Uploaded image for project: 'mod_cluster'
  1. mod_cluster
  2. MODCLUSTER-677

Upgrade com.puppycrawl.tools:checkstyle to version 8.18 or later

XMLWordPrintable

    • Icon: Component Upgrade Component Upgrade
    • Resolution: Done
    • Icon: Major Major
    • 2.0.0.Final
    • 1.3.10.Final
    • Core + SPIs
    • None

      1 com.puppycrawl.tools:checkstyle vulnerability found in pom.xml 17 hours ago
      Remediation
      Upgrade com.puppycrawl.tools:checkstyle to version 8.18 or later. For example:

      <dependency>
      <groupId>com.puppycrawl.tools</groupId>
      <artifactId>checkstyle</artifactId>
      <version>[8.18,)</version>
      </dependency>
      Always verify the validity and compatibility of suggestions with your codebase.

      Details
      CVE-2019-9658 More information
      moderate severity
      Vulnerable versions: < 8.18
      Patched version: 8.18
      Checkstyle prior to 8.18 loads external DTDs by default, which can potentially lead to denial of service attacks or the leaking of confidential information.

              rhn-engineering-rhusar Radoslav Husar
              rhn-engineering-rhusar Radoslav Husar
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: