Java Agent 24.09 Vulnerabilities
search cancel

Java Agent 24.09 Vulnerabilities

book

Article ID: 388095

calendar_today

Updated On: 02-12-2025

Products

DX Application Performance Management

Issue/Introduction

Below are the new vulnerabilities reported for Java agent 2024.09 patch:-

Component Name Component Version CVE (Vulnerability ID) Security Risk CVSS Score
Apache Tomcat 9.0.87 BDSA-2024-9919 HIGH 8.5
Apache Tomcat 9.0.87 BDSA-2024-9762 HIGH 8.8
Apache Tomcat 9.0.87 BDSA-2024-8736 MEDIUM 6.4
IBM MQ 9.3.2.0 CVE-2024-35156 MEDIUM 6.5
Spring Security 5.7.12 BDSA-2024-8942 MEDIUM 4.2
Logback 1.2.13 BDSA-2024-9866 MEDIUM 5.8
Logback 1.2.13 BDSA-2024-9861 MEDIUM 6.5
Spring Framework 5.3.37 BDSA-2024-8653 MEDIUM 4.9

Environment

 
DX Application Performance Management 24.2
 
JAVA AGENT 2024.09

Resolution

These are medium severity and will be fixed in next release 25.3 or 25.4.

Powered by Wolken Software