CVEs Not Impacting Mission Control

JFrog Release Information

Content Type
Release Notes
ft:sourceType
Paligo

CVE

Severity

Mission Control Fix Version

Reason

CVE-2021-37136

High

4.7.15

Upgraded netty-codec to 4.1.68.Final.

CVE-2021-22149

High

4.7.14

Upgraded Elasticsearch to 7.14.0.

CVE-2021-22148

High

4.7.14

Upgraded Elasticsearch to 7.14.0.

CVE-2021-22147

Medium

4.7.14

Upgraded Elasticsearch to 7.14.0.

CVE-2021-31684

High

4.7.13

Upgraded Apache HttpClient to version 4.5.13.

CVE-2021-22112

High

4.7.13

Upgraded spring-security-web to version 5.4.4.

CVE-2020-13956

Medium

4.7.13

Upgraded json-smart to version 2.4.7.

CVE-2021-35517

High

4.7.11

Upgraded common-compress to version 1.2.1.

CVE-2021-27568

Critical

4.7.11

Upgraded json-smart to version 2.4.7.

CVE-2020-28052

High

4.7.11

Upgraded bc-java to version 1.6.7.

CVE-2020-8908

Low

N/A

Does not affect Mission Control, since JFrog does not use the com.google.common.io .Files.createTempDir()function.