Welcome to intarsys

Vulnerability CVE-2022-42889

Sign Live! CC v7.1.12 and older use the commons-text library version 1.9, for which the vulnerability CVE-2022-42889 was published.

Despite the high rating, there is no risk for you, as the library is only parameterized internally within the application and never comes into contact with external inputs. Exploitation of the vulnerability by an attacker outside the system can therefore be ruled out.

The library is expected to be updated by the end of 2024 as part of a Sign Live! CC release.

As the first long-term storage solution available on the market, the proNEXT Archive Manager from the procilon GROUP has received the TR-ESOR certificate from the BSI according to the new version...