You are viewing the documentation for Blueriq 13. Documentation for other versions is available in our documentation directory.

Identifier

Component

Issue

Solution

BQ-21733

 

CVE-2023-6378 has been detected on the logback-core dependency.

Updated logback-core to the latest version.

BQ-21671

 

CVE-2023-34055 has been reported on Spring Boot. Also, CVE-2023-34053 has been reported on Spring Boot 3.x, which is used by R16.

For R15 & R16, Spring Boot has been upgraded to the latest version. For lower versions, there is no fix available since the underlying Spring Boot version is no longer supported. Upgrade to a newer Blueriq version. In the meantime, have a look at the temporary workaround described in [

https://spring.io/security/cve-2023-34055

].
  • No labels

Didn't find the answer you were looking for? Try the advanced search