Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


NOTE: This page is copy of /wiki/spaces/SV/pages/16093480 report created by SECCOM (excluded CVE info); any update should be done on parent page.

...

Status

Priority

Component name and version

Threat level

Recommended version

Project’s assessment (Target for J)

Status
titleOPEN

2

io.springfox : springfox-swagger2 : 3.0.0

5

???

Already on latest; no non-vulnerable version available

Status
titleOPEN

2

undertow-core : 2.2.7.Final

5

5

2.2.14

2.2.14.Final

dcaegen2-collectors-datafile

Status

Priority

Component name and version

Threat level

Recommended version

Project’s assessment (Target for J)

Status
titleOPEN

1

spring-web : 5.3.6

9

7

4

5.3.135.3.13 or 5.3.14

Status
titleOPEN

2

io.springfox : springfox-swagger2 : 3.0.0

5???Already on latest; no non-vulnerable version available

...

Status

Priority

Component name and version

Threat level

Recommended version

Project’s assessment (Target for J)

Status
titleOPEN

1

ch.qos.logback : logback-core : 1.3.0-alpha0

81.2.101.2.10

Status
titleOPEN

1

com.google.code.gson : gson : 2.8.5

72.8.92.8.9

Status
titleOPEN

2

io.springfox : springfox-swagger2 : 3.0.0

5???Already on latest; no non-vulnerable version available


1

com.fasterxml.jackson.core : jackson-databind : 2.11.0

102.12.62.12.6

dcaegen2-collectors-hv-ves

Status

Priority

Component name and version

Threat level

Recommended version

Project’s assessment (Target for J)

Status
titleOPEN

1

com.google.code.gson : gson : 2.8.6

72.8.92.8.9

dcaegen2-collectors-ves

Status

Priority

Component name and version

Threat level

Recommended version

Project’s assessment (Target for J)

Status
titleOPEN

1

com.google.code.gson : gson : 2.8.6

72.8.92.8.9

Status
titleOPEN

2io.netty : netty-codec-http : 4.1.59.Final54.1.70.Final4.1.73.Final

Status
titleOPEN

2

io.springfox : springfox-swagger2 : 3.0.0

5???Already on latest; no non-vulnerable version available


org.apache.logging.log4j: log4j-core:2.16.0

2.17.1

dcaegen2-platform-mod-genprocessor

Status

Priority

Component name and version

Threat level

Recommended version

Project’s assessment (Target for J)


1

com.fasterxml.jackson.core : jackson-databind : 2.11.0

102.12.62.12.6

Status
titleOPEN

2

nifi-utils : 1.9.2

51.15.0
1.15.2retain current version due to dependency with upstream nifi version on designer module

dcaegen2-platform-mod2-auth

Status

Priority

Component name and version

Threat level

Recommended version

Project’s assessment  (Target for J)

Status
titleOPEN

1

com.google.code.gson : gson : 2.8.6

72.8.9POC components; not part of ONAP deployment

Status
titleOPEN

1com.squareup.okhttp3 : okhttp : 4.0.174.9.3POC components; not part of ONAP deployment

...

Status

Priority

Component name and version

Threat level

Recommended version

Project’s assessment  (Target for J)

Status
titleOPEN

1

com.google.code.gson : gson : 2.8.6

72.8.9POC components; not part of ONAP deployment

Status
titleOPEN

1com.squareup.okhttp3 : okhttp : 4.0.174.9.3

POC components; not part of ONAP deployment

Status
titleOPEN

1

io.springfox : springfox-swagger-ui : 2.9.2

9

6

6

3.0.0POC components; not part of ONAP deployment

Status
titleOPEN

2io.springfox : springfox-swagger2 : 2.9.253.0.0POC components; not part of ONAP deployment

...

Status

Priority

Component name and version

Threat level

Recommended version

Project’s assessment  (Target for J)

Status
titleOPEN

1

ch.qos.logback : logback-core : 1.3.0-alpha0

81.2.101.2.10

Status
titleOPEN

1org.springframework : spring-web : 5.3.7

9

4

5.3.135.3.14


1

com.fasterxml.jackson.core : jackson-databind : 2.11.0

102.12.62.12.6

Status
titleOPEN

2io.undertow : undertow-core : 2.2.8.Final

5

5

2.2.14.Final2.2.14.Final


org.springframework : spring-webmvc : 5.3.76
5.3.14

dcaegen2-services-bbs-event-processor

...

Status

Priority

Component name and version

Threat level

Recommended version

Project’s assessment (Target for J)


1

com.fasterxml.jackson.core : jackson-databind : 2.11.2

102.12.62.12.6


org.apache.logging.log4j: log4j-core:2.16.0

2.17.1

Status
titleOPEN

1

com.google.code.gson : gson : 2.8.5

72.8.92.8.9

Status
titleOPEN

1xstream : 1.4.16

8

1.4.181.4.18

Status
titleOPEN

2

 xercesImpl : 2.12.15???Already on latest; no non-vulnerable version available

...

Status

Priority

Component name and version

Threat level

Recommended version

Project’s assessment (Target for J)

Status
titleOPEN

1

com.google.code.gson : gson : 2.8.5

72.8.92.8.9

Status
titleOPEN

2

undertow-core : 2.2.9.Final

5

4

4

2.2.14.Final

2.2.14.Final

2.2.16.Final

dcaegen2-services-prh

Status

Priority

Component name and version

Threat level

Recommended version

Project’s assessment (Target for J)

Status
titleOPEN

1

org.apache.tomcat.embed : tomcat-embed-websocket : 9.0.48

7

10.1.0M7

Either 10.1.0-M8 or  9.0.56 

Status
titleOPEN

1

org.springframework : spring-web : 5.3.8

9

4

5.3.13 RELEASE

5.3.14

dcaegen2-services-sdk

Status

Priority

Component name and version

Threat level

Recommended version

Project’s assessment

Status
titleOPEN

1

ch.qos.logback : logback-core : 1.3.0-alpha0

81.2.101.2.10

Status
titleOPEN

1

com.google.code.gson : gson : 2.8.5

72.8.92.8.9


org.springframework : spring-webflux : 5.3.16
5.3.14

dcaegen2-services-son-handler

Status

Priority

Component name and version

Threat level

Recommended version

Project’s assessment


1

com.fasterxml.jackson.core : jackson-databind : 2.11.0

102.12.62.12.6

Status
titleOPEN

1

ch.qos.logback : logback-core : 1.3.0-alpha0

81.2.101.2.10

Status
titleOPEN

1

org.springframework : spring-web : 5.3.7.RELEASE

9

4

5.3.13 RELEASE

5.3.14


org.springframework : spring-webmvc : 5.3.76
5.3.14

Status
titleOPEN

1

org.apache.tomcat.embed : tomcat-embed-core : 9.0.46

6

10.1.0-M7

9.0.50 or 10.1.0-M8

...

Status

Priority

Component name and version

Threat level

Recommended version

Project’s assessment


1

com.fasterxml.jackson.core : jackson-databind : 2.11.0

102.12.62.12.6

Status
titleOPEN

1

ch.qos.logback : logback-core : 1.3.0-alpha0

81.2.101.2.10

Status
titleOPEN

1

org.springframework : spring-web : 5.3.7.RELEASE

9

4

5.3.13 RELEASE

5.3.14


org.springframework : spring-webmvc : 5.3.76
5.3.14

Status
titleOPEN

2

org.apache.tomcat.embed : tomcat-embed-core : 9.0.46

6

10.1.0-M7

9.0.50 or 10.1.0-M8

...

dcaegen2-platform-mod2-helmgenerator

Status

Priority

Component name and version

Threat level

Recommended version

Project’s assessment (Target for J)



com.fasterxml.jackson.core : jackson-databind : 2.10.3

10
2.12.6



com.squareup.okhttp3 : okhttp : 4.0.1

5
4.9.3


commons-io : commons-io : 2.4

2.11.0


dcaegen2-platform-ves-openapi-manager

Status

Priority

Component name and version

Threat level

Recommended version

Project’s assessment (Target for J)



com.fasterxml.jackson.core : jackson-databind : 2.9.4

10
2.12.6