Maven Petals Plugin

JBI archives contain a file (/META-INF/) that would be extracted outside of the target directory

Details

  • Type: Bug Bug
  • Status: Resolved Resolved
  • Priority: Critical Critical
  • Resolution: Fixed
  • Affects Version/s: 3.3.0
  • Fix Version/s: 3.4.0
  • Component/s: jbi-package
  • Security Level: Public
  • Description:

    OWASP Dependency-Checker detects that JBI archives generated by the Maven Petals plugin are invalid because they contain a file (/META-INF/) that would be extracted outside of the target directory.

  • Environment:
    -

Activity

Ascending order - Click to sort in descending order
Christophe DENEUX made changes - Fri, 26 Jul 2024 - 13:04:08 +0200
Field Original Value New Value
Status New [ 10000 ] Open [ 10002 ]
Priority Critical [ 2 ]
Christophe DENEUX made changes - Fri, 26 Jul 2024 - 13:04:10 +0200
Status Open [ 10002 ] In Progress [ 10003 ]
Christophe DENEUX made changes - Fri, 26 Jul 2024 - 13:14:43 +0200
Fix Version/s 3.4.0 [ 11107 ]
Component/s jbi-configure [ 10089 ]
Christophe DENEUX made changes - Fri, 26 Jul 2024 - 13:24:29 +0200
Summary JBI archives contain a file (/META-INF/) that would be extracted outside of the target directory. JBI archives contain a file (/META-INF/) that would be extracted outside of the target directory
Christophe DENEUX made changes - Fri, 26 Jul 2024 - 13:24:43 +0200
Status In Progress [ 10003 ] Resolved [ 10004 ]
Resolution Fixed [ 1 ]

People

Dates

  • Created:
    Fri, 26 Jul 2024 - 13:02:22 +0200
    Updated:
    Fri, 26 Jul 2024 - 13:24:43 +0200
    Resolved:
    Fri, 26 Jul 2024 - 13:24:43 +0200
Atlassian JIRA (v4.1.2#531) | Report a problem | Request a feature | Contact administrators
Powered by a free Atlassian JIRA open source license for Petals ESB. Try JIRA - bug tracking software for your team.