Umbraco issues on Sonatype #14084
collinsed-af
started this conversation in
Features and ideas
Umbraco issues on Sonatype
#14084
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
There are several issues listed on sonatype.org. Links to these issues are below. When these issues are present our corporate policy blocks us from using the package. This halts our development and deployment. These issues look old and may have been addressed. They need to be removed from Sonatype.org. We are not able to upgrade Umbraco until these are removed. Please help.
[CVE-2020-5809] CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
https://ossindex.sonatype.org/vulnerability/CVE-2020-5809?component-type=nuget&component-name=UmbracoCms&utm_source=proget&utm_medium=integration&utm_content=22.0.24.5
[CVE-2020-5810] CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
https://ossindex.sonatype.org/vulnerability/CVE-2020-5810?component-type=nuget&component-name=UmbracoCms&utm_source=proget&utm_medium=integration&utm_content=22.0.24.5
[CVE-2020-5811] CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
https://ossindex.sonatype.org/vulnerability/CVE-2020-5811?component-type=nuget&component-name=UmbracoCms&utm_source=proget&utm_medium=integration&utm_content=22.0.24.5
[CVE-2022-22691] CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
https://ossindex.sonatype.org/vulnerability/CVE-2022-22691?component-type=nuget&component-name=UmbracoCms&utm_source=proget&utm_medium=integration&utm_content=22.0.24.5
Beta Was this translation helpful? Give feedback.
All reactions