Current ThreatQ Version Filter
ThreatQ v6 Security Updates
TQ 6.11.2
| Updated To | CESA Reference | |
|---|---|---|
| Falco | helm chart 4.21.3 | N/A |
TQ 6.9.1
| Updated To | CESA Reference | |
|---|---|---|
| Fluentbit Upgrade | fluentbit 4.0.1 | CVE-2024-5535 CVE-2024-4741 CVE-2024-2511 CVE-2024-12133 CVE-2023-5678 CVE-2024-9143 CVE-2024-0727 |
TQ 6.8.0
| Updated To | CESA Reference | |
|---|---|---|
| Python Dockerfile | setuptools 78.1.0 | CVE-2024-6345 |
TQ 6.7.4
| Updated To | CESA Reference | |
|---|---|---|
| Ingress NGINX Controller | To address Ingress NGINX Controller for Kubernetes vulnerabilities, we upgraded the following components. We also took additional steps to reduce potential ingress-nginx attack surface. | |
| ingress-nginx-controller v1.12.1 helm_chart_version 4.12.1 |
CVE-2025-24514 CVE-2025-1097 CVE-2025-1098 CVE-2025-1974 |
|
| TAXIII Server Container | aiohttp 3.11.13 | CVE-2024-52303 CVE-2024-52304 |
| jinja2 3.1.6 | CVE-2024-56201 CVE-2024-56326 |
|
TQ 6.7.3
| Updated To | CESA Reference | |
|---|---|---|
| Load Balancer (Hosted Systems) | Updated the load balancer configuration on hosted systems to start applying various security-related HTTP headers. | |
| Apache Tika Update | Upgraded to Apache Tika 3.1.0 (CVE-2024-8184). | |
| Websocket Server | axios 1.7.9 | CVE-2024-39338 |
| cookie 1.0.2 | CVE-2024-47764 | |
| socket.io 4.8.1 | N/A | |
| Frontend Server | axios 1.7.9 | CVE-2024-39338 |
| express 4.21.2 | N/A | |
TQ 6.6.0
| Updated To | CESA/GITHUB Reference | |
|---|---|---|
| Cross-Site Scripting (XSS) | Added output sanitization measures to the ThreatQ frontend to prevent cross-site scripting (XSS) attacks. | |
| Pynoceros Container | idna 3.10 | CVE-2024-3651 |
| cryptography 43.0.3 | GHSA-h4gh-qq45-vh27 | |
| aiohttp 3.11.5 | CVE-2024-27306 CVE-2024-30251 | |
| requests 2.32.3 | CVE-2024-35195 | |
| zipp 3.2.10 | CVE-2024-5569 | |
| PyMySQL 1.1.1 | CVE-2024-36039 | |
TQ 6.5.1
| Updated To | CESA/GITHUB Reference | |
|---|---|---|
| Strict Transport Security | Added strict transport security including a max age setting to response headers. | |
TQ 6.5.0
| Updated To | CESA/GITHUB Reference | |
|---|---|---|
| Tika Container | OpenJDK 17.0.12 | CVE-2024-21131 CVE-2024-21140 CVE-2024-21145 CVE-2024-21147 |
| Solr-backup-handler | body-parser 1.20.3 | CVE-2024-45590 |
| express 4.21.1 | CVE-2024-43796 | |
| send 0.19.0 | CVE-2024-43799 | |
| serve-static 1.16.2 | CVE-2024-43800 |
TQ 6.4.0
| Updated To | CESA/GITHUB Reference | |
|---|---|---|
| Alpine Update | Updated the API container image to Alpine 3.20. | |
| AWS ALB Policy Update | Changed the policy selected for the AWS Application Load Balancer (ALB) to ELBSecurityPolicy-TLS13-1-2-Res-2021-06 to prevent the use of ciphers that provide weak encryption on hosted systems. | |
| Falco | Helm Chart 4.8.3 | CVE-2022-48303 CVE-2024-6104 CVE-2022-48174 CVE-2022-28391 CVE-2023-46129 CVE-2023-39325 CVE-2023-42366 CVE-2023-42363 CVE-2023-42364 CVE-2023-42365 CVE-2023-48795 CVE-2023-3978 GHSA-m5vv-6r4h-3vj9 GHSA-45x7-px36-x8w8 |
| NGINX Ingress | Controller 1.11.2 | CVE-2022-48174 CVE-2024-6197 CVE-2024-25062 CVE-2023-42366 CVE-2023-42363 CVE-2023-42364 CVE-2023-42365 CVE-2024-0853 CVE-2024-6874 CVE-2023-33460 CVE-2020-8561 CVE-2024-7264 |
| Frontend | Axios v1.7.7 | CVE-2024-39338 CVE-2023-45857 GHSA-8hc4-vh64-cxmj GHSA-wf5p-g6vw-rhxx |
| body-parser v1.20.3 | GHSA-qwcr-r2fm-qrc7 | |
| express v4.21.0 | GHSA-rv95-896h-c2vc GHSA-qw6h-vgh9-j6wx |
|
| follow-redirects v1.15.6/8 | CVE-2023-26159 GHSA-jchw-25xp-jwwc GHSA-cxjh-pqwp-8mfp |
|
| path-to-regexp v0.1.10 | GHSA-9wv6-86v2-598j | |
| pug v3.0.3 | GHSA-3965-hpx2-q597 | |
| pug-code-gen v3.0.3 | GHSA-3965-hpx2-q597 | |
| send v0.19.0 | GHSA-m6fv-jmcg-4jfg | |
| serve-static v1.16.2 | GHSA-cm22-4g7w-348p | |
TQ 6.3.0
| Updated To | |
|---|---|
| Illuminate Encryption Keys | Updated ThreatQ deployments to generate unique Illuminate encryption keys. |
| Alpine Linux Base Image | Moved the API container to an Alpine Linux base image that does not include ImageMagick. This addresses multiple security vulnerabilities associated with ImageMagick. |
| Apache Tika | Updated to Apache Tika 2.9.2.1. |
| Image Endpoint Update | Modified the user image upload endpoint to prevent remote code execution (RCE). |
| ws Package Update | Updated the ws package in the frontend and websocket-server repositories to 8.17.1. |
| Falco Rules Updates | Modified the Falco Rules update process to allow more frequent updates to security monitoring rules for hosted customers. |
| Web Application Firewall | Enabled the Web Application Firewall for hosted customers. |
| Installer | To support Security Technical Implementation Guide (STIG) installs of ThreatQ 6x, updated installer to add the executables embedded in the terraform provider directories to the trusted executables database for the file access policy daemon (fapolicyd). |