Information: CVE-2022-22965 Spring Framework RCE Investigation
CVE Notice from Atlassian
Information about Mirrorlake Apps
Mirrorlake Apps are not affected by CVE-2022-22956 as apps are bundled in .jar packages, not in .war packages. See also the section “Am I Impacted” here: Spring Framework RCE, Early Announcement