Geneos 7.x Security Updates

Overview Copied

This page contains security updates for all Geneos 7.x releases.

To learn more about the supported Geneos versions and new features in the Geneos 7.x release, see the following documents:

Geneos 7.8.0 Copied

Issue Key CVE Number and Severity Description Affected Components Fix Version
C2-500 CVE-2026-1002 (Medium) This release updates the Vert.x dependencies used by the Collection Agent plugins to version 4.5.24. In addition, the security vulnerability has been disclosed and fixed in this release. Kubernetes Collection Agent plugin, Prometheus Collection Agent plugin Kubernetes Collection Agent version 6.3.1, Prometheus Collection Agent plugin 6.3.2
AZUREMON-634, COL-12947, COL-12951, HAAW-566, VMW-41 BDSA-2025-62789 (CVE-2025-67735) (Medium) The Collection Agent has been upgraded to use collection-plugin-parent version 6.4.1 to address the Netty security vulnerability.
  • Collection Agent
  • AWS Collection Agent plugin
  • Azure Monitor Collection Agent plugin
  • HTTP-JSON Collection Agent plugin
  • Kubernetes Collection Agent plugin
  • Prometheus Collection Agent plugin
  • VMware Collection Agent plugin
  • Collection Agent 6.4.1
  • AWS Collection Agent plugin version 6.3.1
  • Azure Monitor Collection Agent plugin version 6.3.0
  • HTTP-JSON Collection Agent plugin version 6.2.0
  • Kubernetes Collection Agent plugin 6.3.1
  • Prometheus Collection Agent plugin 6.3.1
  • VMware Collection Agent plugin version 6.2.2
COL-12950 CVE-2026-21452 (High) The Fluentd Forward Collection Agent plugin has been upgraded to use collection-plugin-parent version 6.4.1 to address the MessagePack security vulnerability. Fluentd Forward Collection Agent plugin Fluentd Forward Collection Agent plugin version 6.0.1
COL-12955 CVE-2025-59250 (High) Updated the Microsoft JDBC Driver for SQL Server to version 13.2.1.jre11 to address the security vulnerability. JDBC Collection Agent plugin JDBC Collection Agent plugin version 6.1.1
UTL-1269
  • BDSA-2024-9861 (Medium)
  • BDSA-2025-12973 (Medium)
  • BDSA-2024-9866 (Medium)
  • BDSA-2023-3307 (CVE-2023-6378) (Medium)
  • BDSA-2023-3341 (Medium)
 Updated the Logback library to version 1.5.23 to address the security vulnerabilities. SSO Agent SSO Agent 1.17
UTL-1270
  • BDSA-2020-3736 (CVE-2020-8908) (Medium)
  • BDSA-2016-1748 (CVE-2023-2976) (Medium)
 Updated the Google Guava library to version 33.5.0 to address the security vulnerabilities. SSO Agent SSO Agent 1.17
UTL-1271
  • BDSA-2024-1961 (Medium)
  • BDSA-2023-3254 (CVE-2023-33202) (Medium)
  • BDSA-2023-1625 (CVE-2023-33201) (Medium)
  • BDSA-2024-1960 (CVE-2024-29857) (Medium)
  • BDSA-2023-3876 (CVE-2024-30171) (Medium)
  • BDSA-2024-2378 (Medium)
  • BDSA-2025-8507 (CVE-2025-8885) (Medium)
  • BDSA-2025-8573 (Medium)
 Updated the Bouncy Castle library to version 1.83 to address the security vulnerabilities. SSO Agent SSO Agent 1.17
UTL-1399 BDSA-2025-6849 (Medium) Updated the Nimbus-JOSE-JWT library to version 10.6 to address the security vulnerability. SSO Agent SSO Agent 1.17
UTL-1452, UTL-1456
  • CVE-2025-59375 (Important)
  • CVE-2025-9714 (Moderate)
  • CVE-2025-4598 (Moderate)
 Updated the Docker base images of Collection Agent version 4.5.1 to resolve the security vulnerabilities. Docker Image Geneos 7.8.0
UTL-1453 CVE-2025-9714 (Moderate) Updated the Geneos Docker base images to ubi9-minimal:9.7-1764578379 to resolve the security vulnerability. Docker Image Geneos 7.8.0
UTL-1455 CVE-2025-4598 (Moderate) Updated the Geneos Docker base images to ubi9-minimal:9.7-1764794109 to resolve the security vulnerability. Docker Image Geneos 7.8.0
UTL-1459
  • BDSA-2025-99569 (CVE-2025-12543) (Medium)
  • BDSA-2025-42121 (Medium)
  • BDSA-2024-10904 (Medium)
  • BDSA-2025-10696 (Medium)
 Updated the Undertow library to version 2.3.21 to address the security vulnerabilities. SSO Agent SSO Agent 1.17
UTL-1461 CVE-2025-68973 (Important) Updated the Geneos Docker base images to ubi9-minimal:9.7-1768783948 to resolve the security vulnerability. Docker Image Geneos 7.8.0
UTL-1471 CVE-2025-13601 (Moderate) Updated the Geneos Docker base images to ubi9-minimal:9.7-1769056855 to resolve the security vulnerability. Docker Image Geneos 7.8.0
VI-10057 BDSA-2025-68245 (CVE-2025-68161) (Medium) Upgraded the Log4j libraries used by the Active Console and Web Server to version 2.25.3 to address the security vulnerability.
  • Active Console
  • Web Server
 Geneos 7.8.0

Geneos 7.7.0 Copied

Issue Key CVE Number and Severity Description Affected Components Fix Version
C2-496 CVE-2025-11226 (BDSA-2025-12973) Resolved the security vulnerability affecting Netty and Logback. Collection Agent Geneos 7.7.0
UTL-1433
  • CVE-2025-61748 (Moderate)
  • CVE-2025-53057 (Moderate)
  • CVE-2025-53066 (Moderate)
 Updated the Docker base image of Collection Agent version 6.2.1 to resolve the security vulnerabilities. Docker Image Geneos 7.7.0
UTL-1434
  • CVE-2025-53057 (Moderate)
  • CVE-2025-53066 (Moderate)
 Updated the Docker base image of Collection Agent version 4.5.1 to resolve the security vulnerabilities. Docker Image Geneos 7.7.0
UTL-1436
  • CVE-2025-9230 (BDSA-2025-12971) (High)
  • CVE-2025-9231 (BDSA-2025-12972) (High)
  • CVE-2025-9232 (BDSA-2025-12969) (High)
 Upgraded OpenSSL to version 3.4.3 to address the security vulnerabilities.
  • Active Console
  • FIX Analyser 2 Netprobe
  • File Agent
  • Gateway
  • Netprobe
  • Licence Daemon
  • Webslinger
 Geneos 7.7.0
UTL-1439
  • CVE-2025-6965 (Important)
  • CVE-2024-56433 (Low)
 Updated the Geneos Docker base image to ubi9-minimal:9.7-1762956380 to resolve the security vulnerabilities. Docker Image Geneos 7.7.0
UTL-1442
  • CVE-2025-6965 (Important)
  • CVE-2024-56433 (Low)
 Updated the Docker base image of Collection Agent version 4.5.1 to resolve the security vulnerabilities. Docker Image Geneos 7.7.0
UTL-1448 CVE-2025-9230 (Moderate) Updated the Geneos Docker base image to ubi9-minimal:9.7-1763362218 to resolve the security vulnerability. Docker Image Geneos 7.7.0
UTL-1450 CVE-2025-9230 (Moderate) Updated the Docker base image of Collection Agent version 4.5.1 to resolve the security vulnerability. Docker Image Geneos 7.7.0
VI-9990 BDSA-2025-5150 Upgraded the Spring Framework library used by the Web Server to version 6.2.12 to address the security vulnerability. Web Server Geneos 7.7.0
VI-9997 BDSA-2025-6849 (Medium) Upgraded the Nimbus JOSE + JWT library used by the Active Console and Web Server to version 10.6 to address the security vulnerability.
  • Active Console
  • Web Server
 Geneos 7.7.0
VI-10029 BDSA-2025-11866 (Medium) Upgraded the Spring Security library used by the Web Server to version 6.5.6 to address the security vulnerability. Web Server Geneos 7.7.0
VI-10032 BDSA-2025-9581 (Medium) Upgraded the Eclipse Jetty library used by the Web Server to version 12.0.29 to address the security vulnerability. Web Server Geneos 7.7.0
VI-10036 CVE-2025-8916 (Moderate) Upgraded the Bouncy Castle library used by the Active Console and Web Server to version 1.82 to address the security vulnerability.
  • Active Console
  • Web Server
 Geneos 7.7.0

