Skip to content

[Aikido] Fix multiple security issues #36

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
aikido-autofix wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Aikido] Fix multiple security issues #36

aikido-autofix wants to merge 1 commit into from

Conversation

@aikido-autofix
Copy link

@aikido-autofix aikido-autofix bot commented May 20, 2025

This PR will resolve the following CVEs:

CVE ID Severity Description 
CVE-2020-10683
 
🚨 CRITICAL
 dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant