DPC: Kontrola ohrožení zabezpečení hlásí, že Node.js a verze MongoDB nejsou podporovány.

Skener ukazuje, že Node.js, nainstalované v DPC, není podporována.

Skener ukazuje, že MongoDB, nainstalované v DPC, není podporována.

To je důsledek spuštění skeneru chyb zabezpečení na serveru DPC.

Správa produktů a technický tým poskytli následující informace o tomto problému. 

MongDB:

"MongoDB 4.2.x will remain at its current version within our architecture. While MongoDB is out of vendor compatibility/compliance, our multilayered security architecture prevents external attacks: MongoDB is not directly accessible from external networks, protected by firewall rules, and only accessible internally through authenticated application layers. This isolation eliminates direct attack vectors, making the system secure despite EOL status. We continue to provide break/fix support and security patching where applicable and possible."

Node.js:

"We acknowledge Node.js 16.x (v16.20.2) reached End-of-Life. However, our deployment architecture eliminates attack surfaces: Node.js is bundled within the application (not system-wide), production serves only prebuilt static files, Node.js runtime is never exposed to network requests, and the npm package manager is absent in production. This means attackers cannot directly target or exploit Node.js vulnerabilities, making the deployment secure despite EOL status."