[jira] [Updated] (TIKA-1968) Veracode static scan reports 3 very high OS Command injections in tika-core-1.9.jar

Tim Allison (JIRA) Wed, 11 May 2016 05:43:51 -0700

     [ 
https://issues.apache.org/jira/browse/TIKA-1968?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Tim Allison updated TIKA-1968:
------------------------------
    Assignee:     (was: Tim Allison)

> Veracode static scan reports 3 very high OS Command injections in 
> tika-core-1.9.jar
> -----------------------------------------------------------------------------------
>
>                 Key: TIKA-1968
>                 URL: https://issues.apache.org/jira/browse/TIKA-1968
>             Project: Tika
>          Issue Type: Bug
>    Affects Versions: 1.9
>            Reporter: I-Min Mau
>
> We had specifically upgraded the tika jar we use in our Pipe application to 
> tika-core-1.9.jar, but Veracode static scan still reports the following 3 OS 
> command injection flaws:
> 17589 176 - tika-core-1.9.jar org/.../ExternalEmbedder.java 367 4/23/16
> 17595 177 - tika-core-1.9.jar org/.../ExternalParser.java 178 4/23/16
> 17593 177 - tika-core-1.9.jar org/.../ExternalParser.java 180 4/23/16
> Requesting fix in higher version and/or help us remediate so we can pass our 
> corporate security reports, thanks!  



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (TIKA-1968) Veracode static scan reports 3 very high OS Command injections in tika-core-1.9.jar

Reply via email to