3rd Party Security Vulnerabilities

The Tungsten products use a number of 3rd Party libraries, such as log4j. From time to time security vulnerabilities are identified in these libraries. When this occurs, we investigate the implications and where possible provide updated libraries.

In some cases, we cannot back-port newer libraries into older releases, and upgrading Tungsten would be the only option to mitigate these 3rd party vulnerabilities.

This section outlines the current known vulnerabilities and the actions taken by Continuent to mitigate the risk.