Uploaded image for project: 'Active and Available Inventory'
  1. Active and Available Inventory
  2. AAI-3348

fix CRITICAL xxe (XML External Entity) issues identified in sonarcloud

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Highest Highest
    • Istanbul Release
    • Istanbul Release

      Sonarcloud identified the following security bugs in your project and, as agreed by the TSC, should be fixed within the Istanbul release. Any not finished in Istanbul must be fixed within the Jakarta release. Follow each of the URLs for details on each each bug, along with recommended fixes.

       

      The verification URL for these issues will be <https://sonarcloud.io/organizations/onap/issues?resolved=false&sonarsourceSecurity=xxe&projects=onap_aai-aai-common>.
       
      If any of the links below fail, please find your code on the master list found at <https://sonarcloud.io/organizations/onap/issues?resolved=false&sonarsourceSecurity=xxe>.
       

      Project: onap_aai-aai-common
      Component: onap_aai-aai-common:aai-schema-ingest/src/main/java/org/onap/aai/nodes/NodeIngestor.java
      Message: Disable access to external entities in XML parsing.
      Severity: BLOCKER
      Line: 162
      Effort: 15min
      Creation-Date: 2018-03-29T19:12:22+0200
      URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXfYQUD_rVdZCyymHF6I&open=AXfYQUD_rVdZCyymHF6I

      Project: onap_aai-aai-common
      Component: onap_aai-aai-common:aai-schema-ingest/src/main/java/org/onap/aai/nodes/NodeIngestor.java
      Message: Disable access to external entities in XML parsing.
      Severity: BLOCKER
      Line: 195
      Effort: 15min
      Creation-Date: 2018-12-06T03:45:16+0100
      URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXfYQUD_rVdZCyymHF6H&open=AXfYQUD_rVdZCyymHF6H

      Project: onap_aai-aai-common
      Component: onap_aai-aai-common:aai-schema-ingest/src/main/java/org/onap/aai/nodes/NodeIngestor.java
      Message: Disable access to external entities in XML parsing.
      Severity: BLOCKER
      Line: 203
      Effort: 15min
      Creation-Date: 2018-08-12T22:48:34+0200
      URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXfYQUD_rVdZCyymHF6J&open=AXfYQUD_rVdZCyymHF6J

      Project: onap_aai-aai-common
      Component: onap_aai-aai-common:aai-schema-ingest/src/main/java/org/onap/aai/nodes/NodeIngestor.java
      Message: Disable access to external entities in XML parsing.
      Severity: BLOCKER
      Line: 204
      Effort: 15min
      Creation-Date: 2018-08-12T22:48:34+0200
      URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXfYQUD_rVdZCyymHF6G&open=AXfYQUD_rVdZCyymHF6G

      Project: onap_aai-aai-common
      Component: onap_aai-aai-common:aai-schema-ingest/src/main/java/org/onap/aai/validation/nodes/DefaultDuplicateNodeDefinitionValidationModule.java
      Message: Disable access to external entities in XML parsing.
      Severity: BLOCKER
      Line: 62
      Effort: 15min
      Creation-Date: 2018-03-29T19:12:22+0200
      URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXfYQUBTrVdZCyymHF6F&open=AXfYQUBTrVdZCyymHF6F

       

            tonylhansen tonylhansen
            tonylhansen tonylhansen
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: