Update from October 4, 2023
Affected components
- Dynatrace Synthetic
- Public Synthetic locations
- Fully updated to mitigate CVE-2023-4863.
- Private Synthetic locations (Synthetic-enabled ActiveGate)
- Updates that fix CVE-2023-4863 are available for the following versions of the Synthetic Module for all operating systems (Windows, Ubuntu 20, Ubuntu 22, Red Hat Enterprise Linux, Cent OS)
- 1.275.47 and higher
- 1.273.43 and higher
- 1.271.48 and higher
- Please see Update ActiveGate for further details on how to install the latest versions of Dynatrace Private Synthetic locations.
- Updates that fix CVE-2023-4863 are available for the following versions of the Synthetic Module for all operating systems (Windows, Ubuntu 20, Ubuntu 22, Red Hat Enterprise Linux, Cent OS)
- Public Synthetic locations
Update from October 2, 2023
Affected components
- Dynatrace Synthetic
- Public Synthetic locations
- Fully updated to mitigate CVE-2023-4863.
- Private Synthetic locations (Synthetic-enabled ActiveGate)
- Updates that fix CVE-2023-4863 are available for the following versions of the Synthetic Module for Windows, Ubuntu 20, and Ubuntu 22:
- 1.275.43 and higher
- 1.273.40 and higher
- 1.271.47 and higher
- Please see Update ActiveGate for further details on how to install the latest versions of Dynatrace Private Synthetic locations.
- Updates that fix CVE-2023-4863 are available for the following versions of the Synthetic Module for Windows, Ubuntu 20, and Ubuntu 22:
- Public Synthetic locations
Update from September 29, 2023
The Dynatrace team has analyzed each occurrence of the vulnerable WebP library. The only affected component is Dynatrace Synthetic (see details below).
Affected components
- Dynatrace Synthetic
- Public Synthetic locations
- Fully updated to mitigate CVE-2023-4863.
- Private Synthetic locations (Synthetic-enabled ActiveGate)
- Updates available soon.
- Public Synthetic locations
Update from September 28, 2023
The Dynatrace team is actively reviewing the recently published WebP vulnerability (CVE-2023-4863).
Dynatrace Application Security continuously validates that any occurrence of the vulnerable WebP library is rapidly detected and remediated on all production systems.
We will continue to assess the situation and provide further status updates on this page.
Notice
This document is provided on an “as is” basis, with no express or implied warranties. Some of the information provided may come from third parties. Your use of the information in the document or materials linked from the document is at your own risk. Dynatrace reserves the right to change or update this document without notice at any time. Dynatrace expects to update this document as new information becomes available.
