Updated the Docker base images of Collection Agent versions 4.5.1 and 5.1.0 to resolve the the security vulnerability.
Docker Image
Geneos 7.4.0
UTL-1338
CVE-2025-0395 (Medium)
Updated the Geneos Docker base images to ubi9-minimal:9.5-1742914212 to resolve the security vulnerability.
Docker Image
Geneos 7.4.0
UTL-1339
CVE-2025-0395 (Medium)
Updated the Docker base images of Collection Agent versions 4.5.1 and 5.1.0 to resolve the the security vulnerability.
Docker Image
Geneos 7.4.0
UTL-1341
CVE-2020-11023 (Medium)
CVE-2025-24528 (Medium)
CVE-2024-12133 (Medium)
CVE-2024-12243 (Medium)
Updated the Geneos Docker base images to ubi9-minimal:9.6-1747218906 to resolve the security vulnerabilities.
Docker Image
Geneos 7.4.0
UTL-1342
CVE-2024-12133 (Medium)
CVE-2025-24528 (Medium)
CVE-2025-0938 (Medium)
CVE-2024-12243 (Medium)
CVE-2024-8176 (Medium)
CVE-2024-12087 (Medium)
CVE-2024-52616 (Medium)
CVE-2024-12747 (Medium)
CVE-2024-12088 (Medium)
Updated the Docker base image of Collection Agent version 4.5.1 and created the Docker image for Collection Agent version 5.3.0, including all updated Collection Agent plugins packaged with Geneos 7.4.0:
AWS Collection Agent plugin 5.2.0
Azure Collection Agent plugin 5.1.1
Kubernetes Collection Agent plugin 5.2.1
Opentelemetry Collection Agent plugin 5.3.0
gRPC Collection Agent plugin 5.3.0
These updates resolve the security vulnerabilities.
The c-ares library has been updated to version 1.34.1 to address the security vulnerability.
Gateway, Netprobe, Fix-Analyser 2 Netprobe
Geneos 7.1.0
AA-7170
BDSA-2024-4704 (High)
BDSA-2024-2491 (Medium)
The libxml2 has been updated to version 2.13.4 to address the security vulnerabilities.
Gateway, Netprobe, Fix-Analyser 2 Netprobe
Geneos 7.1.0
AA-7171
CVE-2023-44487 (High)
BDSA-2024-5199 (High)
BDSA-2023-2427 (CVE-2023-4785) (Medium)
BDSA-2023-2140 (CVE-2023-33953) (Medium)
The gRPC library has been updated to version 1.67.0 to address the security vulnerabilities.
Gateway, Netprobe, Fix-Analyser 2 Netprobe
Geneos 7.1.0
COL-12288
CVE-2024-7254 (High)
The proto-google-common-protos dependency has been updated to version 2.46.0 to remove the transitive dependency to the vulnerable protobuf-java library.
Netprobe
Geneos 7.1.0
VI-9804
CVE-2023-35116 (Medium)
The Jackson databind library in the Active Console has been upgraded to 2.18.0 to address the security vulnerability.
Active Console
Geneos 7.1.0
VI-9852
BDSA-2024-5369 (Medium)
BDSA-2024-5371 (Medium)
The Spring Framework libraries in the Web Server have been upgraded to 5.3.39 to address the security vulnerabilities.
Web Server
Geneos 7.1.0
VI-9881
BDSA-2024-7228 (Medium)
BDSA-2024-7229 (Medium)
The Jetty libraries in the Web Server have been upgraded to 9.4.56.v20240826 to address the security vulnerabilities.
Web Server
Geneos 7.1.0
VI-9886
BDSA-2024-7762 (High)
The Spring Security libraries in the Web Server have been upgraded to 5.8.15 to address the security vulnerability.