Question1Replies86Views cmurocks Member since 2016 1 post FTB Posted: August 29, 2018Last activity: September 10, 2018 Closed pega.pegarules vulnerable OSS JAR dependencieswhat version of PEGA CM addresses/fixes these vulnerabilities?CVE-2018-10237 Guava is vulnerable to Denial of Service (DoS).CVE-2016-1000031 Apache Commons FileUpload library Apache Commons FileUpload before 1.3.3 is vulnerable to an arbitrary file relocation and file copy which can potentially lead to Remote Code Execution (RCE). Data Integration Java and Activities Case Management Security ×Close popoverFacebookTwitterLinkedinEmail Copy Link Copied! Moderation Team has archived post This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question. Posted: 2 years agoBr@dTainter_GCS PEGA replied to cmurocksHi CMURocks, Please open up an SR to have these issues evaluated. Once you open the SR, please reply back here with the SR#. Thanks!