| Tip |
|---|
Did you know you can subscribe to updates to security issues and release notes? Right click and copy this link and paste it into Outlook RSS Feeds or your feed reader of choice. |
September 17, 2024
FLEXDEPLOY-12828 -Internal testing found that XXE injection was possible in the FlexDeploy application as well as the HPTest, Junit, Oats, ApexSec, ODB, Soapui, and TestNG plugins. The FlexDeploy application was patched in versions 6.5.0.20, 7.0.0.11, and 8.0.0.6. The plugins were patched in version 8.0.0.6.
August 23, 2024
FLEXDEPLOY-12739 - The version of Jackson Databind in the Automation Anywhere, JUnit, Oracle Apex Sec, and Tricentis Tosca plugins is vulnerable to CVE-2022-42004 and
CVE-2022-42003. Version 8.0.0.5 updates this version resolving these vulnerabilities.
...