Grails: 1.3.9 → 3.3.15
Grails · upgrade impact · Official site ↗
Fixed by upgrading to 3.3.15 iVulnerabilities that affect 1.3.9 but no longer affect 3.3.15 — the security gain from this upgrade, by exploited status then exploitation probability.
Exploited first, then by exploitation probability (EPSS).
CVE-2019-12728 HIGH EPSS 1% ✓ cleared in 3.3.15Still open in 3.3.15 iKnown vulnerabilities that affect 3.3.15 too — upgrading to it does not clear these.
These affect 3.3.15 as well — a later release may be needed.
CVE-2023-46131 MEDIUM EPSS 1% → fixed in 6.1.0