It was reported that Qlik Replicate May 2022 (2022.5.0.291) version reports a Java SE vulnerability:
Plugin Output: Path : /opt/attunity/replicate/jvm/ Installed version : 11.0.14 Fixed version : Upgrade to version 11.0.16 or greater CVE-2022-21426,CVE-2022-21434,CVE-2022-21443,CVE-2022-21449,CVE-2022-21476,CVE-2022-21496 CVE-2022-21540,CVE-2022-21541,CVE-2022-21549,CVE-2022-25647,CVE-2022-34169
Environment
Resolution
Qlik Data Integration products use JVM version 11 for QEM/Replicate and also JVM version 8 for Compose.
There is no need to patch Qlik Replicate itself.
To address the security report, you can independently upgrade Java SE to 11.0.17 on the server Qlik Replicate is running on.
Internal Investigation ID(s)
7345