Closed Anuj07Mehta closed 2 years ago
Hi,
We are form SAP Discovery Center Team and our landscape is running on SAP BTP NEO. For Audit logging , we are using the following dependency:
com.sap.cloud.s4hana.cloudplatform : auditlog-scp-neo of version 1.11.1
But If we see in the maven repository It shows the following Vulnerabilities from this dependency:
CVE-2020-8908 CVE-2020-15250 CVE-2018-10237
here is the link to know more about these Vulnerabilities. https://mvnrepository.com/artifact/com.sap.cloud.s4hana.cloudplatform/auditlog-scp-neo/1.11.1
So could you please fix these vulnerabilities in this version or suggest what should we do to avoid these Vulnerabilities.
Thanks a lot !
Best Regards,
Anuj
Hi Anuj, not sure if you discovered this by yourself in the mean time, but you are using a very outdated version of that library. The most recent one can be found here and is currently 3.71.0.
3.71.0
Hi,
We are form SAP Discovery Center Team and our landscape is running on SAP BTP NEO. For Audit logging , we are using the following dependency:
com.sap.cloud.s4hana.cloudplatform : auditlog-scp-neo of version 1.11.1
But If we see in the maven repository It shows the following Vulnerabilities from this dependency:
CVE-2020-8908 CVE-2020-15250 CVE-2018-10237
here is the link to know more about these Vulnerabilities. https://mvnrepository.com/artifact/com.sap.cloud.s4hana.cloudplatform/auditlog-scp-neo/1.11.1
So could you please fix these vulnerabilities in this version or suggest what should we do to avoid these Vulnerabilities.
Thanks a lot !
Best Regards,
Anuj