SAS® Studio Basic 3.82 and SAS® Studio Basic 3.83 contain multiple libraries with known vulnerabilities


Severity: High

Description: SAS Studio Basic on SAS® 9.4M8 (TS1M8) and SAS® 9.4M9 (TS1M9) contains multiple libraries with known vulnerabilities.

com.fasterxml.jackson.core

org.springframework:spring-webmvc

org.springframework.security:spring-security-web

org.apache.logging.log4j:log4j-core

Potential Impact: This vulnerability might allow Denial of Service. See the GHSA and CVE records for additional information.