...
FLEXDEPLOY-13642 - The PowerBI plugin ships with a version of Bouncy Castle that is vulnerable to CVE-2024-29857 and CVE-2024-34447. This will be addressed in a FlexDeploy 9.0.0.1.
FLEXDEPLOY-13643 - The version of Spring-Core that ships with FlexDeploy is vulnerable to CVE-2024-38820. This vulnerability is likely not relevant to FlexDeploy in operation, but it will be address in a future FlexDeploy version.
November 14, 2024
FLEXDEPLOY-13546 - FlexDeploy ships with a version of nimbus-jose-jwt that is vulnerable to CVE-2023-52428. This will be addressed in a future FlexDeploy version.
...