XSS Vulnerability for TDS <= 5.5

An XSS vulnerability has been brought to our attention and fixed. This vulnerability only affects the DAP4 service for versions <= 5.5. We strongly recommend that you either:

1. Disable DAP4 services
2. or upgrade to the latest 5.6-SNAPSHOT version. This can be downloaded here. Please note that this newest snapshot now requires JDK 17. Additional JVM arguments are needed, which are in the CHRONICLE_CACHE variable here.

If you have any questions or concerns, please contact support-thredds@unidata.ucar.edu.

Best, The THREDDS development team.

NSF Unidata Update: July 2024

In case you missed it — here's a recap of news from the NSF Unidata Program Center for the month of July, 2024.

[Read More]
News@Unidata
News and information from the Unidata Program Center
News@Unidata
News and information from the Unidata Program Center

Welcome

FAQs

Developers’ blog

Take a poll!

What if we had an ongoing user poll in here?

Browse By Topic
Browse by Topic
« August 2024 »
SunMonTueWedThuFriSat
    
2
3
4
5
6
7
8
9
10
11
12
14
16
17
18
19
20
22
23
24
25
26
27
28
29
30
31
       
Today