Skip to main content
Skip table of contents

Vulnerabilities & Fixes - 11/30/22

Descriptions

As part of our SOC2 compliance program, here are the security breaches that have been found in the past weeks. We remain available to help you with these issues. If you have not already, you can create a ticket here: https://germainux.atlassian.net/servicedesk/customer/portal/1 or email us at info@germainux.com.

Vulnerability

Severity

Scope

Detected

Resolved

Affected versions

Fix implemented in

Link

[CVE-2022-31692]

CRITICAL

Spring Security [5.6.5] => [5.6.9]

11/12/2022

11/14/2022

<= 2022.4

2022.3.52, 2022.4.29

https://nvd.nist.gov/vuln/detail/CVE-2022-31692

[CVE-2022-31690]

HIGH

Spring Security [5.6.5] => [5.6.9]

11/12/2022

11/14/2022

<= 2022.4

2022.3.52, 2022.4.29

https://nvd.nist.gov/vuln/detail/CVE-2022-31690

[CVE-2022-42252]

HIGH

Tomcat [8.5.78] => [8.5.83]

11/12/2022

11/14/2022

<= 2022.4

2022.3.52, 2022.4.29

https://nvd.nist.gov/vuln/detail/CVE-2022-42252

2022.3.52

Download:
https://germain-apm.s3.us-west-2.amazonaws.com/GermainAPM/2022/GermainAPMEngine-2022.3-52-binary.tar.gz
https://germain-apm.s3.us-west-2.amazonaws.com/GermainAPM/2022/GermainAPMEngine-2022.3-52-binary.zip
https://germain-apm.s3.us-west-2.amazonaws.com/GermainAPM/2022/GermainAPMServer-2022.3-52-binary.tar.gz
https://germain-apm.s3.us-west-2.amazonaws.com/GermainAPM/2022/GermainAPMServer-2022.3-52-binary.zip
https://germain-apm.s3.us-west-2.amazonaws.com/GermainAPM/2022/GermainAPMService-2022.3-52-binary.tar.gz
https://germain-apm.s3.us-west-2.amazonaws.com/GermainAPM/2022/GermainAPMService-2022.3-52-binary.zip

Docker:
public.ecr.aws/h0m9e4y5/germainapm-engines:2022.3-52
public.ecr.aws/h0m9e4y5/germainapm-server:2022.3-52
public.ecr.aws/h0m9e4y5/germainapm-services:2022.3-52

2022.4.29

Download:
https://germain-apm.s3.us-west-2.amazonaws.com/GermainAPM/2022/GermainAPMEngine-2022.4-29-binary.tar.gz
https://germain-apm.s3.us-west-2.amazonaws.com/GermainAPM/2022/GermainAPMEngine-2022.4-29-binary.zip
https://germain-apm.s3.us-west-2.amazonaws.com/GermainAPM/2022/GermainAPMServer-2022.4-29-binary.tar.gz
https://germain-apm.s3.us-west-2.amazonaws.com/GermainAPM/2022/GermainAPMServer-2022.4-29-binary.zip
https://germain-apm.s3.us-west-2.amazonaws.com/GermainAPM/2022/GermainAPMService-2022.4-29-binary.tar.gz
https://germain-apm.s3.us-west-2.amazonaws.com/GermainAPM/2022/GermainAPMService-2022.4-29-binary.zip

Docker:
public.ecr.aws/h0m9e4y5/germainapm-engines:2022.4-29
public.ecr.aws/h0m9e4y5/germainapm-server:2022.4-29
public.ecr.aws/h0m9e4y5/germainapm-services:2022.4-29

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.