Hello, I would like to file a CVE fix request for Maxwell v1.41.0. Twistlock shows the following high severity CVEs.
CVE-2022-41881
CVE-2022-45688
CVE-2023-2976
CVE-2023-34455
CVE-2023-36478
CVE-2023-39410
CVE-2023-43642
CVE-2023-44487
CVE-2023-5072GHSA-xpw8-rcwv-8f8p(including more info as no CVE yet filed for this)PRISMA-2023-0067 (Severity: high | CVSS: 7.50 | Package: com.fasterxml.jackson.core_jackson-core | Version: 2.13.1 | Status: fixed in 2.15.0 com.fasterxml.jackson.core_jackson-core package > 9 months ago | Published: > 9 months | Description: com.fasterxml.jackson.core_jackson-core package versions before 2.15.0 are vulnerable to Denial of Service (DoS). The package does not properly restri...
osheroff
commented
8 months ago
Hello, I would like to file a CVE fix request for Maxwell v1.41.0. Twistlock shows the following high severity CVEs.
CVE-2022-41881 CVE-2022-45688 CVE-2023-2976 CVE-2023-34455 CVE-2023-36478 CVE-2023-39410 CVE-2023-43642 CVE-2023-44487 CVE-2023-5072 GHSA-xpw8-rcwv-8f8p (including more info as no CVE yet filed for this) PRISMA-2023-0067 (Severity: high | CVSS: 7.50 | Package: com.fasterxml.jackson.core_jackson-core | Version: 2.13.1 | Status: fixed in 2.15.0 com.fasterxml.jackson.core_jackson-core package > 9 months ago | Published: > 9 months | Description: com.fasterxml.jackson.core_jackson-core package versions before 2.15.0 are vulnerable to Denial of Service (DoS). The package does not properly restri...