Security Vulnerabilities in version 5.7.0 / Windows

Question

Dear Community.&nbsp;The version 5.7.0 installed through the installer is currently reported as onboarding several High vulnerabilities, as you can see below:&nbsp;1) Java Version onboarded is not up to date and vulnerableSeverity: HighC:\File Program Files\SmartBear\SoapUI-5.7.0\jre\bin\javac.exe version 16.0.1 is vulnerable to CVE-2021-2388, which exists in versions = 16.0.1.&nbsp;2)&nbsp;&nbsp;ready-uxm-pluginThe library log4j:log4j version 1.2.16 was detected in Maven library manager located at C: /Users/&lt;username&gt;/.soapuios/plugins/ready-uxm-plugin-1.0.1-dist.jar and is vulnerable to CVE-2022-23307, which exists in versions &gt;=1.2.0, &lt; 2.0.0.Severity: High&nbsp;Can you please provide a version with less security exposure ?Thank you for the great product and support.&nbsp;KR

enriquerrs · Answer

Hi did you get response from this?&nbsp;1) Java Version onboarded is not up to date and vulnerableSeverity: HighC:\File Program Files\SmartBear\SoapUI-5.7.0\jre\bin\javac.exe version 16.0.1 is vulnerable to CVE-2021-2388, which exists in versions = 16.0.1.

selvas14 · Answer

Hi Smartbear team,&nbsp;Any update on the above vulnerabilites fixes?As this reporting is holding us to go further.Sen.

Forum Discussion

Security Vulnerabilities in version 5.7.0 / Windows

2 Replies

Related Content

log4j security vulnerability

ZAPI Version: 2.7.1.27107788 and Log4j Security Vulnerability

Does SoapUI 5.6 version has log4j security Vulnerability issue?

log4j vulnerability in older versions

Log4J vulnerability

Recent Discussions

SoapUI OSS apidocs are outdated in April 2024

log4j1.x vulnerability

How to upload a file via SOAP, as an attachment using python zeep

Soapui 5.7.1 dependency : thoughtworks:xstream:jar:1.4.20

How to configure Swagger in Paas to use it in Oracle APEX instance.