/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
- SAP ABAP UI5 based applications has a vulnerability caused by an outdated UI5 component delivered by SAP
- The application is currently using the JSZip package version 3.7.1.
- This package has known security vulnerabilities which can cause Arbitrary File Write, under certain circumstances
- Are there already any SAP UI5 Versions available that contain a newer jszip package an in case yes, which?
- How does SAP ensure the patching of vulnerable 3rd party products within SAP UI5?
Read more...
Environment
SAPUI5 1.71.55
Product
SAPUI5 1.0
Keywords
"SAP_UI contains vulnerable 3rd party packages","CVE-2022-48285","known security vulnerabilities which can cause Arbitrary File Write" , KBA , CA-UI5-TBL , SAP UI5 table, smart table, list and tree controls , CA-UI5-COR , Core and Runtime , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)