checkstyle security vulnerability #7

olyutorskii · 2019-03-17T18:10:22Z

checkstyle before 8.18 has XXE vulnerability.
JarabraDix uses checkstyle reporting with Maven site.

olyutorskii · 2019-03-18T15:29:58Z

=== You've Got Mail ===

.....

Date: Thu, 14 Mar 2019 15:44:15 +0000 (UTC)
From: GitHub
Subject: [olyutorskii/JarabraDix] One of your dependencies may have a security
vulnerability

olyutorskii,
We found a potential security vulnerability in a repository for which you have been granted security alert access.

olyutorskii/JarabraDix
https://github.com/olyutorskii/JarabraDix
Known moderate severity security vulnerability in com.puppycrawl.tools:checkstyle v< 8.18, defined in https://github.com/olyutorskii/JarabraDix/blob/master/pom.xml

pom.xml update suggested: com.puppycrawl.tools:checkstyle v8.18

.....

olyutorskii · 2019-03-21T08:15:19Z

olyutorskii added the Project label Mar 17, 2019

olyutorskii self-assigned this Mar 17, 2019

olyutorskii added this to the 1.101.6 milestone Mar 18, 2019

olyutorskii mentioned this issue Mar 18, 2019

Release/v1.101.6 #8

Merged

olyutorskii closed this as completed Mar 18, 2019

olyutorskii mentioned this issue Mar 19, 2019

checkstyle security vulnerability olyutorskii/DoubDabC#27

Closed

Provide feedback