Content matrix
| Version |
Summary of content |
Comments |
| 2.12.11-funcrel |
Feature improvements and customer bug fixes. |
Can be used with:
|
| 2.12.10-funcrel |
Customer bug fixes. |
Can be used with:
|
| 2.12.9-funcrel |
Customer bug fixes/minor feature improvements. |
As above. |
| 2.12.8-funcrel |
Customer bug fixes/minor feature improvements. |
As above. |
| 2.12.7-funcrel |
Customer bug fixes/minor feature improvements. |
As above. |
| 2.12.6-funcrel |
Customer bug fixes. |
As above. |
| 2.12.5-funcrel |
Customer bug fixes. |
As above. |
| 2.12.4-funcrel |
Minor bug fix. |
As above. |
| 2.12.3-funcrel |
Customer bug fixes. |
As above. |
| 2.12.2-funcrel |
Minor bug fix. |
As above. |
| 2.12.1-funcrel |
Minor bug fix. |
As above. |
| 2.12.0-funcrel |
Minor improvements and bug fixes. |
As above. |
2.12.11-funcrel
Note
This release of the CAST Dashboards can be used with both CAST Imaging/Console V2 and CAST Imaging V3.
Feature Improvements
| Summary |
Details |
| Action Plan: Enable controlled violation exclusion via Exclusion Manager flag |
Action Plan Exclusion allows users to mark certain action plan items, so they are not included in quality calculations. Any authorized user can request an exclusion, and an Exclusion Manager will review and either approve or reject it. See Security Dashboard - Action Plan. |
| Support for OWASP 2025 and CWE Top 25 2025 reports |
The dashboard now supports OWASP 2025 and CWE Top 25 2025 reports. |
Resolved Issues
| Customer Ticket Id |
Details |
| 56350 |
GreenIT configuration is now included by default in Docker image configuration files. Previously, customers had to manually modify configurations to enable the Green IT tiles. Additionally, a new optional volume mount (-v <path>:/cast/config_data) allows users to persist and customise dashboard configuration files across container restarts. |
| 56623 |
Added support for configuring SAML authentication settings (entityId, SuccessRedirectHandler, defaultTargetUrl, and load balancer options) directly when running the Management/Engineering Docker containers. Previously, users had to manually edit application-security-saml.xml inside the container. |
| 56860 |
The dashboard Docker container now supports a JAVA_OPTS environment variable (e.g., -e JAVA_OPTS="-Xms512m -Xmx2g") to allow JVM heap memory tuning at startup. Previously, JAVA_OPTS was not exposed, which could lead to heap saturation on memory-constrained VMs using JVM defaults. |
| 58603 |
Resolved an Apache Log4j SSL Hostname Verification Bypass vulnerability (CVE-2026-34477) across dashboard components by upgrading Log4j from 2.17.1 to 2.25.4. |
2.12.10-funcrel
Note
This release of the CAST Dashboards can be used with both CAST Imaging/Console V2 and CAST Imaging V3.
Resolved Issues
| Customer Ticket Id |
Details |
| 55306 |
Fixed an issue where a random bookmark not related to the file is shown, when view file option is selected. |
| 55483 |
This issue occurred due to a default limitation of rendering more than 1,000 data points and as a result charts were unable to display large datasets correctly. We have now included a patch that removes this limit and allows the chart to render all data points as expected. |
2.12.9-funcrel
Note
This release of the CAST Dashboards can be used with both CAST Imaging/Console V2 and CAST Imaging V3.
Feature Improvements
| Summary |
Details |
| Support for OWASP Top Ten API 2023 reports |
New OWASP Top Ten API 2023 reports have been added to the Security Dashboard. |
Resolved Issues
| Customer Ticket Id |
Details |
| 53397 |
Fixes an issue where the Dashboards are not accessible after adding users/roles. This is caused by null values being created when assigning a role to multiple users. |
| 53732 |
Fixes an issue causing the Action Plan in the Security Dashboard to not display some entries. |
2.12.8-funcrel
Note
This release of the CAST Dashboards can be used with both CAST Imaging/Console V2 and CAST Imaging V3.
Feature Improvements
| Summary |
Details |
|
UI improvements to display of LOC values
|
Changes have been made in all dashboards to improve how LOC (Line of Code) values are displayed to ensure easy understanding: the "Application Components" tile in the Engineering Dashboard / Security Dashboard has been enlarged with improved labelling, and the Technical Size tile in the Management Dashboard has been clarified. Tooltips have also been added.
|
Resolved Issues
| Customer Ticket Id |
Details |
| 51937 |
Fixes an issue causing an error when filtering the Action Plan when a single quote is present in comment text. |
| 52421 |
Fixes CVE-2025-24813 found in CAST Dashboards. Note that this fix has an impact on those using Apache Tomcat to run the dashboards: see CVE fix impacts for more information. |
2.12.7-funcrel
Feature Improvements
| Summary |
Details |
| New report for STIG V6 standard |
A new STIG V6 report has been added to the PDF report generation feature. |
| Improve LOC value display in tiles |
The LOC values available in tiles in all dashboards will now show both new (66071) and old (10151) metric IDs. Drill-downs continue to show the old (10151) metric ID. Tool tip info bubbles have been updated to explain the change. |
| Support the CWE Top 25 2024 |
A new CWE Top 25 2024 has been added to the PDF report generation feature. |
Resolved Issues
| Customer Ticket Id |
Details |
| 50917 |
Fixes an issue where the sort option does not function correctly in the exclusion list. |
| 50896 |
Fixes an issue where the latest snapshot is not displayed even after reloading cache using "server/refresh" API. |
| 51573 |
Fixes an issue causing performance issues while loading the violations. |
| 51086 |
Fixes an issue causing the need to action a manual reload after removing re-solved violations. |
2.12.6-funcrel
Resolved Issues
| Customer Ticket Id |
Details |
| 50455 |
Fixes an issue where the ratio of comment lines to code lines in the dashboard returns an integer value instead of decimal value. |
2.12.5-funcrel
Resolved Issues
| Customer Ticket Id |
Details |
| 48716 |
Fixes an issue causing attempts to exclude rules in the Engineering Dashboard to fail due to the RestAPI returning 403 "forbidden" responses.
|
| 46813 |
Dashboards fail to start with error "org.springframework.beans.factory.parsing.BeanDefinitionParsingException" when SAML authentication is configured.
|
2.12.4-funcrel
Other Updates
| Internal Id |
Details |
| IMAGKSL-1016 |
Minor update to ensure compatibility with CAST Imaging v3.
|
2.12.3-funcrel
Resolved Issues
| Customer Ticket Id |
Details |
| 47517 |
Fixes an issue where it is impossible to access the Action Plan Recommendation interface due to an "internal server 500 error" on the "action-plan/summary" API.
|
2.12.2-funcrel
Other Updates
| Internal Id |
Details |
| IMAGKSL-874 |
Minor update to ensure compatibility with CAST Imaging v3.
|
2.12.1-funcrel
Other Updates
| Internal Id |
Details |
| DASHBOARDS-0000 |
Various technical improvements have been added in order to ensure that Dashboards are compatible with CAST Imaging v3. |
2.12.0-funcrel
Feature Improvements
| Summary |
Details |
| Support for PCI DSS v4.0 |
Dashboard now supports the download of latest PCI DSS v4.0 report from "Report Generator". |
| Support the CWE Top 25 2023 |
Dashboard supports the download of latest CWE 2023 report from "Report Generator". |
Other Updates
| Internal Id |
Details |
| DASHBOARDS-5169 |
Fixes an issue wherein the font size and style for the previously selected “Exclude” criteria were not consistent. After the fix they are consistent. |
Resolved Issues
| Customer Ticket Id |
Details |
| 45568 |
CWE Detailed Report template - Section "CAST Findings Details for CWE" - value limited to 3. |
| 46379 |
Fixed bad connection definition. |