Linuxeden开源社区On behalf of the community, I am pleased to announce that Spring Cloud OpenFeign versions 2.2.10.RELEASE, 3.0.5 and 3.1.0-M4 have been released.
These are primarily security releases with fixes for the CVE-2021-22044.
Applications using type-level @RequestMappingannotations over Feign client interfaces, can be involuntarily exposing endpoints corresponding to @RequestMapping-annotated interface methods. Although a response is not returned for a request sent in this way, it does reach the corresponding server-side endpoint.
转自 https://spring.io/blog/category/releases