CVE-2022-22965 is a remote code execution (RCE) vulnerability in the Spring Framework, a component that is not used by CodeSonar or CodeSentry. As called out Tomcat is a prerequisite needed and again is not used in CodeSecure products.
This vulnerability was found on March 29th 2022 as a previously zero-day vulnerability.