3.4 - Security fixes

---

Security fixes provided in 3.4.1-funcrel

CAST service	CVE	Severity	Description	Affected CAST release
analysis-node	CVE-2021-3572	HIGH	python-pip: Incorrect handling of unicode separators in git references	3.4.0-funcrel
analysis-node	CVE-2022-40897	HIGH	pypa-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py	3.4.0-funcrel
analysis-node	CVE-2022-41404	HIGH	org.ini4j: unspecified DoS	3.4.0-funcrel
analysis-node	CVE-2024-6345	HIGH	pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools	3.4.0-funcrel
analysis-node	CVE-2025-47273	HIGH	setuptools: Path Traversal Vulnerability in setuptools PackageIndex	3.4.0-funcrel
dashboards	CVE-2022-41404	HIGH	org.ini4j: unspecified DoS	3.4.0-funcrel
sso-service	CVE-2025-49146	HIGH	pgjdbc: pgjdbc insecure authentication in channel binding	3.4.0-funcrel

Security fixes provided in 3.4.0-funcrel

CAST service	CVE	Description	Affected CAST release
admin-center	CVE-2025-48988	tomcat: Apache Tomcat DoS in multipart upload	3.3.0-funcrel
admin-center	CVE-2025-49146	pgjdbc: pgjdbc insecure authentication in channel binding	3.3.0-funcrel
analysis-node	CVE-2025-48734	commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum’s declaredClass property by default	3.3.0-funcrel
analysis-node	CVE-2025-48988	tomcat: Apache Tomcat DoS in multipart upload	3.3.0-funcrel
analysis-node	CVE-2025-49146	pgjdbc: pgjdbc insecure authentication in channel binding	3.3.0-funcrel
auth-service	CVE-2025-41235	Spring Cloud Gateway Server Forwards Headers from Untrusted Proxies	3.3.0-funcrel
console	CVE-2025-41235	Spring Cloud Gateway Server Forwards Headers from Untrusted Proxies	3.3.0-funcrel
dashboards	CVE-2025-22235	org.springframework.boot/spring-boot: Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed	3.3.0-funcrel
dashboards	CVE-2025-48988	tomcat: Apache Tomcat DoS in multipart upload	3.3.0-funcrel
dashboards	CVE-2025-49146	pgjdbc: pgjdbc insecure authentication in channel binding	3.3.0-funcrel
gateway	CVE-2025-41235	Spring Cloud Gateway Server Forwards Headers from Untrusted Proxies	3.3.0-funcrel
gateway	CVE-2025-48988	tomcat: Apache Tomcat DoS in multipart upload	3.3.0-funcrel
imaging-viewer	CVE-2025-4565	python-protobuf: Unbounded recursion in Python Protobuf	3.3.0-funcrel
neo4j	CVE-2025-1948	jetty-http2-common: Jetty HTTP/2 Header List Size Vulnerability	3.3.0-funcrel
sso-service	CVE-2025-3501	org.keycloak.protocol.services: Keycloak hostname verification	3.3.0-funcrel