Ask a Question

Vulnerabilities in SOAP UI Docker Image(version 5.4.0)

vgupta10
New Contributor

Vulnerabilities in SOAP UI Docker Image(version 5.4.0)

Hi,

 

I successfully created a docker image for open source soap ui(version 5.4.0). While running a security scan on this image with the help of twistlock, I encountered some vulnerabilities. Following are its details for reference:-

 

1) com.fasterxml.jackson.core_jackson-databind version 2.3.0 has 13 vulnerabilities

2) com.fasterxml.jackson.core_jackson-core version 2.3.0 has 2 vulnerabilities

3) xerces_xercesImpl version 2.9.1 has 1 vulnerability

 

Can you please enlighten on the part as to why these vulnerabilites are occuring and what exactly are they?

What are the posibilities of it getting fixed in the next version of soap ui?

 

Thanks in advance!

 

Regards

 

3 REPLIES 3
nmrao
Champion Level 3

I believe, all those mentioned libraries are of third party, not soapUI.


Regards,
Rao.
nmrao
Champion Level 3

Have you run similar one on standalone installation of SoapUI?


Regards,
Rao.
vgupta10
New Contributor

thanks for responding nmrao!

 

I have been pulling the soap ui installable directly from the s3 website link mentioned on the soap ui download page which is as follows:-

https://s3.amazonaws.com/downloads.eviware/soapuios/5.5.0/SoapUI-x64-5.5.0.sh

cancel
Showing results for 
Search instead for 
Did you mean: