Vulnerabilities CVE-2022-22965 and CVE-2022-22963

apigee / apigee-devportal-kickstart-drupal

A fast demo and starting point for Apigee Developer Portals for Drupal

https://www.drupal.org/project/apigee_devportal_kickstart

GNU General Public License v2.0

26 stars 34 forks source link

Vulnerabilities CVE-2022-22965 and CVE-2022-22963 #558

Closed pradeepgorle13 closed 2 years ago

pradeepgorle13 commented 2 years ago

Hi Team,

We have a discussion in our organization about the Vulnerabilities CVE-2022-22965 and CVE-2022-22963. Does apigee Kickstarter have this vulnerability and what are the mitigation options if present.

Thanks., Pradeep

phdhiren commented 2 years ago

@pradeepgorle13

Seems both of this CVE related to Java. Drupal Devportal uses PHP as the base language and does not have an impact on this. However, for the base Apigee product you can get in touch with the support team.

pradeepgorle13 commented 2 years ago

thanks @phdhiren Perfect this really helps.. Thanks a lot for quick response.