NCM 10.1.13 release contains a resolution to these vulnerabilities:
Component | Latest Version | Vulnerabilities Fixed |
---|---|---|
org.apache.felix.framework | 7.0.5 | BDSA-2018-1110 |
GSoap | 2.8.129 | CVE-2021-21783 CVE-2020-13576 |
Postgres | 15.3 | CVE-2023-2454 CVE-2023-2455 |
Snakeyaml | 2.0 | CVE-2022-1471 |
Spring Framework | 5.3.28 | CVE-2023-20863 |
Spring Security Config | 5.8.4 | CVE-2023-20863 CVE-2023-20862 |
Spring Security Crypto | 5.8.4 | CVE-2023-20862 |
Spring Security Core | 5.8.6 | CVE-2023-20862 CVE-2023-34034 |
Spring Security Web | 5.8.6 | CVE-2023-20862 CVE-2023-34034 |
OpenJDK-11 | 11.0.21 | JDK-8275233 JDK-8298887 JDK-8306881 |
OpenJDK-8 | 1.8.0_392 | JDK-8303384 JDK-8242330 JDK-8314960 |
Tomcat | 9.0.80 | CVE-2023-24998 CVE-2023-28708 CVE-2023-28709 CVE-2023-34981 CVE-2023-41080 |
APR | 1.7.4 | CVE-2022-34169 CVE-2014-0107 |
Jasperreports | 6.20.6 | CVE-2018-18815 |