Version 3.0.4
Release Notes
Known Bugs
| Key | T | Status | Summary | Description | Affected Versions | Fix Versions |
|---|---|---|---|---|---|---|
| SCFB-51 |
|
Closed | Fixing the vulnerability CVE-2023-1370 |
Jira actions are performed with a JSON payload. In this case the libray "net.minidev-json-smart", which is affected by CVE-2023-1370, was used to create this payload. However, the critical functionality had no negative impact on the add-on. Nevertheless, the library was updated. |
1.2.0, 2.2.0, 1.2.1, 2.2.1, 2.3.0, 3.0.0, 3.1.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 4.0.0 | 4.0.1 |
| SCFB-47 |
|
Closed | Fixing the vulnerability CVE-2021-27568 |
Please update to the version 3.0.5. Because this version contains the vulnerability CVE-2021-27568 . This vulnerability occurs because the library json-smart-1.1.1.jar which is shipped and used with this version. |
0.8.0, 0.8.1, 0.8.2, 0.9.0, 0.9.1, 0.9.2, 0.9.3, 0.9.4, 0.9.5, 0.9.6, 0.9.7, 0.9.8, 1.0.0, 2.0.0, 2.1.0, 1.1.0, 1.2.0, 2.2.0, 1.2.1, 2.2.1, 2.3.0, 3.0.0, 3.1.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4 | 3.0.5 |