Geneos 7.6.0 Copied

Issue Key CVE Number and Severity Description Affected Components Fix Version
C2-489 CVE-2025-55163 Upgraded Netty to version 4.1.127 to resolve the security vulnerability. Collection Agent, Prometheus Collection Agent plugin Collection Agent 6.2.1,Prometheus Collection Agent plugin 6.1.1
UTL-1398 CVE-2022-29458 (Low) Updated the Geneos Docker base image to ubi9-minimal:9.6-1754584681 to resolve the security vulnerability. Docker Image Geneos 7.6.0
UTL-1400
  • CVE-2025-8058 (Moderate)
  • CVE-2025-32414 (Moderate)
  • CVE-2025-32415 (Moderate)
  • CVE-2022-29458 (Low)
 Updated the Docker base images of Collection Agent versions 4.5.1 and 6.0.0 to resolve the security vulnerabilities. Docker Image Geneos 7.6.0
UTL-1411
  • CVE-2025-58060 (Important)
  • CVE-2025-58364 (Moderate)
 Updated the Docker base images of Collection Agent versions 4.5.1 and 6.0.0 to resolve the security vulnerabilities. Docker Image Geneos 7.6.0
UTL-1413
  • CVE-2025-32989 (Moderate)
  • CVE-2025-6395 (Moderate)
  • CVE-2025-32988 (Moderate)
  • CVE-2025-32990 (Moderate)
 Updated the Geneos Docker base image to ubi9-minimal:9.6-1758184547 to resolve the security vulnerabilities. Docker Image Geneos 7.6.0
UTL-1414
  • CVE-2025-32989 (Moderate)
  • CVE-2025-6395 (Moderate)
  • CVE-2025-32988 (Moderate)
  • CVE-2025-32990 (Moderate)
 Updated the Docker base images of Collection Agent versions 4.5.1 and 6.2.1 to resolve the security vulnerabilities. Docker Image Geneos 7.6.0

Geneos 7.5.0 Copied

Issue Key CVE Number and Severity Description Affected Components Fix Version
AA-7241 CVE-2024-11407 (Medium) Updated the gRPC library to version 1.69.0 to address the security vulnerability. Gateway, Netprobe, Fix Analyser 2 Netprobe Geneos 7.5.0
AA-7337 CVE-2025-31498 (High) Updated the c-ares library to version 1.34.5 to address the security vulnerability. Gateway, Netprobe, Fix Analyser 2 Netprobe Geneos 7.5.0
COL-8403 CVE-2014-5461 (High) Removed the third-party Lua static library to address the security vulnerability. This change does not affect any functionality. Netprobe Geneos 7.5.0
COL-12641 CVE-2025-49146 (BDSA-2025-5099) (High) Updated the PostgreSQL JDBC driver to version 42.7.7 to address the security vulnerability. JDBC Collection Agent plugin Geneos 7.5.0, JDBC 5.0.1
UTL-1375
  • CVE-2025-49796 (Important)
  • CVE-2025-49794 (Important)
  • CVE-2025-6021 (Moderate)
 Updated the Geneos Docker base image to ubi9-minimal:9.6-1752069876 to resolve the security vulnerabilities. Docker Image Geneos 7.5.0
UTL-1376
  • CVE-2025-49794 (Important)
  • CVE-2025-49796 (Important)
  • CVE-2025-47273 (Moderate)
  • CVE-2025-6021 (Moderate)
 Updated the Docker base images of Collection Agent versions 4.5.1 and 5.3.0 to resolve the security vulnerabilities. Docker Image Geneos 7.5.0
UTL-1377
  • CVE-2024-52533 (Moderate)
  • CVE-2025-4373 (Moderate)
 Updated the Geneos Docker base image to ubi9-minimal:9.6-1752587672 to resolve the security vulnerabilities. Docker Image Geneos 7.5.0
UTL-1378
  • CVE-2025-30749 (Important)
  • CVE-2025-50059 (Important)
  • CVE-2025-50106 (Important)
  • CVE-2025-4373 (Moderate)
  • CVE-2024-52533 (Moderate)
  • CVE-2025-30754 (Moderate)
 Updated the Docker base images of Collection Agent versions 4.5.1 and 5.3.0 to resolve the security vulnerabilities. Docker Image Geneos 7.5.0
UTL-1381 CVE-2025-6965 (Important) Updated the Geneos Docker base image to ubi9-minimal:9.6-1753762263 to resolve the security vulnerability. Docker Image Geneos 7.5.0
UTL-1390 CVE-2025-7425 (Important) Updated the Geneos Docker base image to ubi9-minimal:9.6-1754000177 to resolve the security vulnerability. Docker Image Geneos 7.5.0
UTL-1394 CVE-2025-8058 (Moderate) Updated the Geneos Docker base image to ubi9-minimal:9.6-1754356396 to resolve the security vulnerability. Docker Image Geneos 7.5.0
UTL-1396
  • CVE-2025-6965 (Important)
  • CVE-2025-7425 (Important)
  • CVE-2024-52615 (Moderate)
  • CVE-2025-8058 (Moderate)
 Updated the Docker base images of Collection Agent versions 4.5.1 and 6.0.0 to resolve the security vulnerabilities. Docker Image Geneos 7.5.0
UTL-1409 CVE-2025-8194 (Moderate) Updated the Docker base images of Collection Agent versions 4.5.1 and 6.0.0 to resolve the security vulnerability. Docker Image Geneos 7.5.0

Geneos 7.4.0 Copied

Release Withdrawn

Geneos versions 7.4.0 and 7.4.1 have been withdrawn and are no longer available for download due to a discovered memory leak.

We recommend upgrading to Geneos version 7.4.2. For more information on the components packaged with this release, refer to the Geneos 7.x Release Notes.

Issue Key CVE Number and Severity Description Affected Components Fix Version
COL-12554 CVE-2016-9840 (BDSA-2016-1107) Updated the Boost C++ Libraries to version 1.88.0 to address the security vulnerability. File Agent, Fix Analyser 2 Netprobe, Gateway, Netprobe Geneos 7.4.0
UTL-1335 CVE-2024-8176 (Medium) Updated the Docker base images of Collection Agent versions 4.5.1 and 5.1.0 to resolve the the security vulnerability. Docker Image Geneos 7.4.0
UTL-1338 CVE-2025-0395 (Medium) Updated the Geneos Docker base images to ubi9-minimal:9.5-1742914212 to resolve the security vulnerability. Docker Image Geneos 7.4.0
UTL-1339 CVE-2025-0395 (Medium) Updated the Docker base images of Collection Agent versions 4.5.1 and 5.1.0 to resolve the the security vulnerability. Docker Image Geneos 7.4.0
UTL-1341
  • CVE-2020-11023 (Medium)
  • CVE-2025-24528 (Medium)
  • CVE-2024-12133 (Medium)
  • CVE-2024-12243 (Medium)
 Updated the Geneos Docker base images to ubi9-minimal:9.6-1747218906 to resolve the security vulnerabilities. Docker Image Geneos 7.4.0
UTL-1342
  • CVE-2024-12133 (Medium)
  • CVE-2025-24528 (Medium)
  • CVE-2025-0938 (Medium)
  • CVE-2024-12243 (Medium)
  • CVE-2024-8176 (Medium)
  • CVE-2024-12087 (Medium)
  • CVE-2024-52616 (Medium)
  • CVE-2024-12747 (Medium)
  • CVE-2024-12088 (Medium)
 Updated the Docker base image of Collection Agent version 4.5.1 and created the Docker image for Collection Agent version 5.3.0, including all updated Collection Agent plugins packaged with Geneos 7.4.0:
  • AWS Collection Agent plugin 5.2.0
  • Azure Collection Agent plugin 5.1.1
  • Kubernetes Collection Agent plugin 5.2.1
  • Opentelemetry Collection Agent plugin 5.3.0
  • gRPC Collection Agent plugin 5.3.0
These updates resolve the security vulnerabilities.		 Docker Image Geneos 7.4.0

Geneos 7.3.1 Copied

Issue Key CVE Number and Severity Description Affected Components Fix Version
UTL-1337
  • CVE-2025-21587 (Medium)
  • CVE-2025-30698 (Medium)
  • CVE-2025-30691 (Medium)
 Updated the Docker base images of Collection Agent versions 4.5.1 and 5.1.0 to resolve the security vulnerabilities. Docker Image Geneos 7.3.1
VI-9959
  • BDSA-2025-2270
  • BDSA-2025-2271
 The Spring Security libraries used by the Web Server have been upgraded to version 6.4.4 to address the security vulnerabilities. Web Server Geneos 7.3.1

Geneos 7.3.0 Copied

Issue Key CVE Number and Severity Description Affected Components Fix Version
AZUREMON-559, HAAW-495
  • CVE-2025-24970 (BDSA-2025-1033)
  • CVE-2025-25193 (BDSA-2025-1031)
 Updated Netty to version 4.1.118.Final to address the security vulnerabilities. AWS plugin, Azure Monitor plugin Geneos 7.3.0, AWS 5.1.1, Azure 5.0.2
UTL-1321
  • CVE-2024-12797
  • CVE-2022-49043
  • CVE-2020-11023
 Updated the Docker base image of Collection Agent version 5.0.2 to resolve the security vulnerabilities. Docker Image Geneos 7.3.0
UTL-1325
  • CVE-2025-24928
  • CVE-2024-56171
 Updated the Docker base images of Collection Agent versions 4.5.1 and 5.0.2 to resolve the security vulnerabilities. Docker Image Geneos 7.3.0
UTL-1326
  • CVE-2025-24928
  • CVE-2024-56171
 Updated the Geneos Docker base image to ubi9-minimal:9.5-1741850109 to resolve the security vulnerabilities. Docker Image Geneos 7.3.0
UTL-1334 CVE-2025-27363 Updated the Docker base images of Collection Agent versions 4.5.1 and 5.1.0 to resolve the security vulnerability. Docker Image Geneos 7.3.0
VI-9936
  • CVE-2023-1370
  • BDSA-2025-0966
 The json-smart libraries in the Active Console and Web Server have been upgraded to 2.5.2 to resolve the security vulnerabilities. Active Console, Web Server Geneos 7.3.0

Geneos 7.2.0 Copied

Issue Key CVE Number and Severity Description Affected Components Fix Version
UTL-1322 CVE-2022-49043 Updated the Collection Agent Docker base images for versions 4.5.1 and 5.0.2 to address the security vulnerability CVE-2022-49043. Docker Image Geneos 7.2.2
COL-12470
  • CVE-2024-12801 (BDSA-2024-9861)
  • CVE-2024-12798 (BDSA-2024-9866)
 Updated logback to 1.5.16 to address the security vulnerabilities. Netprobe Geneos 7.2.0
VI-9496, VI-9873
  • BDSA-2024-6258
  • BDSA-2024-7391
  • BDSA-2024-8653
  • CVE-2016-1000027 (Critical)
  • CVE-2024-38820 (BDSA-2024-7393)
 Upgraded the Spring Framework libraries in the Web Server to 6.2.1 to address the security vulnerabilities. Web Server Geneos 7.2.0
VI-9894 BDSA-2024-8949 (Medium) The Spring LDAP library in the Web Server has been upgraded to 3.2.10 to address the security vulnerability. Web Server Geneos 7.2.0
VI-9906 BDSA-2024-8942 (Medium) The Spring Security libraries in the Web Server have been upgraded to 6.4.2 to address the security vulnerability. Web Server Geneos 7.2.0
HAAW-491 CVE-2024-31141 (BDSA-2024-9369) Updated Apache Kafka 3.7.1 to version 3.8.0-rc0 to address the security vulnerability. AWS plugin Geneos 7.2.0

