Uploaded image for project: 'Data Movement as a Platform'
  1. Data Movement as a Platform
  2. DMAAP-1051

[MR] Investigate Critical DMaaP Vulnerabilities (Casablanca Maintenance Release)

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Done
    • Icon: High High
    • Dublin Release
    • None
    • None

      Critical vulnerabilities:

      • jackson-databind : 2.8.11.1 -  in Casablanca it was marked as false positive
      • spring-web : 5.0.9.RELEASE (we had exchanges on it in Casablanca – it was marked as false positive)
      • spring-security-oauth2 : 1.0.0.M6b (we had exchanges on it in Casablanca – it was marked as false positive)
      • jar-with-dependencies : 0.2.12
      • ajsc-runner : 3.0.10-oss (we had exchanges on it in Casablanca – it was marked as false positive)
      • ajsc-war : war : 3.0.10-oss (we had exchanges on it in Casablanca – it was marked as false positive)

      Severe vulnerabilities:

      • zookeeper : 3.4.10
      • commons-fileupload : 1.3.3 (we had exchanges on it in Casablanca – it was marked as false positive)
      • mail : 1.4.4 – in Casablanca it was marked as false positive
      • camel-mail : 2.21.1 (we had exchanges on it in Casablanca – it was marked as false positive)

            sawantmandar sawantmandar
            cm6826 cm6826
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: