question

Upvotes
Accepted
daniel.lipofsky avatar image
3 4 5 10

CVE-2022-33980 in EMA

It looks like com.refinitiv.ema:ema:3.6.6.0 uses org.apache.commons:commons-configuration2:2.7 which suffers from CVE-2022-33980. I believe the fix is easy, just upgrade to 2.8.0

ema-apijava
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

· Write an Answer
Upvote
Accepted
wasin.w avatar image
22.7k 47 15 12

Hello @daniel.lipofsky

Thank you for the information, I have submitted the GitHub issue-201 on your behalf on the Real-Time SDK GitHub repository.

If you have more information, please feel free to contact the RTSDK team directly via the issue-201.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.