Geneos 7.1.1 Copied

Issue Key CVE Number and Severity Description Affected Components Fix Version
AA-7229
  • CVE-2024-3596 (High)
  • CVE-2024-26462 (Medium)
  • CVE-2024-26461 (Medium)
  • CVE-2024-26458 (Medium)
  • CVE-2024-2236 (Medium)
  • CVE-2024-4741 (Low)
  • CVE-2024-4603 (Low)
  • CVE-2024-2511 (Low)
  • CVE-2024-5535 (Low)
 Updated Geneos and Netprobe base Docker images to 9.5-1731604394 to address the security vulnerabilities. Docker Image Geneos 7.1.1
AZUREMON-553, C2-457, COL-12421 CVE-2024-47535 (High) Updated Netty to 4.1.115.Final to address the security vulnerability. Azure Monitor, Collection Agent, Netprobe Geneos 7.1.1
COL-12380
  • CVE-2024-8096 (BDSA-2024-6196) (Medium)
  • CVE-2024-7264 (BDSA-2024-5030) (Low)
  • CVE-2024-6874 (BDSA-2024-4662) (Low)
  • CVE-2024-6197 (BDSA-2024-4663) (Medium)
 Updated the curl version from 8.8.0 to 8.10.1 to address the security vulnerabilities. Gateway, Netprobe Geneos 7.1.1
HAAW-481 CVE-2024-47561(BDSA-2024-6954) (High) Updated the Apache Avro dependency of the AWS Kinesis client to 1.11.4 to address the security vulnerability. AWS Plugin Geneos 7.1.1
UTL-1308
  • CVE-2023-5869
  • CVE-2021-32027
  • CVE-2020-25695
  • CVE-2020-25694
  • CVE-2016-0773
  • CVE-2016-5423
  • CVE-2016-5424
  • CVE-2023-39417
  • CVE-2020-25696
  • CVE-2020-14350
  • CVE-2020-14349
  • CVE-2021-32029
  • CVE-2021-32028
  • CVE-2015-0243
  • CVE-2015-0241
  • CVE-2015-3165
  • CVE-2024-10978
  • CVE-2018-1115
  • CVE-2015-3166
  • CVE-2024-4317
  • CVE-2023-39418
  • CVE-2015-3167
  • CVE-2015-0244
 postgres dependencies have been removed from the Gateway and Netprobe Docker images to address the security vulnerabilities. Docker Image Geneos 7.1.1
VI-9888 sonatype-2024-3350 (High) The Apache Commons Collection java library has been updated to Apache Commons Collection version 4.4 to address the security vulnerability. Active Console Geneos 7.1.1

Geneos 7.1.0 Copied

Issue Key CVE Number and Severity Description Affected Components Fix Version
AA-6974 BDSA-2024-0444 (Medium) The c-ares library has been updated to version 1.34.1 to address the security vulnerability. Gateway, Netprobe, Fix-Analyser 2 Netprobe Geneos 7.1.0
AA-7170
  • BDSA-2024-4704 (High)
  • BDSA-2024-2491 (Medium)
 The libxml2 has been updated to version 2.13.4 to address the security vulnerabilities. Gateway, Netprobe, Fix-Analyser 2 Netprobe Geneos 7.1.0
AA-7171
  • CVE-2023-44487 (High)
  • BDSA-2024-5199 (High)
  • BDSA-2023-2427 (CVE-2023-4785) (Medium)
  • BDSA-2023-2140 (CVE-2023-33953) (Medium)
 The gRPC library has been updated to version 1.67.0 to address the security vulnerabilities. Gateway, Netprobe, Fix-Analyser 2 Netprobe Geneos 7.1.0
COL-12288 CVE-2024-7254 (High) The proto-google-common-protos dependency has been updated to version 2.46.0 to remove the transitive dependency to the vulnerable protobuf-java library. Netprobe Geneos 7.1.0
VI-9804 CVE-2023-35116 (Medium) The Jackson databind library in the Active Console has been upgraded to 2.18.0 to address the security vulnerability. Active Console Geneos 7.1.0
VI-9852
  • BDSA-2024-5369 (Medium)
  • BDSA-2024-5371 (Medium)
 The Spring Framework libraries in the Web Server have been upgraded to 5.3.39 to address the security vulnerabilities. Web Server Geneos 7.1.0
VI-9881
  • BDSA-2024-7228 (Medium)
  • BDSA-2024-7229 (Medium)
 The Jetty libraries in the Web Server have been upgraded to 9.4.56.v20240826 to address the security vulnerabilities. Web Server Geneos 7.1.0
VI-9886 BDSA-2024-7762 (High) The Spring Security libraries in the Web Server have been upgraded to 5.8.15 to address the security vulnerability. Web Server Geneos 7.1.0

