Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Backport 4.0.x] [Fixes #10464] Fix code scanning alert - Uncontrolled data used in path expression #10468

Merged
merged 1 commit into from
Dec 22, 2022
Merged

[Backport 4.0.x] [Fixes #10464] Fix code scanning alert - Uncontrolled data used in path expression #10468

merged 1 commit into from
Dec 22, 2022

Conversation

github-actions[bot]
Copy link
Contributor

Backport 7730729 from #10465

@afabiani @github-actions
[Fixes #10464] Fix code scanning alert - Uncontrolled data used in pa…
cf9bad7 
…th expression (#10465)

* [Fixes #10462] GeoNode is vulnerable to an XML External Entity (XXE) injection

* [Fixes #10464] Fix code scanning alert - Uncontrolled data used in path expression
@cla-bot cla-bot bot added the cla-signed CLA Bot: community license agreement signed label Dec 22, 2022
@codecov
Copy link

codecov bot commented Dec 22, 2022

Codecov Report

Merging #10468 (cf9bad7) into 4.0.x (fefd6d8) will increase coverage by 1.29%.
The diff coverage is 94.28%.

Additional details and impacted files 
@@            Coverage Diff             @@
##            4.0.x   #10468      +/-   ##
==========================================
+ Coverage   60.65%   61.94%   +1.29%     
==========================================
  Files         827      827              
  Lines       50869    50902      +33     
  Branches     6549     6554       +5     
==========================================
+ Hits        30853    31530     +677     
+ Misses      18339    17689     -650     
- Partials     1677     1683       +6

@afabiani afabiani merged commit dd1cac4 into 4.0.x Dec 22, 2022
@afabiani afabiani deleted the backport-10465-to-4.0.x branch December 22, 2022 13:57
alaeddine-farhat pushed a commit to alaeddine-farhat/geonode that referenced this pull request Jun 7, 2023
@github-actions @afabiani @alaeddine-farhat
[Fixes GeoNode#10464] Fix code scanning alert - Uncontrolled data use…
f543417 
…d in path expression (GeoNode#10465) (GeoNode#10468)

* [Fixes GeoNode#10462] GeoNode is vulnerable to an XML External Entity (XXE) injection

* [Fixes GeoNode#10464] Fix code scanning alert - Uncontrolled data used in path expression

Co-authored-by: Alessio Fabiani <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@afabiani afabiani afabiani approved these changes

Assignees
No one assigned
Labels
cla-signed CLA Bot: community license agreement signed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@afabiani