J9V016 |
SAS Environment Manager 2.5_M4 |
Issue(s) Addressed: | Introduced: |
67194 | SAS® Environment Manager includes a version of Apache Ant that has known vulnerabilities |
J9V001 |
61159 | A security scan might report a vulnerability in SAS® Environment Manager |
J9V002 |
67844 | SAS® Environment Manager contains a PostgreSQL library that is affected by a known vulnerability |
J9V002 |
67848 | The SAS® Environment Manager server contains a version of Apache Tomcat that is affected by known vulnerabilities |
J9V002 |
67850 | SAS® Environment Manager accepts GET requests in circumstances where the POST method should be used |
J9V002 |
67851 | SAS® Environment Manager fails to disable the autocomplete function for certain password input fields |
J9V002 |
67891 | SAS® Environment Manager contains an XStream library that is affected by known vulnerabilities |
J9V002 |
68098 | SAS® Environment Manager contains a Velocity library that contains known vulnerabilities |
J9V003 |
68378 | SAS® Environment Manager contains a version of Apache Ant with known vulnerabilities |
J9V004 |
68578 | SAS® Environment Manager fails to start with "EXCEPTION_ACCESS_VIOLATION" after applying the SAS Private Java Runtime Environment (JRE) update |
J9V005 |
68431 | SAS® Environment Manager contains a cross-site scripting vulnerability (CVE-2021-35475) |
J9V006 |
68637 | SAS® Environment Manager contains a version of Apache Groovy affected by CVE-2020-17521 |
J9V006 |
68638 | SAS® Environment Manager contains a version of the Jasypt library affected by CVE-2014-9970 |
J9V006 |
68648 | SAS® 9.4M7 deployments using SAS Software Depots prior to revision 21w26 encounter an error at the "SAS Environment Manager Configuration" step |
J9V006 |
68560 | SAS® Environment Manager contains a version of Apache Tomcat that is affected by CVE-2021-33037 and CVE-2021-30640 |
J9V007 |
68756 | SAS® 9.4 products contain an Apache Log4J version 2 component with known vulnerabilities |
J9V007 |
68786 | SAS® Environment Manager 2.5 contains an Apache HttpClient library affected by CVE-2020-13956 |
J9V007 |
68787 | SAS® Environment Manager contains an XStream library with known vulnerabilities |
J9V007 |
68909 | The SAS® Environment Manager Configuration step of the Load Content stage fails with "…Failed To create ev initial User and Role…" |
J9V007 |
68972 | SAS® Environment Manager contains an Apache Commons IO library that is affected by CVE-2021-29425 |
J9V007 |
69029 | SAS® Environment Manager 2.5 contains a Terracotta Quartz Scheduler library affected by CVE-2019-13990 |
J9V007 |
69033 | SAS® Environment Manager contains a version of the Terracotta Quartz Scheduler with known vulnerabilities |
J9V007 |
69248 | SAS® Environment Manager contains an XStream library that is affected by CVE-2021-43859 |
J9V008 |
69249 | SAS® Environment Manager contains a PostgreSQL JDBC Driver affected by CVE-2022-21724 |
J9V008 |
69483 | SAS® Environment Manager Agent reports incorrect Microsoft Windows releases for Windows releases after 2015 |
J9V009 |
69798 | SAS® Environment Manager contains a version of the PostgreSQL JDBC Driver that is known to be affected by CVE-2022-31197 |
J9V010 |
69930 | SAS® Environment Manager contains multiple libraries with known vulnerabilities |
J9V010 |
70013 | SAS® Environment Manager Server uses a version of Apache Tomcat with known vulnerabilities |
J9V011 |
70328 | A SAS® Environment Manager server contains a version of Apache Tomcat with known vulnerabilities |
J9V012 |
70522 | Remove old log4j 1.2 config files in SAS® Environment Manager |
J9V013 |
70523 | Removal of unnecessary check boxes for the Plug-in Manager page within the SAS® Environment Manager web console |
J9V013 |
70554 | SAS® Environment Manager contains a version of activemq-client that is known to be affected by CVE-2023-46604 |
J9V014 |
70677 | SAS® Environment Manager Hot Fix J9V014 removes previous files that are no longer used |
J9V014 |
70685 | The SAS® Environment Manager server contains a version of Apache Tomcat with known vulnerabilities |
J9V014 |
70836 | The SAS® Environment Manager server contains a version of Apache Tomcat with known vulnerabilities |
J9V016 |
|
D indicates that the Documentation has special pre-installation, post-installation or other unique instructions not commonly used for hot fix deployment. |