Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update URLUtils to ensure secure connection #44

Open
jordanpadams opened this issue Jun 24, 2021 · 0 comments
Open

Update URLUtils to ensure secure connection #44

jordanpadams opened this issue Jun 24, 2021 · 0 comments
Labels
bug Something isn't working icebox open.2.9.0 open.2.10.0 open.2.10.1 s.low security

Comments

@jordanpadams
Copy link
Member

Vulnerability

Determine if the findings about SQL queries containing user input that is not sanitized are valid, and determine the potential consequences if they are.

File Warning Line Warning Text Notes
pds4-jparser/src/main/java/gov/nasa/arc/pds/tools/util/URLUtils.java 195 Failure to use SSL (CWE-311) Try to set secure before addCookie. ssoCookie.setSecure(true) plain text viewing possible if not set.
pds4-jparser/src/main/java/gov/nasa/arc/pds/tools/util/URLUtils.java 228 Failure to use SSL (CWE-311) Try to set secure before addCookie. ssoCookie.setSecure(true) plain text viewing possible if not set.
pds4-jparser/src/main/java/gov/nasa/arc/pds/tools/util/URLUtils.java 286 Failure to use SSL (CWE-311) Try to set secure before addCookie. ssoCookie.setSecure(true) plain text viewing possible if not set.

Software Version

Version
@jordanpadams jordanpadams added bug Something isn't working security s.low icebox labels Jun 24, 2021
@jordanpadams jordanpadams changed the title Sanitize SQL queries Update URLUtils to ensure secure connection Jun 24, 2021
@jordanpadams jordanpadams mentioned this issue Jun 24, 2021
Closed
@github-project-automation github-project-automation bot moved this to Release Backlog in EN Portfolio Backlog Nov 20, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working icebox open.2.9.0 open.2.10.0 open.2.10.1 s.low security
Projects
EN Portfolio Backlog
Status: ToDo
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jordanpadams @tloubrieu-jpl @pdsen-ci