Question

1
Replies
86
Views
cmurocks Member since 2016 1 post
FTB
Posted: August 29, 2018
Last activity: September 10, 2018
Closed

pega.pegarules vulnerable OSS JAR dependencies

what version of PEGA CM addresses/fixes these vulnerabilities?

CVE-2018-10237 Guava is vulnerable to Denial of Service (DoS).

CVE-2016-1000031 Apache Commons FileUpload library Apache Commons FileUpload before 1.3.3 is vulnerable to an arbitrary file relocation and file copy which can potentially lead to Remote Code Execution (RCE).

Data Integration Java and Activities Case Management Security
Moderation Team has archived post
Share this page LinkedIn