com.linecorp.centraldogma:centraldogma-server@0.56.0 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the com.linecorp.centraldogma:centraldogma-server package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • C
Cross-site Scripting (XSS)

com.linecorp.centraldogma:centraldogma-server is a service configuration repository based on Git, ZooKeeper and HTTP/2 (centraldogma-server).

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to insufficient input validation and output encoding. An attacker can inject malicious scripts into web pages viewed by other users by submitting crafted input.

How to fix Cross-site Scripting (XSS)?

Upgrade com.linecorp.centraldogma:centraldogma-server to version 0.64.0 or higher.

[,0.64.0)