Javelin Vulnerability: Telerik UI
Article ID: 389803
Updated On: 03-04-2025
Products
CA Test Data Manager (Data Finder / Grid Tools)
Issue/Introduction
| U9ZSOCKNWDWV001 | Telerik UI for WPF < 2024.3.924 Multiple Vulnerabilities | Upgrade to Telerik UI for WPF version 2024.3.924 or later. | Path : C:\Grid-Tools\GTEDI\Telerik.Windows.Controls.dll Installed version : 2014.1.224.45 Fixed version : 2024.3.924 Path : C:\Program Files\Grid-Tools\Javelin\Telerik.Windows.Controls.dll Installed version : 2014.1.224.45 Fixed version : 2024.3.924 |
Development | CVE-2024-7575 CVE-2024-7576 CVE-2024-8316 |
Environment
All supported Javelin releases.
Cause
Vulnerability only with the Javelin UI.
Resolution
We don't own the license for the latest versions of the 3rd party component with the vulnerability (Telerik diagram) - the version used by Javelin is more than 10 years old.
We can either replace the component with some alternative (which would take months, even a year or more) or renew the licence (and this could also take some time anyway to make Javelin compatible with the latest version).
NOTE: only Javelin.exe (the UI) and not JavelinExecutor.exe (command line used by Portal) is affected.
There is nothing we can do about this vulnerability with Javelin UI at this time.
Feedback
Was this article helpful?
Yes
No
Powered by
