cancel
Showing results for 
Search instead for 
Did you mean: 

Vulnerabilities in SOAP UI Docker Image(version 5.4.0)

New Contributor

Vulnerabilities in SOAP UI Docker Image(version 5.4.0)

Hi,

 

I successfully created a docker image for open source soap ui(version 5.4.0). While running a security scan on this image with the help of twistlock, I encountered some vulnerabilities. Following are its details for reference:-

 

1) com.fasterxml.jackson.core_jackson-databind version 2.3.0 has 13 vulnerabilities

2) com.fasterxml.jackson.core_jackson-core version 2.3.0 has 2 vulnerabilities

3) xerces_xercesImpl version 2.9.1 has 1 vulnerability

 

Can you please enlighten on the part as to why these vulnerabilites are occuring and what exactly are they?

What are the posibilities of it getting fixed in the next version of soap ui?

 

Thanks in advance!

 

Regards

 

3 REPLIES 3
Community Hero

Re: Vulnerabilities in SOAP UI Docker Image(version 5.4.0)

I believe, all those mentioned libraries are of third party, not soapUI.


Regards,
Rao.
Community Hero

Re: Vulnerabilities in SOAP UI Docker Image(version 5.4.0)

Have you run similar one on standalone installation of SoapUI?


Regards,
Rao.
Highlighted
New Contributor

Re: Vulnerabilities in SOAP UI Docker Image(version 5.4.0)

thanks for responding nmrao!

 

I have been pulling the soap ui installable directly from the s3 website link mentioned on the soap ui download page which is as follows:-

https://s3.amazonaws.com/downloads.eviware/soapuios/5.5.0/SoapUI-x64-5.5.0.sh

New Here?
Join us and watch the welcome video: