We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
checkstyle before 8.18 has XXE vulnerability. JarabraDix uses checkstyle reporting with Maven site.
CVE-2019-9658
checkstyle issue Disable loading external DTDs by default, create system property to activate it
The text was updated successfully, but these errors were encountered:
=== You've Got Mail ===
.....
Date: Thu, 14 Mar 2019 15:44:15 +0000 (UTC) From: GitHub Subject: [olyutorskii/JarabraDix] One of your dependencies may have a security vulnerability
olyutorskii, We found a potential security vulnerability in a repository for which you have been granted security alert access.
olyutorskii/JarabraDix https://github.com/olyutorskii/JarabraDix Known moderate severity security vulnerability in com.puppycrawl.tools:checkstyle v< 8.18, defined in https://github.com/olyutorskii/JarabraDix/blob/master/pom.xml
pom.xml update suggested: com.puppycrawl.tools:checkstyle v8.18
Sorry, something went wrong.
JEP 185: Restrict Fetching of External XML Resources
XML External Entity (XXE) Processing (OWASP)
XML external entity attack (Wikipedia)
olyutorskii
No branches or pull requests
checkstyle before 8.18 has XXE vulnerability.
JarabraDix uses checkstyle reporting with Maven site.
CVE-2019-9658
checkstyle issue
Disable loading external DTDs by default, create system property to activate it
The text was updated successfully, but these errors were encountered: