How to address the vulnerability CVE-2019-11068?
Release : 9.4
Component : API GATEWAY
As per the documents from Redhat and Oracle,
The CVE-2019-11068 is due to the libxslt, but the appliance gateway (ova) doesn't have libxslt installed.
This can be checked with command,
rpm -aq|grep libxslt
- The appliance gateway is not impacted -- this is verified from gateway 9.2 up to gateway 10.
- For other form factor of gateway, it should be the system admin to address the problem.