Uploaded image for project: 'Project Configurator - Development'
  1. Project Configurator - Development
  2. PCDEV-872

Some dependencies/libraries used by PC had security vulnerabilities

    XMLWordPrintableJSON

    Details

    • Type: Task
    • Status: Done
    • Priority: High
    • Resolution: Fixed
    • Affects Version/s: 2.4.1-J7
    • Fix Version/s: 2.4.2-J7
    • Labels:
    • Critical Points:
      0

      Description

      Preventive security analysis has revealed that two of the libraries used by Project Configurator contained vulnerabilities that could be exploited by an attacker. Even though the way in which those libraries were used in the plugin made a successful attack nearly impossible, both of them have been replaced or upgraded to remove those vulnerabilities.

      The security analysis has been integrated into the build process, so that now it is routinely performed for all versions of Project Configurator.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              jrojo Jose Rojo [X] (Inactive)
              Reporter:
              pmaranon Pepe Maranon Mora
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: