Uploaded image for project: 'Data Collection, Analytics, and Events'
  1. Data Collection, Analytics, and Events
  2. DCAEGEN2-2768 SECCOM - DCAE Vulnerability updates for Istanbul
  3. DCAEGEN2-2811

Slice-Analysis MS security vulnerability updates

XMLWordPrintable

      Mentioned changes were done and been tested.

       

      KPI-MS version revision required as noted on last column 

       

      Status Priority Component name and version Threat level Recommended version Project’s assessment
      OPEN   org.apache.tomcat.embed : tomcat-embed-core : 9.0.36     No new non-vulnerable version available currently.
      9.x latest is 9.0.46 however 10.0.6 is most current/latest.
      Try upgrade to latest version (10.0.6) for Istanbul 
      06/28/21 - Recommendation to go with 9.0.46 for Istanbul
      OPEN   org.postgresql : postgresql : 42.2.5     Select 42.2.13: Next version with no policy violation
      OPEN   org.springframework : spring-web : 5.2.7.RELEASE      5.3.6 RELEASE or 5.3.7
      OPEN   org.apache.httpcomponents : httpclient : 4.5.7     Select 4.5.13: Next version with no policy violation
      OPEN   org.eclipse.jetty : jetty-server : 9.4.17.v20190418     9.4.41.v20210516

       

            shwetha_r shwetha_r
            vv770d vv770d
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved:

                Estimated:
                Original Estimate - 0 minutes
                0m
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 4 days
                4d