Security Advisories & Cumulative Security Patch Releases

Documentation

• Security Advisories General Information

• BASE-1003: API Vulnerability Bug log4j -in pentaho third party library - Critical

• BASE-1045: Critical CVE-2016-3088 activemq-protobuf 1.1 - False Positive

• BASE-1340: Critical Vulnerability CVE-2016-1906 hazelcast-kubernetes - Critical - False Positive

• BASE-1388: Apache Log4j2 not protected against attacker controlled LDAP and other JNDI related endpoints

• CVE-2021-45105 - Multiple eptos Releases - Security Advisory - Apache Log4j2 <= 2.17 did not protect from uncontrolled recursion from self-referential lookups

• BASE-1501: Frontend Vulnerability Bug Bug CVE-2022-1586, CVE-2022-1587 - Critical

• BASE-1551: Pinpoint Agent 1.x Vulnerabilities

• BASE-1907: Cumulative Security Patch for eptos Release 6.1.x - 2023-11

• BASE-1910: Cumulative Security Patch for eptos Release 6.2.x - 2023-11

• BASE-1913: Cumulative Security Patch for eptos Release 6.3.x - 2023-11

• BASE-1911: Critical CVE-2023-46604 activemq-protobuf 1.1 - False Positive

• BASE-1957: Kubeconfig for accessing the kubernetes API’s is disabled as Default

• BASE-1984: Cumulative Security Patch for eptos Release 6.1.x - 2024-05

• BASE-1985: Cumulative Security Patch for eptos Release 6.2.x - 2024-05

• BASE-1986: Cumulative Security Patch for eptos Release 6.3.x - 2024-05

• BASE-2236: Node.JS and NPM (Node Package Manager) Vulnerability