Summary
CVE Number | Severity | Product | Platform | Impact | Resolved |
---|---|---|---|---|---|
CVE-2022-3786 CVE-2022-3602 | High | FME Desktop FME Server | Windows macOS Red Hat 7 CentOS 7 | 2022.1.x 2022.2 Beta | 2022.2 Official Release |
Ubuntu Debian Red Hat 8 Rocky Linux 8 Docker/K8S | Not Affected | N/A | |||
FME License Server FME Cloud FME Mobile Apps | All | Not Affected | N/A |
FME Desktop & FME Server
FME 2022.1 and later on Windows, macOS, and Red Hat 7/CentOS 7 contain the impacted software component. As a best practice, we recommend administrators download and install 2022.2.FME 2022.0 and earlier do not contain the library version associated with the vulnerability and are not affected.
FME (all versions) on Ubuntu, Debian, and Red Hat 8/Rocky Linux 8 and FME Server launched through Docker/Kubernetes are not affected.
FME License Server, FME Cloud & FME Mobile Apps
All versions of FME License Server (using FlexLM/FlexNet Publisher) and FME Cloud instances are not affected by the vulnerabilities as described in CVE-2022-3786 and CVE-2022-3602.The FME AR and FME Data Express mobile applications (iOS and Android) do not include any version of OpenSSL, therefore these applications are not affected by the vulnerabilities.
Comments
0 comments
Please sign in to leave a comment.