CVE-2024-38819 and CVE-2024-38820 in One Automation Components

search cancel

CVE-2024-38819 and CVE-2024-38820 in One Automation Components

book

Article ID: 390798

calendar_today

Updated On:

Products

CA Automic Workload Automation - Automation Engine

Issue/Introduction

https://spring.io/blog/2024/10/17/spring-framework-cve-2024-38819-and-cve-2024-38820-published

This concerns the vulnerabilities

CVE-2024-38819: Path traversal vulnerability in functional web frameworks (2nd report)
CVE-2024-38820: Spring Framework DataBinder case sensitive match exception

Cause

CVE-2024-38819 and CVE-2024-38820 in the jar files located in analytics/backend/lib/ext/

Resolution

Fixed in 21.0.13.

Feedback

thumb_up Yes

thumb_down No