting below mentioned issue:
https://nvd.nist.gov/vuln/detail/CVE-2016-1000027
As a suggested solutions, we are supposed to upgrade the spring-boot version but according to below, 7.18.x version doesn’t support spring-boot version 2.7.* plus versions. If we upgrade camunda and spring-boot both then we are ending up in many other issues. So, can someone please suggest/help/guide us out of this issue?
Would surely like to know if camunda 7.18 version is ever going to support higher spring-boot versions (say 3.0) which doesn’t have this security vulnerability.