Maven Petals Plugin

JBI archives contain a file (/META-INF/) that would be extracted outside of the target directory

Details

  • Type: Bug Bug
  • Status: Resolved Resolved
  • Priority: Critical Critical
  • Resolution: Fixed
  • Affects Version/s: 3.3.0
  • Fix Version/s: 3.4.0
  • Component/s: jbi-package
  • Security Level: Public
  • Description:

    OWASP Dependency-Checker detects that JBI archives generated by the Maven Petals plugin are invalid because they contain a file (/META-INF/) that would be extracted outside of the target directory.

  • Environment:
    -

People

Dates

  • Created:
    Fri, 26 Jul 2024 - 13:02:22 +0200
    Updated:
    Fri, 26 Jul 2024 - 13:24:43 +0200
    Resolved:
    Fri, 26 Jul 2024 - 13:24:43 +0200
Atlassian JIRA (v4.1.2#531) | Report a problem | Request a feature | Contact administrators
Powered by a free Atlassian JIRA open source license for Petals ESB. Try JIRA - bug tracking software for your team.