Permalink
Show file tree
Hide file tree
4 changes: 2 additions & 2 deletions
4
src/main/java/dev/hypera/dragonfly/downloaders/impl/MavenDownloader.java
12 changes: 8 additions & 4 deletions
12
src/main/java/dev/hypera/dragonfly/exceptions/DownloadFailureException.java
12 changes: 8 additions & 4 deletions
12
src/main/java/dev/hypera/dragonfly/exceptions/DragonflyException.java
12 changes: 8 additions & 4 deletions
12
src/main/java/dev/hypera/dragonfly/exceptions/LoadFailureException.java
12 changes: 8 additions & 4 deletions
12
src/main/java/dev/hypera/dragonfly/exceptions/RelocationFailureException.java
12 changes: 8 additions & 4 deletions
12
src/main/java/dev/hypera/dragonfly/exceptions/ResolveFailureException.java
11 changes: 6 additions & 5 deletions
11
src/main/java/dev/hypera/dragonfly/loading/DependencyLoader.java
7 changes: 4 additions & 3 deletions
7
src/main/java/dev/hypera/dragonfly/loading/DragonflyClassLoader.java
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
fix: CVE-2022-41967
Dragonfly v0.3.0-SNAPSHOT fails to properly configure the DocumentBuilderFactory to prevent XML enternal entity (XXE) attacks when parsing maven-metadata.xml files provided by external Maven repositories during "SNAPSHOT" version resolution. This patches CVE-2022-41967 by disabling features which may lead to XXE. If you are currently using v0.3.0-SNAPSHOT it is STRONGLY advised to update Dragonfly to v0.3.1-SNAPSHOT just to be safe.
- Loading branch information
1 parent
887c489
commit 9661375
Showing
18 changed files
with
110 additions
and
71 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.