Geneos 7.0.4 Copied

Issue Key CVE Number CVE Severity Description Affected Components Fix Version
COL-12287 CVE-2024-7254 High Updated the following to address CVE-2024-7254:
  • protobuf-java library to version 3.25.5
  • proto-google-common-protos to version 2.45.1
  • collection-agent and the corresponding collection dependencies to version 4.7.0
  • obcerv-platform-api to version 2.7.0
 Collection Agent, Netprobe Geneos 7.0.4
HAAW-479 BDSA-2024-6519 (CVE-2024-7254) High Updated the protobuf-java dependency to address: BDSA-2024-6519 (CVE-2024-7254). AWS Geneos 7.0.4
UTL-1246 CVE-2024-6119 Medium Updated the xnio module to version 3.8.16 to address the following security vulnerabilities:
  • BDSA-2023-3831
  • BDSA-2022-1913 (CVE-2022-0084)
 SSO Agent Geneos 7.0.4
UTL-1287 CVE-2024-6119 High The undertow-core module has been updated to version 2.3.17 to address the following security vulnerabilities:
  • BDSA-2024-5641 (CVE-2024-7885)
  • BDSA-2024-0321
  • BDSA-2024-4198
  • BDSA-2022-4041 (CVE-2022-4492)
  • BDSA-2024-3899
  • BDSA-2023-2318 (CVE-2023-3223)
  • BDSA-2023-3683
  • BDSA-2024-4195
  • BDSA-2023-0526 (CVE-2023-1108)
  • BDSA-2024-0322 (CVE-2024-1459)
  • BDSA-2022-2482
 SSO Agent Geneos 7.0.4
VI-9875 CVE-2024-47554 High The Commons IO library in the Web Server has been upgraded to version 2.17.0 to address the security vulnerability: CVE-2024-47554. Web Server Geneos 7.0.4

Geneos 7.0.3 Copied

Issue Key CVE Number CVE Severity Description Affected Components Fix Version
AA-7181 CVE-2024-6119 Medium Updated the base images of Gateway and Netprobe Docker containers to UBI 9.4-1227.1726694542 to address the security vulnerability: CVE-2024-6119. Docker Image Geneos 7.0.3

Geneos 7.0.2 Copied

Issue Key CVE Number CVE Severity Description Affected Components Fix Version
AA-7169 CVE-2024-34397 Medium Updated the base images of Gateway and Netprobe Docker containers to UBI 9.4-1227.1725849298 to address the security vulnerability: CVE-2024-34397. Docker Image Geneos 7.0.2
HAAW-478 CVE-2023-5072 High Updated the org.json:json dependency used by the Amazon Kinesis Client to version 20240303 to address the security vulnerability: CVE-2023-5072. AWS Geneos 7.0.2

Geneos 7.0.0 Copied

Issue Key CVE Number CVE Severity Description Affected Components Fix Version
COL-11885 CVE-2023-40400 (BDSA 2023-2588) High The libpcap has been upgraded to 1.11.0 to address the security vulnerability: CVE-2023-40400 (BDSA 2023-2588). Netprobe Geneos 7.0.0
VI-9820 QID 150896 High The Web Dashboard no longer shows Java Stack Traces when an exception occurs during loading. This addresses the security vulnerability: QID 150896. Web Server Geneos 7.0.0
COL-12154 CVE-2024-35255 Medium Updated the Azure identity dependency to address the security vulnerability: CVE-2024-35255. Azure Monitor Geneos 7.0.0
["Geneos"] ["Release Notes", "Upgrade Notes", "Security Updates"]

Was this topic helpful?