• Home
• io.codemodder
• codemodder-base
• 0.97.0
• source code
• report.json

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

generic-remediation-reports.jndi-injection.report.json Maven / Gradle / Ivy

{
  "summary" : "Introduced validation to prevent JNDI Injection",
  "change" : "Added validation to JNDI lookup calls",
  "reviewGuidanceIJustification" : "We believe this change is effective, and it will not break applications unless they are currently allowing users to specify arbitrary URLs that get passed to the lookup API.",
  "references" : ["https://www.veracode.com/blog/research/exploiting-jndi-injections-java", "https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE-wp.pdf"]
}