Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-16877

2 critical and 5 High in the component "WildFly 27 Alpha4"

    XMLWordPrintable

Details

    • Task
    • Resolution: Obsolete
    • Major
    • 27.0.0.Beta1, 27.0.0.Final
    • 27.0.0.Alpha4
    • None
    • None
    • ---
    • ---

    Description

      We ran the blackduck scan for "WildFly 27 Alpha4", observed 2 critical and 5 High in the component "WildFly 27 Alpha4". For now we are focusing on critical and high severity issues.

      Critical:- 2

      1.Apache Mavenmaven-3.6.1 - W
      CVE-2021-26291 - (BDSA-2021-1142)

      2.Apache Xalan (Java)2.7.1

      CVE-2022-34169 - (BDSA-2022-1993)
      CVE-2014-0107 - (BDSA-2014-0122)

      High:- 5

      1.ActiveMQ Artemis2.23.1
       CVE-2022-35278 - BDSA-2022-2310

      2.Apache Avro1.7.7
       CVE-2021-43045 - (BDSA-2022-0025)

      3.Apache WSS4J1.6.12
      CVE-2015-0226 - (BDSA-2015-0058)

      4.Hibernate ORM5.0.10
      CVE-2020-25638

      5.undertow2.3.0.Alpha1
      CVE-2022-2053 - (BDSA-2022-2085)

       

      Could you advise on how to fix these issues. 

      Attachments

        Activity

          People

            bstansbe@redhat.com Brian Stansberry
            anareddy1507 Ananda Reddy C
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: