Modify

Opened 5 years ago

Closed 5 years ago

Last modified 5 years ago

#19286 closed defect (fixed)

[PATCH] External entities are resolved when parsing tagging presets

Reported by: hiddewie Owned by: team
Priority: normal Milestone: 20.06
Component: Core Version:
Keywords: security external Cc:

Description

This problem can cause a security vulnerability if users use tagging presets from an untrusted source.

By having a preset installed that references an XML external entity, information from the local system may be disclosed. Also see https://owasp.org/www-community/vulnerabilities/XML_External_Entity_(XXE)_Processing and https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html.

Also added some tests for the other (safe) XML utility methods that already worked safely.

Attachments (1)

#19286_--_External_entities_security_vulnerability_(e_g__tagging_presets).patch (7.2 KB ) - added by hiddewie 5 years ago.

Download all attachments as: .zip

Change History (3)

by hiddewie, 5 years ago

Attachment: #19286_--_External_entities_security_vulnerability_(e_g__tagging_presets).patch added

comment:1 by simon04, 5 years ago

Resolution: fixed
Status: newclosed

In 16560/josm:

fix #19286 - External entities are resolved when parsing tagging presets (patch by hiddewie, modified)

comment:2 by simon04, 5 years ago

Keywords: security external added
Milestone: 20.06

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain team.
as The resolution will be set.
The resolution will be deleted. Next status will be 'reopened'.

Add Comment
E-mail address and name can be saved in the Preferences .
AttachmentsDescription
 
Note: See TracTickets for help on using tickets.