Yetiforcecrm: Vulnerabilities in libraries

Created on 22 Nov 2018  ·  5Comments  ·  Source: YetiForceCompany/YetiForceCRM

Vulnerabilities in libraries
Vulnerabilities in libraries were detected, it is recommended to update them quickly.
Vulnerabilities:
phpmailer/phpmailer(v6.0.5):
Object injection CVE-2018-19296
phpoffice/phpspreadsheet(1.3.1):
XXE Vulnerability CVE-2018-19277

Is any update available?

Your Environment

  • YetiForce Version used: 4.4.0
  • Browser name and version:
  • Environment name and version:
  • Operating System and version:
❕ priority 🐛 bug
Source
picture manwenick

Most helpful comment

@mariuszkrzaczkowski I downloaded a false file, it was not complete. Sorry.
The issue is solved!
Thank you!

picture manwenick on 27 Nov 2018
🎉21

All 5 comments

It will be ready for tomorrow morning.

bpabiszczak picture bpabiszczak on 22 Nov 2018
👍2

Fixed
https://github.com/YetiForceCompany/YetiForceCRM/releases/tag/4.4.0
https://github.com/YetiForceCompany/YetiForceCRM/releases/download/4.4.0/4.4.0_SecurityPHPMailerAndPhpSpreadsheetFix.zip

mariuszkrzaczkowski picture mariuszkrzaczkowski on 23 Nov 2018

Hello @mariuszkrzaczkowski,
I tried to install the fix, but it doesn't work.
I get a notification: Module does not contain default language (en_us).
What does it mean and how can I solve this?
modul does not contain

Thank you!

manwenick picture manwenick on 26 Nov 2018

@mariuszkrzaczkowski I downloaded a false file, it was not complete. Sorry.
The issue is solved!
Thank you!

manwenick picture manwenick on 27 Nov 2018
🎉21

Does it work for yetiforce v5.3.0 too ??
I am having same issue

rohanjhanepal picture rohanjhanepal on 18 Sep 2020
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

MacarenaReina picture MacarenaReina  ·  3Comments
vovpff picture vovpff  ·  3Comments
skramanzia picture skramanzia  ·  3Comments
scsikid picture scsikid  ·  3Comments
michelmarquesrj picture michelmarquesrj  ·  3Comments