Sylwester Lachiewicz created MSITE-830: ------------------------------------------
Summary: Dependency upgrades related to identified security reports Key: MSITE-830 URL: https://issues.apache.org/jira/browse/MSITE-830 Project: Maven Site Plugin Issue Type: Improvement Reporter: Sylwester Lachiewicz Fix problems reported by [Snyk.io|https://snyk.io/] |H|[Arbitrary File Write via Archive Extraction (Zip Slip)|https://app.snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31680] in org.codehaus.plexus:plexus-archiver| |H| [Arbitrary Code Execution|https://app.snyk.io/vuln/SNYK-JAVA-COMMONSBEANUTILS-30077] in commons-beanutils:commons-beanutils| |H| [Arbitrary Code Execution|https://app.snyk.io/vuln/SNYK-JAVA-COMMONSCOLLECTIONS-30078] in commons-collections:commons-collections| |H| [XML External Entity (XXE) Injection|https://app.snyk.io/vuln/SNYK-JAVA-DOM4J-72444] in dom4j:dom4j| |H| [Denial of Service (DoS)|https://app.snyk.io/vuln/SNYK-JAVA-ORGAPACHEPDFBOX-32417] in org.apache.pdfbox:fontbox| |H| [Arbitrary Code Injection|https://app.snyk.io/vuln/SNYK-JAVA-ORGAPACHESTRUTS-30763] in org.apache.struts:struts-core| |H| [Arbitrary Command Execution|https://app.snyk.io/vuln/SNYK-JAVA-ORGMORTBAYJETTY-32091] in org.mortbay.jetty:jetty| |M|[Denial of Service (DoS)|https://app.snyk.io/vuln/SNYK-JAVA-ORGAPACHECOMMONS-32122] in org.apache.commons:commons-compress| |M|[Directory Traversal|https://app.snyk.io/vuln/SNYK-JAVA-ORGAPACHECOMMONS-72275] in org.apache.commons:commons-compress| |M| [Man-in-the-Middle (MitM)|https://app.snyk.io/vuln/SNYK-JAVA-ORGAPACHEHTTPCOMPONENTS-30646] in org.apache.httpcomponents:httpclient| |M| [Directory Traversal|https://app.snyk.io/vuln/SNYK-JAVA-ORGAPACHEHTTPCOMPONENTS-31517] in org.apache.httpcomponents:httpclient| |M| [Improper Input Validation|https://app.snyk.io/vuln/SNYK-JAVA-ORGAPACHEHTTPCOMPONENTS-30645] in org.apache.httpcomponents:httpclient| |M| [Information Exposure|https://app.snyk.io/vuln/SNYK-JAVA-ORGAPACHEHTTPCOMPONENTS-30644] in org.apache.httpcomponents:httpclient| |M| [Denial of Service (DoS)|https://app.snyk.io/vuln/SNYK-JAVA-ORGAPACHEHTTPCOMPONENTS-30647] in org.apache.httpcomponents:httpclient| |M| [Denial of Service (DoS)|https://app.snyk.io/vuln/SNYK-JAVA-ORGAPACHEPDFBOX-72426] in org.apache.pdfbox:pdfbox| |L|[Denial of Service (DoS)|https://app.snyk.io/vuln/SNYK-JAVA-ORGAPACHECOMMONS-32473] in org.apache.commons:commons-compress| -- This message was sent by Atlassian JIRA (v7.6.3#76005)