[MODRTAC-31] Fix security vulnerability reported in checkstyle < 8.29 - FOLIO Issue Tracker

XML

Word

Printable

Remediation

Upgrade com.puppycrawl.tools:checkstyle to version 8.29 or later. For example:

<dependency>
 <groupId>com.puppycrawl.tools</groupId>
 <artifactId>checkstyle</artifactId>
 <version>[8.29,)</version> 
</dependency>

Always verify the validity and compatibility of suggestions with your codebase.

moderate severity

*Vulnerable versions:* < 8.29

*Patched version:* 8.29

Due to an incomplete fix for CVE-2019-9658, checkstyle was still vulnerable to XML External Entity (XXE) Processing.

is duplicated by

MODRTAC-36 Fix security vulnerability reported in 'com.puppycrawl.tools:checkstyle' < 8.29

relates to

SIP2-80 Fix security vulnerability reported in checkstyle < 8.29