Does a CVE affect MetaDefender Core?
In today's rapidly evolving digital landscape, understanding the impact of security vulnerabilities is more crucial than ever. The Common Vulnerabilities and Exposures (CVE) list is an invaluable resource for identifying potential security risks associated with software products. This article provides a comprehensive overview of various CVEs, helping you determine whether MetaDefender Core is affected. By staying informed about these vulnerabilities, you can take proactive measures to protect your systems and data from potential threats.
| CVE | Summary |
|---|---|
| CVE-2024-32113 | CVE-2024-32113 is the vulnerability of Apache OFBiz which we don't use in MetaDefender Core |
| CVE-2024-38856 | CVE-2024-32113 is the vulnerability of Apache OFBiz which we don't use in MetaDefender Core |
| CVE-2024-4367 | CVE-2024-4367 does not impact MetaDefender Core |
| CVE-2024-34342 | CVE-2024-34342 does not impact MetaDefender Core |
| CVE-2024-40725 | MetaDefender Core does not use Apache HTTP Server and is not affected by CVE-2024-40725 |
| CVE-2024-40898 | MetaDefender Core does not use Apache HTTP Server and is not affected by CVE-2024-40898 |
| CVE-2024-27348 | MetaDefender Core does not utilize Apache HugeGraph-Server in its architecture. As a result, it is not susceptible to the CVE-2024-27348 vulnerability |
| CVE-2018-25103 | MetaDefender Core does not use lighttpd, it is not affected by the vulnerabilities identified in CVE-2018-25103 |
| CVE-2024-4603 | MetaDefender Core does not use either EVP_PKEY_param_check() or EVP_PKEY_public_check() hence it's not affected by CVE-2024-4603 |
| CVE-2023-46589 | MetaDefender Coredoes not use Tomcat, so the product is not impacted by the CVE |
| CVE-2023-50164 | MetaDefender Coreis not built on Apache Struts which is affected by this CVE |
| CVE-2022-21724 | CVE-2022-21724 is not used by MetaDefender Core to make connections to Postgres, so the product is not impacted by the CVE |
| CVE 2018-2894 | MetaDefender Core doesn’t use Java, so this CVE doesn’t impact the product |
| CVE-2024-38819 | MetaDefender Core doesn’t use this framework, so this CVE doesn’t impact the product |
| CVE-2024-7348 | Since MetaDefender Core 5.11.1, we upgraded Postgres to a newer version to address this CVE |
| CVE-2024-3566 | Although MetaDefender Core executes another programs (Nginx, engine processes, engine installation scripts), we do not pass any user-input arguments to these programs. We are not affected by this CVE. |
| CVE-2024-27980 | MetaDefender Core does not use Node.js so it's not affected |
| CVE-2024-24576 | MetaDefender Core does not use Rust in its code so it's not affected |
| CVE-2024-10979 | MetaDefender Core does not use PL/Perl and PL/Python so it's not affected |
| CVE-2018-15133 | MetaDefender Core does not use PHP and Laravel so it's not affected |
| CVE-2023-40581 | CVE-2023-40581 affects yt-dlp, it does not impact MetaDefender Core functionality |
| CVE-2024-1874 | MetaDefender Core does not use PHP so it's not affected |
If Further Assistance is required, please proceed to log a support case or chat with our support engineer.
Was this page helpful?