Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

V5 [VAS] Bug 11541: filing holding tree not retrieved #1428

Merged
merged 1 commit into from
Jul 28, 2023
Merged

V5 [VAS] Bug 11541: filing holding tree not retrieved #1428

merged 1 commit into from
Jul 28, 2023

Conversation

laedanrex
Copy link
Contributor

Description

Suite à un ticket support, le classement arbre et plan n'est pas appelé en v5

Type de changement:

  • Correction

Contributeur

Indiquer qui a développé cette fonctionnalité

VAS (Vitam Accessible en Service)

@laedanrex laedanrex added bug Something isn't working VAS VAS contribution labels Jul 27, 2023
@laedanrex laedanrex added this to the IT 122 milestone Jul 27, 2023
@laedanrex laedanrex self-assigned this Jul 27, 2023
@laedanrex laedanrex changed the base branch from develop to master_5.x July 27, 2023 13:17
@laedanrex laedanrex changed the title Vas 11541 bug filing holding not call [VAS] Bug 11541: filing holding tree not retrieved Jul 27, 2023
@laedanrex laedanrex changed the title [VAS] Bug 11541: filing holding tree not retrieved V5 [VAS] Bug 11541: filing holding tree not retrieved Jul 27, 2023
@TDevillechabrolle
Copy link
Contributor

Logo
Checkmarx One – Scan Summary & Details30987d0f-9de1-4321-ad4c-be0abb0db119

New Issues

Severity Issue Source File / Package Checkmarx Insight
HIGH CVE-2019-10744 Npm-lodash-4.17.11 Vulnerable Package
HIGH CVE-2019-10758 Npm-mongo-express-0.49.0 Vulnerable Package
HIGH CVE-2020-24391 Npm-mongo-express-0.49.0 Vulnerable Package
HIGH CVE-2020-36632 Npm-flat-4.1.0 Vulnerable Package
HIGH CVE-2020-36632 Npm-flat-2.0.1 Vulnerable Package
HIGH CVE-2020-7610 Npm-bson-1.0.9 Vulnerable Package
HIGH CVE-2020-7699 Npm-express-fileupload-0.4.0 Vulnerable Package
HIGH CVE-2020-7788 Npm-ini-1.3.5 Vulnerable Package
HIGH CVE-2020-8116 Npm-dot-prop-3.0.0 Vulnerable Package
HIGH CVE-2020-8203 Npm-lodash-4.17.11 Vulnerable Package
HIGH CVE-2021-23337 Npm-lodash-4.17.11 Vulnerable Package
HIGH CVE-2021-23372 Npm-mongo-express-0.49.0 Vulnerable Package
HIGH CVE-2022-22980 Maven-org.springframework.data:spring-data-mongodb-3.2.6 Vulnerable Package
HIGH CVE-2022-22980 Maven-org.springframework.data:spring-data-mongodb-3.2.4 Vulnerable Package
HIGH CVE-2022-22980 Maven-org.springframework.data:spring-data-mongodb-3.1.7 Vulnerable Package
HIGH CVE-2022-23181 Maven-org.apache.tomcat.embed:tomcat-embed-core-9.0.54 Vulnerable Package
HIGH CVE-2022-24434 Npm-dicer-0.2.5 Vulnerable Package
HIGH CVE-2022-24999 Npm-qs-6.5.2 Vulnerable Package
HIGH CVE-2022-24999 Npm-qs-6.5.1 Vulnerable Package
HIGH CVE-2022-27140 Npm-express-fileupload-0.4.0 Vulnerable Package
HIGH CVE-2022-27261 Npm-express-fileupload-0.4.0 Vulnerable Package
HIGH CVE-2022-42003 Maven-com.fasterxml.jackson.core:jackson-databind-2.12.7 Vulnerable Package
HIGH CVE-2022-42004 Maven-com.fasterxml.jackson.core:jackson-databind-2.12.7 Vulnerable Package
HIGH CVE-2022-42889 Maven-org.apache.commons:commons-text-1.8 Vulnerable Package
HIGH CVE-2023-38286 Maven-org.thymeleaf:thymeleaf-3.0.12.RELEASE Vulnerable Package
HIGH Client_DOM_XSS /docs/DAT/material/base.html: 4 Attack Vector
HIGH Cx0b414307-5d4b Npm-lodash-4.17.11 Vulnerable Package
HIGH Cx687ca332-0af8 Npm-express-fileupload-0.4.0 Vulnerable Package
HIGH Cxd6c215a2-86bd Npm-mongodb-2.2.24 Vulnerable Package
HIGH Reflected_XSS_All_Clients /api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 259 Attack Vector
HIGH Reflected_XSS_All_Clients /api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 173 Attack Vector
HIGH Reflected_XSS_All_Clients /api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 271 Attack Vector
HIGH Reflected_XSS_All_Clients /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118 Attack Vector
HIGH Reflected_XSS_All_Clients /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118 Attack Vector
HIGH Reflected_XSS_All_Clients /api/api-archive-search/archive-search-external/src/main/java/fr/gouv/vitamui/archives/search/external/server/rest/ArchivesSearchExternalController.java: 202 Attack Vector
HIGH Reflected_XSS_All_Clients /api/api-archive-search/archive-search-external/src/main/java/fr/gouv/vitamui/archives/search/external/server/rest/ArchivesSearchExternalController.java: 192 Attack Vector
HIGH Reflected_XSS_All_Clients /api/api-archive-search/archive-search-external/src/main/java/fr/gouv/vitamui/archives/search/external/server/rest/ArchivesSearchExternalController.java: 172 Attack Vector
HIGH Reflected_XSS_All_Clients /api/api-archive-search/archive-search-external/src/main/java/fr/gouv/vitamui/archives/search/external/server/rest/ArchivesSearchExternalController.java: 163 Attack Vector
HIGH Reflected_XSS_All_Clients /api/api-archive-search/archive-search-external/src/main/java/fr/gouv/vitamui/archives/search/external/server/rest/ArchivesSearchExternalController.java: 136 Attack Vector
HIGH Reflected_XSS_All_Clients /api/api-archive-search/archive-search-external/src/main/java/fr/gouv/vitamui/archives/search/external/server/rest/ArchivesSearchExternalController.java: 202 Attack Vector
HIGH Reflected_XSS_All_Clients /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 263 Attack Vector
HIGH Reflected_XSS_All_Clients /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 241 Attack Vector
HIGH Reflected_XSS_All_Clients /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 231 Attack Vector
HIGH Reflected_XSS_All_Clients /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 202 Attack Vector
MEDIUM Absolute_Path_Traversal /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/CustomerController.java: 176 Attack Vector
MEDIUM Absolute_Path_Traversal /api/api-iam/iam-external/src/main/java/fr/gouv/vitamui/iam/external/server/rest/CustomerExternalController.java: 192 Attack Vector
MEDIUM Absolute_Path_Traversal /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/CustomerController.java: 111 Attack Vector
MEDIUM Absolute_Path_Traversal /api/api-iam/iam-external/src/main/java/fr/gouv/vitamui/iam/external/server/rest/CustomerExternalController.java: 172 Attack Vector
MEDIUM Absolute_Path_Traversal /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/OntologyExternalController.java: 157 Attack Vector
MEDIUM Absolute_Path_Traversal /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/FileFormatController.java: 224 Attack Vector
MEDIUM Absolute_Path_Traversal /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/RuleController.java: 194 Attack Vector
MEDIUM Absolute_Path_Traversal /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/AgencyController.java: 191 Attack Vector
MEDIUM Absolute_Path_Traversal /ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/RuleController.java: 187 Attack Vector
MEDIUM Absolute_Path_Traversal /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/OntologyController.java: 178 Attack Vector
MEDIUM Absolute_Path_Traversal /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/RuleExternalController.java: 172 Attack Vector
MEDIUM Absolute_Path_Traversal /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/FileFormatExternalController.java: 188 Attack Vector
MEDIUM Absolute_Path_Traversal /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/AgencyInternalController.java: 185 Attack Vector
MEDIUM Absolute_Path_Traversal /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/AgencyExternalController.java: 175 Attack Vector
MEDIUM Absolute_Path_Traversal /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/OntologyInternalController.java: 159 Attack Vector
MEDIUM CVE-2019-2391 Npm-bson-1.0.9 Vulnerable Package
MEDIUM CVE-2020-28500 Npm-lodash-4.17.11 Vulnerable Package
MEDIUM CVE-2021-21422 Npm-mongo-express-0.49.0 Vulnerable Package
MEDIUM CVE-2021-42550 Maven-ch.qos.logback:logback-core-1.2.3 Vulnerable Package
MEDIUM CVE-2021-42550 Maven-ch.qos.logback:logback-classic-1.2.3 Vulnerable Package
MEDIUM CVE-2021-43797 Maven-io.netty:netty-codec-http-4.1.69.Final Vulnerable Package
MEDIUM CVE-2022-22968 Maven-org.springframework:spring-context-5.3.12 Vulnerable Package
MEDIUM CVE-2023-2976 Maven-com.google.guava:guava-29.0-jre Vulnerable Package
MEDIUM Cleartext_Submission_of_Sensitive_Information /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110 Attack Vector
MEDIUM Cleartext_Submission_of_Sensitive_Information /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118 Attack Vector
MEDIUM Cleartext_Submission_of_Sensitive_Information /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110 Attack Vector
MEDIUM Cleartext_Submission_of_Sensitive_Information /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118 Attack Vector
MEDIUM Client_Potential_XSS /docs/DAT/material/assets/javascripts/application.d5a09f94.js: 1187 Attack Vector
MEDIUM Client_Potential_XSS /docs/DAT/material/assets/javascripts/application.d5a09f94.js: 1159 Attack Vector
MEDIUM Client_Potential_XSS /docs/DAT/material/assets/javascripts/application.d5a09f94.js: 758 Attack Vector
MEDIUM Cx14b19a02-387a Npm-body-parser-1.18.3 Vulnerable Package
MEDIUM Cx14b19a02-387a Npm-body-parser-1.18.2 Vulnerable Package
MEDIUM Cx435a6fda-ca38 Npm-commander-2.18.0 Vulnerable Package
MEDIUM Cx816df59e-1cc9 Npm-marked-0.7.0 Vulnerable Package
MEDIUM Improper_Restriction_of_XXE_Ref /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118 Attack Vector
MEDIUM Improper_Restriction_of_XXE_Ref /api/api-ingest/ingest-internal/src/main/java/fr/gouv/vitamui/ingest/internal/server/rest/IngestInternalController.java: 106 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/Pac4jClientBuilder.java: 90 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/Pac4jClientBuilder.java: 104 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/Pac4jClientBuilder.java: 103 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/rest/CasInternalController.java: 180 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/user/service/UserInternalService.java: 558 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/Pac4jClientBuilder.java: 90 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/Pac4jClientBuilder.java: 104 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/Pac4jClientBuilder.java: 103 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/rest/CasInternalController.java: 180 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/user/service/UserInternalService.java: 558 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/Pac4jClientBuilder.java: 90 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/Pac4jClientBuilder.java: 104 Attack Vector
MEDIUM

More results are available on AST platform

@GiooDev GiooDev merged commit f1f5971 into master_5.x Jul 28, 2023
@GiooDev GiooDev deleted the vas-11541-bug-filing-holding-not-call branch July 28, 2023 17:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bbenaissa bbenaissa bbenaissa approved these changes

Assignees

@laedanrex laedanrex

Labels
bug Something isn't working VAS VAS contribution
Projects
None yet
Milestone
IT 122
Development

Successfully merging this pull request may close these issues.
4 participants
@laedanrex @TDevillechabrolle @bbenaissa @GiooDev