Fix for CVE-2021-41556
|Priority:||Normal (Code 4)||Due date:|
The vulnerable has been found in Squirrel script engine, which might lead to code exploits.
Fix shall be back-ported from Squirrel script main repositories.
Mavimax customer shall have no worry about this vulnerable, because currently script engine is not used in Enduro/X productive operations. Squirelscript currently is only used for configuration file and source code generation, which is one time event, purely run by developers, not network attached, and does not take any part in UBF/XATMI/transactions processing.
For compliance reasons the fix shall be backported and put in latest Enduro/X release.
FIx has been backported in https://github.com/endurox-dev/endurox/commit/7e9870f2d46f7e17a4d97213e27e224af20037fa
Available from Enduro/X version 7.5.36+.