Does a CVE affect MetaDefender Core?

In today's rapidly evolving digital landscape, understanding the impact of security vulnerabilities is more crucial than ever. The Common Vulnerabilities and Exposures (CVE) list is an invaluable resource for identifying potential security risks associated with software products. This article provides a comprehensive overview of various CVEs, helping you determine whether MetaDefender Core is affected. By staying informed about these vulnerabilities, you can take proactive measures to protect your systems and data from potential threats.

CVESummary
CVE-2024-32113CVE-2024-32113 is the vulnerability of Apache OFBiz which we don't use in MetaDefender Core
CVE-2024-38856CVE-2024-32113 is the vulnerability of Apache OFBiz which we don't use in MetaDefender Core
CVE-2024-4367CVE-2024-4367 does not impact MetaDefender Core
CVE-2024-34342CVE-2024-34342 does not impact MetaDefender Core
CVE-2024-40725MetaDefender Core does not use Apache HTTP Server and is not affected by CVE-2024-40725
CVE-2024-40898MetaDefender Core does not use Apache HTTP Server and is not affected by CVE-2024-40898
CVE-2024-27348MetaDefender Core does not utilize Apache HugeGraph-Server in its architecture. As a result, it is not susceptible to the CVE-2024-27348 vulnerability
CVE-2018-25103MetaDefender Core does not use lighttpd, it is not affected by the vulnerabilities identified in CVE-2018-25103
CVE-2024-4603MetaDefender Core does not use either EVP_PKEY_param_check() or EVP_PKEY_public_check() hence it's not affected by CVE-2024-4603
CVE-2023-46589MetaDefender Coredoes not use Tomcat, so the product is not impacted by the CVE
CVE-2023-50164MetaDefender Coreis not built on Apache Struts which is affected by this CVE
CVE-2022-21724CVE-2022-21724 is not used by MetaDefender Core to make connections to Postgres, so the product is not impacted by the CVE
CVE 2018-2894MetaDefender Core doesn’t use Java, so this CVE doesn’t impact the product
CVE-2024-38819MetaDefender Core doesn’t use this framework, so this CVE doesn’t impact the product
CVE-2024-7348Since MetaDefender Core 5.11.1, we upgraded Postgres to a newer version to address this CVE
CVE-2024-3566Although MetaDefender Core executes another programs (Nginx, engine processes, engine installation scripts), we do not pass any user-input arguments to these programs. We are not affected by this CVE.
CVE-2024-27980MetaDefender Core does not use Node.js so it's not affected
CVE-2024-24576MetaDefender Core does not use Rust in its code so it's not affected
CVE-2024-10979MetaDefender Core does not use PL/Perl and PL/Python so it's not affected
CVE-2018-15133MetaDefender Core does not use PHP and Laravel so it's not affected
CVE-2023-40581CVE-2023-40581 affects yt-dlp, it does not impact MetaDefender Core functionality
CVE-2024-1874MetaDefender Core does not use PHP so it's not affected

If Further Assistance is required, please proceed to log a support case or chat with our support engineer.

Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard