Uploaded image for project: 'Flink'
  1. Flink
  2. FLINK-23542

Upgrade Checkstyle to at least 8.29

    XMLWordPrintableJSON

Details

    Description

      Checkstyle version < 8.29 are still vulnerable to XML External Entity (XXE) Processing due to an incomplete fix for CVE-2019-9658.

      Impact
      User: Build Maintainers
      This vulnerability probably doesn't impact Maven/Gradle users as, in most cases, these builds are processing files that are trusted, or pre-vetted by a pull request reviewer before being run on internal CI infrastructure.
      
      

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              martijnvisser Martijn Visser
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated: