1. Documentation
2. 2024.1 (Latest) 2024.0 10.3 10.2 10.1 10.0 9.10 9.9 9.8 9.7 9.6 9.5 9.4 9.3 9.2 9.1 9.0 8.2 8.1 8.0 7.6
3. Support
4. Security
5. Spring4Shell

Spring4Shell (CVE-2022-22965 - RCE vulnerability in Spring Framework)

April 2022

A critical vulnerability has been found in the Spring Framework and named CVE-2022-22965. The vulnerability impacts Spring MVC and Spring WebFlux applications running on JDK 9+. See

• the announcement and
• the full description.

Note that the RapidMiner platform is NOT affected by this vulnerability, even though RapidMiner AI Hub uses Spring as part of different components.

We keep a close watch on any vulnerability that appears in third-party software incorporated into the RapidMiner platform.