-
Task
-
Resolution: Done
-
Medium
-
None
-
None
-
DCAE R4 Sprint 4, DCAE R4 Sprint 5, DCAE R4 Sprint 6
Following vulnerabilities identified under CLM scan; upgrade to specified version (last column)
dcaegen2-analytics-tca | commons-codec : commons-codec : 1.6 | Apache Commons Codec - Base32 would decode some invalid Base32 encoded string into arbitrary value | Upgrade to 1.10 | ||
dcaegen2-analytics-tca | com.google.guava : guava : 13.0.1 | The application is vulnerable by using this component if it uses Java deserialization or GWT-RPC to deserialize untrusted data. | Upgrade to 23.6.1-jre if impacted |