Page History
Bugfixes
Incident number | Summary (problem description) | Resolution | ||
---|---|---|---|---|
PUB-151 | CWE-184 Incomplete Blacklist and CWE-94 Improper Control of Generation of Code ('Code Injection') | 152 | The publisher dependency checker identified one CVE in the jackson-databind third party library | The vulnerability, CVE-2017-17485, was fixed by upgrading the jackson library to 2.9.5, an uneffected versionAll the vulnerabilities were addressed and resolved. For further details and explanations, please check: Blueriq Publisher Vulnerabilities OLD |
Upgrade Instructions
There are no upgrade instructions.
3rd Party Libraries
There is also a page available which lists all the 3rd party libraries that are used in the Publisher. See for more information: Blueriq Publisher 4 libraries. For a list of all known vulnerabilities please view Blueriq Publisher Vulnerabilities OLDVulnerability Reports.
Overview
Content Tools