Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Qlik Connect 2024! Seize endless possibilities! LEARN MORE
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
nvankorlaar
Partner - Contributor III
Partner - Contributor III
‎2023-04-24 05:24 AM

Support newer versions Node.JS

Hi,

When will Qlik Alerting support newer versions of Node.JS?

This is due to the following vulnerabilities, which are marked as high risk by the Dutch Cyber Security Center:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36067
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29017
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29199
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30547

Or can someone from Qlik confirm if this is also an risk for node.js used by Qlik Alerting.

 

Labels (1)
Labels
350 Views
0 Likes
2 Replies
Lucas_Gatling
Support
Support
‎2023-04-24 07:08 AM

What version of Node.JS do you have installed? Qlik Alerting Oct. 21 supports versions Versions 10.x to 16.18 of Node.JS

 

https://help.qlik.com/en-US/alerting/October2021/Content/QlikAlerting/installation-prerequisites.htm

If the issue is solved please mark the answer with Accept as Solution.
331 Views
nvankorlaar
Partner - Contributor III
Partner - Contributor III
‎2023-04-24 10:07 AM
Author

We always install the latest version, so in this case 16.18, according to what i can see this has VM2 version 3.9.9 which has the sandbox breakout vulnerability as posted before. VM2 needs to be at least version 3.9.11 for this to be resolved.

320 Views
0 Likes