A new update is available for SAS Studio , version 3.71 :
Issues addressed in C2L008
| SAS Note 64868 | SAS® Studio Basic edition contains Java libraries with known vulnerabilities: CVE-2019-10086, CVE-2018-18928 |
| SAS Note 65434 | The SAS Table Properties window in SAS® Studio shows \"Date created\" and \"Date modified\" dates of Dec 31, 1959, 11:00:00 PM |
| SAS Note 65435 | You can change the default output library for queries in SAS® Studio |
| SAS Note 65443 | SAS® Studio has an injection vulnerability that permits execution of code into Apache Velocity templates |
| SAS Note 65473 | SAS® Studio contains cross-site scripting vulnerabilities in multiple JSP files |
| This list of notes might be incomplete. For a complete list of issues addressed by this hot fix, visit the hot fix page for C2L008 |
Note: A comprehensive list of all SAS hot fixes is available from support.sas.com. You can use the SAS Hot Fix Analysis, Download, and Deployment (SASHFADD) tool to manage your SAS hot fixes.
