Cyber security

Dependency-Track 4.11.4 : Enhancements, Bug Fixes, And Security Updates

For official releases, refer to Dependency Track Docs >> Changelogs for information about improvements and upgrade notes.
If additional details are required, consult the closed issues for this release milestone.

# SHA1
19531d4f02cccf26478b3a63feba355da8726b3f  dependency-track-apiserver.jar
3c4bb658783157ae9c408b8323e25e55c9ab25fd  dependency-track-bundled.jar
# SHA256
9a09259ba4c19d02b81a39fb5894df758f19ff1bb43538d4b999b4a5789a9d9b  dependency-track-apiserver.jar
73fc867d347da8a8af14f8c6812e13b870037a28d7de83e2837db9c27d840100  dependency-track-bundled.jar
# SHA512
a357be2617e9da6d4eaf19120316927ccddbc1290b9f0179287619864ffe2f6a349c9cab729853469425e273662e64cb49a4ede5498da937817b3cda01997af9  dependency-track-apiserver.jar
13fbf6477f2820b0926ad082063332e9f34de622e64b11cfe0fa4574ba5d2d9f41c06c791740ddb69a34fc71e21b6456f20c36018eb2b52e0664fdc47a41645f  dependency-track-bundled.jar

What’s Changed

Enhancements

  • Backport: Support ingestion of CycloneDX v1.6 BOMs by @nscuro in #3863

Bug Fixes

  • Backport: Fix inverted “show inactive” filter in vulnerability audit view by @nscuro (original change by @2000rosser) in #3864
  • Backport: Fix BOM validation failing when URL contains encoded [ and ] characters by @nscuro in #3866
  • Backport: Fix external references not being updated via POST /v1/component by @nscuro (original change by @sahibamittal) in #3867
  • Backport: Prevent XXE injection during CycloneDX validation and parsing by @nscuro in #3871

Dependency Updates

  • Backport: Bump bundled frontend to 4.11.4 by @nscuro in #3875
Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Recent Posts

Log Analysis Fundamentals

Introduction In cybersecurity and IT operations, logging fundamentals form the backbone of monitoring, forensics, and…

17 hours ago

Networking Devices 101: Understanding Routers, Switches, Hubs, and More

What is Networking? Networking brings together devices like computers, servers, routers, and switches so they…

1 day ago

Sock Puppets in OSINT: How to Build and Use Research Accounts

Introduction In the world of Open Source Intelligence (OSINT), anonymity and operational security (OPSEC) are…

1 day ago

What is SIEM? Complete Guide to Security Information and Event Management

Introduction As cyber threats grow more sophisticated, organizations need more than just firewalls and antivirus…

2 days ago

Website OSINT: Tools and Techniques for Reconnaissance

Introduction When it comes to cybersecurity and ethical hacking, one of the most effective ways…

2 days ago

Top OSINT Tools to Find Emails, Usernames and Passwords

Introduction In the world of cybersecurity, knowledge is power. One of the most powerful skillsets…

3 days ago