Security Vulnerabilities in version 5.7.0 / Windows

Question

Dear Community.&nbsp;The version 5.7.0 installed through the installer is currently reported as onboarding several High vulnerabilities, as you can see below:&nbsp;1) Java Version onboarded is not up to date and vulnerableSeverity: HighC:\File Program Files\SmartBear\SoapUI-5.7.0\jre\bin\javac.exe version 16.0.1 is vulnerable to CVE-2021-2388, which exists in versions = 16.0.1.&nbsp;2)&nbsp;&nbsp;ready-uxm-pluginThe library log4j:log4j version 1.2.16 was detected in Maven library manager located at C: /Users/&lt;username&gt;/.soapuios/plugins/ready-uxm-plugin-1.0.1-dist.jar and is vulnerable to CVE-2022-23307, which exists in versions &gt;=1.2.0, &lt; 2.0.0.Severity: High&nbsp;Can you please provide a version with less security exposure ?Thank you for the great product and support.&nbsp;KR

enriquerrs · Answer

Hi did you get response from this?&nbsp;1) Java Version onboarded is not up to date and vulnerableSeverity: HighC:\File Program Files\SmartBear\SoapUI-5.7.0\jre\bin\javac.exe version 16.0.1 is vulnerable to CVE-2021-2388, which exists in versions = 16.0.1.

selvas14 · Answer

Hi Smartbear team,&nbsp;Any update on the above vulnerabilites fixes?As this reporting is holding us to go further.Sen.

Forum Discussion

Security Vulnerabilities in version 5.7.0 / Windows

Related Content

log4j security vulnerability

Does SoapUI 5.6 version has log4j security Vulnerability issue?

ZAPI Version: 2.7.1.27107788 and Log4j Security Vulnerability

log4j vulnerability in older versions

Log4J vulnerability

Recent Discussions

How do I change password and Username on every call in a Test Case in SoapUI?

Content-Length calculation wrong when posting UTF-8 content

Error exception in phase 'semantic analysis' with java 21

Generate positive long integer?

How to test gi forms used in Intalio BPM process.