Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[VAS] Story #11656 : SigningInformation ontology #1439 FIXED #1446

Merged
merged 1 commit into from
Aug 30, 2023
Merged

[VAS] Story #11656 : SigningInformation ontology #1439 FIXED #1446

merged 1 commit into from
Aug 30, 2023

Conversation

lgheribi
Copy link
Collaborator

Description

  • Fix default ontology deployment config

Type de changement:

  • Ontologie de VitamUI

Contributeur

  • VAS (Vitam Accessible en Service)

@TDevillechabrolle
Copy link
Contributor

Logo
Checkmarx One – Scan Summary & Detailsc721fa77-1e85-46f4-bc19-f8f9536cc88d

New Issues

Severity Issue Source File / Package Checkmarx Insight
LOW Client_DOM_Open_Redirect /ui/ui-frontend/projects/pastis/src/app/shared/pastis-breadcrumb-components/pastis-title-breadcrumb/pastis-title-breadcrumb.component.ts: 56 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/ProfileExternalController.java: 218 Attack Vector
LOW Log_Forging /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 322 Attack Vector
LOW Log_Forging /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 277 Attack Vector
LOW Log_Forging /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 228 Attack Vector
LOW Log_Forging /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 239 Attack Vector
LOW Log_Forging /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 311 Attack Vector
LOW Log_Forging /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 277 Attack Vector
LOW Log_Forging /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 228 Attack Vector
LOW Log_Forging /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 311 Attack Vector
LOW Log_Forging /api/api-pastis/pastis-standalone/src/main/java/fr/gouv/vitamui/pastis/standalone/controller/PastisController.java: 178 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/ProfileExternalController.java: 171 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/ProfileExternalController.java: 190 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/ProfileExternalController.java: 122 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/ProfileExternalController.java: 122 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/ProfileExternalController.java: 122 Attack Vector

Fixed Issues

Severity Issue Source File / Package Checkmarx Insight
MEDIUM CVE-2016-10735 Npm-bootstrap-3.3.6 Vulnerable Package
MEDIUM CVE-2018-14040 Npm-bootstrap-3.3.6 Vulnerable Package
MEDIUM CVE-2018-14042 Npm-bootstrap-3.3.6 Vulnerable Package
MEDIUM CVE-2018-20676 Npm-bootstrap-3.3.6 Vulnerable Package
MEDIUM CVE-2018-20677 Npm-bootstrap-3.3.6 Vulnerable Package
MEDIUM CVE-2019-8331 Npm-bootstrap-3.3.6 Vulnerable Package
MEDIUM Cxf0b588a3-5c6f Npm-jquery-2.2.4 Vulnerable Package
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118 Attack Vector
LOW Log_Forging /api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 137 Attack Vector
LOW Log_Forging /api/api-pastis/pastis-standalone/src/main/java/fr/gouv/vitamui/pastis/standalone/controller/PastisController.java: 178 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/ProfileExternalController.java: 190 Attack Vector

@GiooDev GiooDev added this to the IT 124 milestone Aug 28, 2023
@lgheribi lgheribi force-pushed the story_11656_signing_information_ontology_fix branch from 2f57fc7 to fa2db66 Compare August 30, 2023 12:22
@GiooDev GiooDev merged commit f8d8d39 into develop Aug 30, 2023
@GiooDev GiooDev deleted the story_11656_signing_information_ontology_fix branch August 30, 2023 16:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Regzox Regzox Regzox approved these changes

@bbenaissa bbenaissa bbenaissa approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
IT 124
Development

Successfully merging this pull request may close these issues.
5 participants
@lgheribi @TDevillechabrolle @bbenaissa @Regzox @GiooDev