SoapUI 5.7.2 - Java (Maven) Vulnerabilities #833
Comments
|
you are welcome to fork the project and apply upgrades yourself back for possible inclusion in the main project. :) the latest release has just gone out 5.8.0 which has several updates so you may wish to run a new scan https://www.soapui.org/downloads/latest-release/release-notes/ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi Team- Good Day!!!
We are from Vulnerability Management team for our Project. More than 40 plus users are using SoapUI 5.7.2 in our organization.
When we performed vulnerability scans on our laptops using Qualys VMDR, we found out that the latest version of this application still has vulnerable library files within the package.
Now we really need your expertise to fix those vulnerabilities. Your quick response regarding this issue is very much appreciated.
Or if you could provide us with the procedure for creating a support ticket with your technical team, it would be really helpful for us to take this issue further.
Sample Vulnerable library files:
C:\Program_Files\SmartBear\SoapUI-5.7.2\lib\xmltooling-1.3.2-1.jar
C:\Program_Files\SmartBear\SoapUI-5.7.2\lib\xstream-1.4.13.jar
C:\Program_Files\SmartBear\SoapUI-5.7.2\lib\ezmorph-1.0.5.jar
C:\Program_Files\SmartBear\SoapUI-5.7.2\lib\commons-logging-1.1.1.jar
C:\Program_Files\SmartBear\SoapUI-5.7.2\lib\openws-1.4.2-1.jar
C:\Program_Files\SmartBear\SoapUI-5.7.2\lib\opensaml-2.5.1-1.jar
The text was updated successfully, but these errors were encountered: