Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Secure Web Gateway 12.2.22 Release Notes

  1. Last updated
  2. Save as PDF

The Skyhigh SWG 12.2.22 release includes fixes and improvements across multiple components. The resolved issues listed below address validation errors, protocol handling, deadlocks, media type detection, and synchronization failures. For details on the issues resolved in this release, see the Resolved Issues section.

Resolved Issues in the 12.2.22 Release    

SWG 12.2.22 is available as a main release. For information about upgrading, see Upgrading to a new version – Main Release. For details about resolved issues in previous releases and other related information, see Secure Web Gateway 12.2.x Release Notes.

NOTE: If you have configured SWG in Transparent Router mode, ensure that your configuration follows the mandatory steps outlined in the Configure Proxy Settings for a Director Node in Transparent Router Mode before upgrading to SWG version 12.2.9 or later. 

Reference Description
WP-6267 The Max Users field accepts the value 20 within the supported user limit range (1–200).
WP-8171 The SWG installation wizard provides an IPv6 option, enabling dual-stack (IPv4 and IPv6) configuration during installation. 
WP-8245 The system prevents server-side deadlocks during simultaneous UI list edits and REST-based ruleset imports. 
WP-8264 SWG uses the correct destination port for XMPP server-side connections and avoids crashes after port handling. 
WP-8335 The system detects macOS dynamic library files and classifies them as the application/x-mac-dylib  media type.
WP-8337 SWG now supports the detection of AVIF files and classifies them as image/avif.
WP-8374 The GAM server shuts down cleanly in async mode under load when mwg-core stops. 
WP-8398 Policy synchronization to the Cloud Proxy completes without XML input validation errors.
WP-8404 The feedback file now includes the top -b -n 1 -H -p `pgrep mwg-core` command to generate detailed thread statistics for mwg-core.
WP-8422 PDF parsing performance for Arabic content has been improved.
WP-8472 The system prevents unnecessary re-initiation of CRL downloads.
WP-8498 The HTTP/2 module operates without encountering deadlocks.
WP-8499 The system now correctly detects GPG-encrypted files and classifies them as the application/pgp  media type. 

Vulnerabilities Fixed in the 12.2.22 Release

This Secure Web Gateway release includes updates addressing publicly disclosed CVEs, regardless of whether a CVE has been shown to impact customers.
The following medium and higher-level CVEs (CVSS 3.0 >= 4) were involved:

Reference CVE  Description
WP-8157 CVE-2024-47554 SWG is not affected.
WP-8158 CVE-2025-48924 SWG is not affected.
WP-8159 CVE-2025-52999 SWG is affected, and the current release includes the recommended package version Jackson 2.20.
CVE-2025-49128 SWG is affected, and the current release includes the recommended package version Jackson 2.20.
WP-8161 CVE-2014-3643  SWG is affected, and the current release includes the recommended package version Jersey 1.19.4.
WP-8162 CVE-2023-52070 SWG is not affected
CVE-2024-23077 SWG is not affected
CVE-2024-22949 SWG is not affected
CVE-2024-23076 SWG is not affected
WP-8163 CVE-2024-47072 SWG is not affected.
WP-8364 / WP-8271 CVE-2024-9143 SWG is affected, and the current release includes the recommended package versions: OpenSSL 1.1.1zd and OpenSSL 1.0.2zm.
CVE-2021-3712 SWG is affected, and the current release includes the recommended package versions: OpenSSL 1.1.1zd and OpenSSL 1.0.2zm.

Known Issues and Workarounds 

For a list of issues that are currently known, see SWG 12.x.x Known Issues and Workaround.

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
  2. Tags
    1. Secure Web Gateway 12.2.4 Release Notes
    2. SWG 12.2.4 RNs