article Question regarding Qlik Replicate and a Java SE Vulnerability in Official Support Articles https://community.qlik.com/t5/Official-Support-Articles/Question-regarding-Qlik-Replicate-and-a-Java-SE-Vulnerability/ta-p/2035633 <P><SPAN>It was reported that Qlik Replicate May 2022 (2022.5.0.291) version reports a Java SE vulnerability:&nbsp; &nbsp;&nbsp;</SPAN></P> <P class="lia-indent-padding-left-30px"><FONT face="courier new,courier"><SPAN>Plugin Output: Path&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; : /opt/attunity/replicate/jvm/&nbsp; Installed version : 11.0.14 Fixed version&nbsp;&nbsp;&nbsp;&nbsp; : Upgrade to version 11.0.16 or greater CVE-2022-21426,CVE-2022-21434,CVE-2022-21443,CVE-2022-21449,CVE-2022-21476,CVE-2022-21496 CVE-2022-21540,CVE-2022-21541,CVE-2022-21549,CVE-2022-25647,CVE-2022-34169</SPAN></FONT></P> <P>&nbsp;</P> <H4><FONT color="#339966"><STRONG>Environment</STRONG></FONT></H4> <UL> <LI><LI-PRODUCT title="Qlik Replicate" id="qlikReplicate"></LI-PRODUCT>&nbsp;version May 2022</LI> <LI>Linux</LI> </UL> <P>&nbsp;</P> <H3><FONT color="#339966"><STRONG>Resolution</STRONG></FONT></H3> <P class="lia-indent-padding-left-30px"><SPAN>Qlik Data Integration products use JVM version 11 for QEM/Replicate and also JVM version 8 for Compose.</SPAN></P> <P class="lia-indent-padding-left-30px"><SPAN><FONT color="#339966"><STRONG>There is no need to patch Qlik Replicate itself.&nbsp;</STRONG></FONT></SPAN></P> <P class="lia-indent-padding-left-30px"><SPAN>To address the security report, you can independently&nbsp;upgrade Java SE to 11.0.17 on the server Qlik Replicate is running on.</SPAN></P> <P>&nbsp;</P> <H3><FONT color="#339966"><STRONG>Internal Investigation ID(s)</STRONG></FONT>&nbsp;</H3> <P class="lia-indent-padding-left-30px">7345</P> Fri, 10 Feb 2023 12:31:48 GMT Dana_Baldwin 2023-02-10T12:31:48Z Question regarding Qlik Replicate and a Java SE Vulnerability https://community.qlik.com/t5/Official-Support-Articles/Question-regarding-Qlik-Replicate-and-a-Java-SE-Vulnerability/ta-p/2035633 <P><SPAN>It was reported that Qlik Replicate May 2022 (2022.5.0.291) version reports a Java SE vulnerability:&nbsp; &nbsp;&nbsp;</SPAN></P> <P class="lia-indent-padding-left-30px"><FONT face="courier new,courier"><SPAN>Plugin Output: Path&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; : /opt/attunity/replicate/jvm/&nbsp; Installed version : 11.0.14 Fixed version&nbsp;&nbsp;&nbsp;&nbsp; : Upgrade to version 11.0.16 or greater CVE-2022-21426,CVE-2022-21434,CVE-2022-21443,CVE-2022-21449,CVE-2022-21476,CVE-2022-21496 CVE-2022-21540,CVE-2022-21541,CVE-2022-21549,CVE-2022-25647,CVE-2022-34169</SPAN></FONT></P> <P>&nbsp;</P> <H4><FONT color="#339966"><STRONG>Environment</STRONG></FONT></H4> <UL> <LI><LI-PRODUCT title="Qlik Replicate" id="qlikReplicate"></LI-PRODUCT>&nbsp;version May 2022</LI> <LI>Linux</LI> </UL> <P>&nbsp;</P> <H3><FONT color="#339966"><STRONG>Resolution</STRONG></FONT></H3> <P class="lia-indent-padding-left-30px"><SPAN>Qlik Data Integration products use JVM version 11 for QEM/Replicate and also JVM version 8 for Compose.</SPAN></P> <P class="lia-indent-padding-left-30px"><SPAN><FONT color="#339966"><STRONG>There is no need to patch Qlik Replicate itself.&nbsp;</STRONG></FONT></SPAN></P> <P class="lia-indent-padding-left-30px"><SPAN>To address the security report, you can independently&nbsp;upgrade Java SE to 11.0.17 on the server Qlik Replicate is running on.</SPAN></P> <P>&nbsp;</P> <H3><FONT color="#339966"><STRONG>Internal Investigation ID(s)</STRONG></FONT>&nbsp;</H3> <P class="lia-indent-padding-left-30px">7345</P> Fri, 10 Feb 2023 12:31:48 GMT https://community.qlik.com/t5/Official-Support-Articles/Question-regarding-Qlik-Replicate-and-a-Java-SE-Vulnerability/ta-p/2035633 Dana_Baldwin 2023-02-10T12:31:48Z