NCM 10.1.13 release contains a resolution to these vulnerabilities:
| Component | Latest Version | Vulnerabilities Fixed |
|---|---|---|
| org.apache.felix.framework | 7.0.5 | BDSA-2018-1110 |
| GSoap | 2.8.129 | CVE-2021-21783 CVE-2020-13576 |
| Postgres | 15.3 | CVE-2023-2454 CVE-2023-2455 |
| Snakeyaml | 2.0 | CVE-2022-1471 |
| Spring Framework | 5.3.28 | CVE-2023-20863 |
| Spring Security Config | 5.8.4 | CVE-2023-20863 CVE-2023-20862 |
| Spring Security Crypto | 5.8.4 | CVE-2023-20862 |
| Spring Security Core | 5.8.6 | CVE-2023-20862 CVE-2023-34034 |
| Spring Security Web | 5.8.6 | CVE-2023-20862 CVE-2023-34034 |
| OpenJDK-11 | 11.0.21 | JDK-8275233 JDK-8298887 JDK-8306881 |
| OpenJDK-8 | 1.8.0_392 | JDK-8303384 JDK-8242330 JDK-8314960 |
| Tomcat | 9.0.80 | CVE-2023-24998 CVE-2023-28708 CVE-2023-28709 CVE-2023-34981 CVE-2023-41080 |
| APR | 1.7.4 | CVE-2022-34169 CVE-2014-0107 |
| Jasperreports | 6.20.6 | CVE-2018-18815 |
