Uploaded image for project: 'Code Tools'
  1. Code Tools
  2. CODETOOLS-7902674

Fix XXE SCQS errors

    XMLWordPrintable

    Details

    • Type: Enhancement
    • Status: Resolved
    • Priority: P4
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: st4.0
    • Component/s: tools
    • Labels:
      None

      Description

      SCQS reports some XXE erros. F.e. Rule -
          > java:S2755 [XML parsers should not be vulnerable to XXE attacks]

          > common/lib/sigtest/src/share/classes/com/sun/tdk/signaturetest/sigfile/f43/F43Writer.java
          > common/lib/sigtest/src/share/classes/com/sun/tdk/signaturetest/sigfile/StructWriter.java
          > common/lib/sigtest/src/share/classes/com/sun/tdk/signaturetest/updater/Updater.java

      While there is no real vulnerability here these erros can be fixed.

        Attachments

          Activity

            People

            Assignee:
            vrudomet Victor Rudometov
            Reporter:
            vrudomet Victor Rudometov
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: