Select Your Region

Visit the Cary, NC, US corporate headquarters site

Americas

Europe

Middle East & Africa

Asia Pacific

View our worldwide contacts list for help finding your region

Americas

Europe

Middle East & Africa

Asia Pacific

Sign In

Get access to My SAS, trials, communities and more.

Sign Out

Get access to My SAS, trials, communities and more.

SAS Sites

sas.com
Support
Blogs
Communities
Developer
Curiosity
Videos

Documentation

Learn
Brand
PartnerNet
Merchandise
  1. Security Bulletins
  2. Spring Projects Vulnerabilities

SAS Statement Regarding Spring Projects Vulnerabilities

Reference Name: Spring Projects Vulnerabilities
Severity: Informational
Status: No action by customers is required.

History

Updates and status

  • 2-10-2021 Assessment completed

Impact

SAS® software is not impacted by the Spring Projects vulnerabilities described by the following:

Description

The version of Spring Projects that is included in some SAS products is known to be affected by the vulnerabilities described in the above CVE records. Refer to the CVE links for details. 

Solution

In some cases, SAS software does not use the affected library; in cases where the library is used, the vulnerable functionality within the library is not used.

Security Bulletins

View other security bulletins, published as part of our formal PSIRT process.

Technical Support

Get world-class technical support via our support track system.

Samples & SAS Notes

Search our extensive Knowledge Base for code samples and SAS Notes.