Page History
...
Library | Old version | New version | CVEs addressed |
Logback | 1.2.11 | 1.5.3 | CVE-2023-34478 CVE-2023-6378 |
Jackson | 2.14.12 | 2.17.0 | CVE-2023-35116 |
Guava | 31.1 | 33.2.1 | CVE-2023-2976 |
Graphite metrics | 4.2.7 | 4.2.25 | CVE-2023-46120 |
Zookeper | 3.6.3 | 3.9.2 | CVE-2023-44981 |
Shiro | 1.11.0 | 1.13.0 | CVE-2023-46749 |
JSON | 20230227 | 20240303 | CVE-2023-5072 |
SnakeYaml | 1.33 | 2.2 | CVE-2022-1471 |
Netty | 4.1.87.Final | 4.1.110.Final | CVE-2023-44487 |
Jetty | 9.4.48 | 9.4.54 | CVE-2023-36478 |
ElasticSearch | 7.17.1 | 7.17.21 | CVE-2023-46674 |
| Spring Web | 5.3.27 | 5.3.36 | CVE-2024-22262 CVE-2024-22259 CVE-2024-22243 |
| Nimbus JOSE+JWT | 9.31 | 9.40 | CVE-2023-52428 CVE-2024-30172 CVE-2024-30171 CVE-2024-29857 CVE-2023-51775 CVE-2023-33202 CVE-2023-33201 CVE-2023-31582 |
| Bouncy Castle Provider | 1.70 | 1.78.1 | CVE-2024-30172 CVE-2024-30171 CVE-2024-29857 CVE-2023-33202 CVE-2023-33201 |
Other Vulnerabilities
| Name | CVE addressed | Remediation |
|---|---|---|
| Teamwork Cloud / Magic Collaboration Studio | CVE-2023-3589 | To enable CSRF protection, you need to uncomment esi.dm.csrf.allowed-addresses property in the Teamwork Cloud application.conf file. esi.dm { # Enable to turn on CSRF protection. This will block all incoming REST API requests, except those, coming from specified # IP addresses. List of strings, allowed IP must begin with specified string. # csrf.allowed-addresses = ["127.0.0.1", "0.0.0"] } |
Cameo Simulation Toolkit / Magic Model Analyst
...