98 matches found
XML external entity (XXE) processing ('external-parameter-entities' feature was not fully disabled))
Due to an incomplete fix for CVE-2019-9658, checkstyle was still vulnerable to XML External Entity XXE Processing. Impact User: Build Maintainers This vulnerability probably doesn't impact Maven/Gradle users as, in most cases, these builds are processing files that are trusted, or pre-vetted by a...
GHSA-763G-FQQ7-48WG XML external entity (XXE) processing ('external-parameter-entities' feature was not fully disabled))
Due to an incomplete fix for CVE-2019-9658, checkstyle was still vulnerable to XML External Entity XXE Processing. Impact User: Build Maintainers This vulnerability probably doesn't impact Maven/Gradle users as, in most cases, these builds are processing files that are trusted, or pre-vetted by a...
XML External Entity (XXE)
checkstyle is vulnerable to XML external entity attacks. The external-parameter-entities feature is not disabled by default, allowing a remote attacker to retrieve system files or perform requests on behalf of the server via a malicious XML document...
CVE-2019-10782
All versions of com.puppycrawl.tools:checkstyle before 8.29 are vulnerable to XML External Entity XXE Injection due to an incomplete fix for CVE-2019-9658...
DEBIAN-CVE-2019-10782
All versions of com.puppycrawl.tools:checkstyle before 8.29 are vulnerable to XML External Entity XXE Injection due to an incomplete fix for CVE-2019-9658...
UBUNTU-CVE-2019-10782
All versions of com.puppycrawl.tools:checkstyle before 8.29 are vulnerable to XML External Entity XXE Injection due to an incomplete fix for CVE-2019-9658...
XML External Entity (XXE) Injection
Overview com.puppycrawl.tools:checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. Affected versions of this package are vulnerable to XML External Entity XXE Injection due to an incomplete fix for CVE-2019-9658 checkstyle was still vulnerable to...
XML External Entity (XXE)
checkstyle is vulnerable to XML external entity attacks. External DTDs are not disabled by default, allowing an attacker to inject malicious XML to retrieve system files or submit requests on behalf of the server to gain access to the internal network...
[SECURITY] Fedora 30 Update: checkstyle-8.0-7.fc30
A tool for checking Java source code for adherence to a set of rules...
Fedora Update for checkstyle FEDORA-2019-4696630d6f
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora Update for checkstyle FEDORA-2019-e4405b4c9f
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Debian DLA-1768-1 : checkstyle security update
checkstyle was loading external DTDs by default, which is now disabled by default. If needed it can be re-enabled by setting the system property checkstyle.enableExternalDtdLoad to true. For Debian 8 'Jessie', this problem has been fixed in version 5.9-1+deb8u1. We recommend that you upgrade your...
Debian: Security Advisory (DLA-1768-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1768-1] checkstyle security update
Package : checkstyle Version : 5.9-1+deb8u1 CVE ID : CVE-2019-9658 checkstyle was loading external DTDs by default, which is now disabled by default. If needed it can be re-enabled by setting the system property checkstyle.enableExternalDtdLoad to true. For Debian 8 "Jessie", this problem has bee...
DLA-1768-1 checkstyle - security update
Bulletin has no description...
[SECURITY] Fedora 29 Update: checkstyle-8.0-4.1.fc29
A tool for checking Java source code for adherence to a set of rules...
Fedora 29 : checkstyle (2019-e4405b4c9f)
This update fixes security vulnerability - Checkstyle loads external DTDs by default. Upstream issue : https://github.com/checkstyle/checkstyle/issues/6474 https://github.com/checkstyle/checkstyle/issues/6478 References : https://checkstyle.org/releasenotes.htmlRelease8.18 Note that Tenable Netwo...
Fedora Update for checkstyle FEDORA-2019-a3f67e2364
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 28 : checkstyle (2019-a3f67e2364)
This update fixes security vulnerability - Checkstyle loads external DTDs by default. Upstream issue : https://github.com/checkstyle/checkstyle/issues/6474 https://github.com/checkstyle/checkstyle/issues/6478 References : https://checkstyle.org/releasenotes.htmlRelease8.18 Note that Tenable Netwo...
GHSA-GP32-7H29-RPXM Moderate severity vulnerability that affects com.puppycrawl.tools:checkstyle
Checkstyle prior to 8.18 loads external DTDs by default, which can potentially lead to denial of service attacks or the leaking of confidential information...