Uploaded image for project: 'JOC - JobScheduler Operations Center'
  1. JOC - JobScheduler Operations Center
  2. JOC-1562

Update JOC Cockpit GUI to Angular 16.1 due to 3rd-party vulnerabilities (CVE-2023-26118, CVE-2023-26117, CVE-2023-26116)

    XMLWordPrintable

Details

    • CVE-2023-26116, CVE-2023-26117, CVE-2023-26118

    Description

      Current Situation

      Risk Mitigation

      • SOS rates the vulnerabilities being of low risk. There is no exploit for the vulnerabilities.
      • The JOC Cockpit does not make use of the functions vulnerable to regular expression attacks.

      Fix

      • Fixes will become available with next maintenance releases.
      • This includes to migrate the JOC Cockpit GUI to Angular 16.1

      Attachments

        Activity

          People

            ztsa0019 Sourabh Agrawal
            ap Andreas PĆ¼schel
            Kanika Agrawal Kanika Agrawal
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: