Fusion Metadata Registry 10.7.0 OWASP Analysis

From Fusion Registry Wiki
Revision as of 01:38, 24 May 2021 by Plazarou (talk | contribs) (Created page with "=== Overview === The following details the OWASP analysis of Fusion Metadata Registry version '''10.7.0''' === Environment === The OWASP command-line client was run against...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Overview

The following details the OWASP analysis of Fusion Metadata Registry version 10.7.0

Environment

The OWASP command-line client was run against the Fusion Metadata Registry version 10.7.0

  • OWASP Cli version: dependency-check version: 6.1.6
  • Java version "1.8.0_172"
  • Operating System: Windows 10.0.19042.928
  • Date performed: 10th May 2021

Overview of Report

The report revealed 1 vulnerable dependency:

1. bootstrap.bundle.min.js - version 4.0.0 - bundled with the Data Browser

Issue: This is a cross-site scripting issue rated as severity "MEDIUM".

Action: Since the Data Browser is now deprecated and will not ship with Fusion Registry 11, no action will be taken.

Attached Report

A PDF of the OWASP dependency report can be obtained here .