Описание
Checkstyle before 8.18 loads external DTDs by default.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| checkstyle | fixed | 8.26-1 | package | |
| checkstyle | fixed | 8.15-1+deb10u1 | buster | package |
| checkstyle | fixed | 6.15-1+deb9u1 | stretch | package |
Примечания
https://github.com/checkstyle/checkstyle/issues/6474
https://github.com/checkstyle/checkstyle/issues/6478
https://github.com/checkstyle/checkstyle/pull/6476
https://github.com/checkstyle/checkstyle/commit/180b4fe37a2249d4489d584505f2b7b3ab162ec6
When fixing this issue make sure to apply the complete fix to not open
CVE-2019-10782.
Связанные уязвимости
CVSS3: 5.3
ubuntu
почти 7 лет назад
Checkstyle before 8.18 loads external DTDs by default.
CVSS3: 5.3
github
почти 7 лет назад
Moderate severity vulnerability that affects com.puppycrawl.tools:checkstyle