Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CP V7.1 - bugs #11801 fix(standalone): add no auth module #1885

Merged
merged 1 commit into from
May 31, 2024
Merged

CP V7.1 - bugs #11801 fix(standalone): add no auth module #1885

merged 1 commit into from
May 31, 2024

Conversation

Regzox
Copy link
Contributor

@Regzox Regzox commented May 30, 2024
edited
Loading

Rend pastis standalone fonctionnel.

@Regzox Regzox requested a review from GiooDev May 30, 2024 12:28
@Regzox Regzox self-assigned this May 30, 2024
@Regzox Regzox added the Cherry-Pick a cherry pick label May 30, 2024
@Regzox Regzox added this to the IT 136 milestone May 30, 2024
@Regzox Regzox changed the base branch from develop to master_7.1.x May 30, 2024 12:28
@Regzox Regzox changed the title CP - 7.1.x - 11801 CP - 7.1.x - bug #11801 May 30, 2024
@GiooDev GiooDev changed the title CP - 7.1.x - bug #11801 CP V7.1 - bugs #11801 fix(standalone): add no auth module May 30, 2024
@vitam-devops
Copy link
Collaborator

Logo
Checkmarx One – Scan Summary & Details63b5e1e7-87c2-45c4-a01d-09059c683528

New Issues

Severity Issue Source File / Package Checkmarx Insight
HIGH CVE-2019-15599 Npm-tree-kill-1.2.1 Vulnerable Package
HIGH CVE-2020-28502 Npm-xmlhttprequest-ssl-1.5.5 Vulnerable Package
HIGH CVE-2020-36048 Npm-engine.io-3.2.1 Vulnerable Package
HIGH CVE-2020-36049 Npm-socket.io-parser-3.2.0 Vulnerable Package
HIGH CVE-2020-7660 Npm-serialize-javascript-1.9.1 Vulnerable Package
HIGH CVE-2020-7788 Npm-ini-1.3.5 Vulnerable Package
HIGH CVE-2021-31597 Npm-xmlhttprequest-ssl-1.5.5 Vulnerable Package
HIGH CVE-2022-2421 Npm-socket.io-parser-3.2.0 Vulnerable Package
HIGH Passwords And Secrets - Generic Password /vitamui_vars.yml: [238](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//deployment/environments/group_vars/all/vitamui_vars.yml# L238) Query to find passwords and secrets in infrastructure code.
MEDIUM Absolute_Path_Traversal /ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/ProfileController.java: [254](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/ProfileController.java# L254) Attack Vector
MEDIUM Absolute_Path_Traversal /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/RuleController.java: [225](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/RuleController.java# L225) Attack Vector
MEDIUM Absolute_Path_Traversal /ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/RuleController.java: [218](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/RuleController.java# L218) Attack Vector
MEDIUM Absolute_Path_Traversal /ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/ArchivalProfileUnitController.java: [217](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/ArchivalProfileUnitController.java# L217) Attack Vector
MEDIUM Absolute_Path_Traversal /ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/PastisController.java: [98](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/PastisController.java# L98) Attack Vector
MEDIUM Absolute_Path_Traversal /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/FileFormatController.java: [256](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/FileFormatController.java# L256) Attack Vector
MEDIUM Absolute_Path_Traversal /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/AgencyController.java: [224](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/AgencyController.java# L224) Attack Vector
MEDIUM Absolute_Path_Traversal /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/OntologyController.java: [223](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/OntologyController.java# L223) Attack Vector
MEDIUM Absolute_Path_Traversal /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/AgencyController.java: [224](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/AgencyController.java# L224) Attack Vector
MEDIUM Absolute_Path_Traversal /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/FileFormatController.java: [256](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/FileFormatController.java# L256) Attack Vector
MEDIUM Absolute_Path_Traversal /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/OntologyController.java: [223](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/OntologyController.java# L223) Attack Vector
MEDIUM Absolute_Path_Traversal /ui/ui-ingest/src/main/java/fr/gouv/vitamui/ingest/rest/IngestController.java: [154](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-ingest/src/main/java/fr/gouv/vitamui/ingest/rest/IngestController.java# L154) Attack Vector
MEDIUM CVE-2019-16769 Npm-serialize-javascript-1.9.1 Vulnerable Package
MEDIUM CVE-2020-15366 Npm-ajv-6.10.0 Vulnerable Package
MEDIUM CVE-2020-15366 Npm-ajv-5.5.2 Vulnerable Package
MEDIUM CVE-2020-28481 Npm-socket.io-2.1.1 Vulnerable Package
MEDIUM CVE-2020-7693 Npm-sockjs-0.3.19 Vulnerable Package
MEDIUM CVE-2021-23364 Npm-browserslist-4.5.5 Vulnerable Package
MEDIUM CVE-2022-21704 Npm-log4js-4.5.1 Vulnerable Package
MEDIUM CVE-2022-41940 Npm-engine.io-3.2.1 Vulnerable Package
MEDIUM HttpOnlyCookies /ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/security/CookieClearingLogoutHandler.java: [67](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/security/CookieClearingLogoutHandler.java# L67) Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-external-client/src/main/java/fr/gouv/vitamui/iam/external/client/ExternalParametersExternalRestClient.java: [91](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//api/api-iam/iam-external-client/src/main/java/fr/gouv/vitamui/iam/external/client/ExternalParametersExternalRestClient.java# L91) Attack Vector
MEDIUM SSRF /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/service/ProviderService.java: [168](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/service/ProviderService.java# L168) Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: [157](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java# L157) Attack Vector
MEDIUM SSRF /commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java: [156](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//commons/commons-rest/src/main/java/fr/gouv/vitamui/commons/rest/client/ExternalHttpContext.java# L156) Attack Vector
MEDIUM SSRF /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/ProviderController.java: [155](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/ProviderController.java# L155) Attack Vector
MEDIUM SSRF /ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/ProfileController.java: [200](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/ProfileController.java# L200) Attack Vector
MEDIUM SSRF /ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/SchemaController.java: [71](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/SchemaController.java# L71) Attack Vector
MEDIUM SSRF /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: [375](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java# L375) Attack Vector
MEDIUM SSRF /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: [362](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java# L362) Attack Vector
MEDIUM SSRF /ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/RuleController.java: [191](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/RuleController.java# L191) Attack Vector
MEDIUM SSRF /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/ManagementContractController.java: [180](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/ManagementContractController.java# L180) Attack Vector
MEDIUM SSRF /ui/ui-ingest/src/main/java/fr/gouv/vitamui/ingest/rest/IngestController.java: [153](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-ingest/src/main/java/fr/gouv/vitamui/ingest/rest/IngestController.java# L153) Attack Vector
MEDIUM SSRF /ui/ui-ingest/src/main/java/fr/gouv/vitamui/ingest/rest/IngestController.java: [152](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-ingest/src/main/java/fr/gouv/vitamui/ingest/rest/IngestController.java# L152) Attack Vector
MEDIUM SSRF /ui/ui-ingest/src/main/java/fr/gouv/vitamui/ingest/rest/IngestController.java: [154](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-ingest/src/main/java/fr/gouv/vitamui/ingest/rest/IngestController.java# L154) Attack Vector
MEDIUM SSRF /ui/ui-ingest/src/main/java/fr/gouv/vitamui/ingest/rest/IngestController.java: [155](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-ingest/src/main/java/fr/gouv/vitamui/ingest/rest/IngestController.java# L155) Attack Vector
MEDIUM SSRF /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: [330](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java# L330) Attack Vector
MEDIUM SSRF /ui/ui-collect/src/main/java/fr/gouv/vitamui/collect/rest/TransactionController.java: [238](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-collect/src/main/java/fr/gouv/vitamui/collect/rest/TransactionController.java# L238) Attack Vector
MEDIUM SSRF /ui/ui-collect/src/main/java/fr/gouv/vitamui/collect/rest/ProjectController.java: [159](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-collect/src/main/java/fr/gouv/vitamui/collect/rest/ProjectController.java# L159) Attack Vector
MEDIUM SSRF /ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/ArchivalProfileUnitController.java: [231](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/ArchivalProfileUnitController.java# L231) Attack Vector
MEDIUM SSRF /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/ManagementContractController.java: [155](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/ManagementContractController.java# L155) Attack Vector
MEDIUM SSRF /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/AccessionRegisterController.java: [131](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/AccessionRegisterController.java# L131) Attack Vector
MEDIUM SSRF /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/LogbookManagementOperationController.java: [112](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/LogbookManagementOperationController.java# L112) Attack Vector
MEDIUM SSRF /ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/AccessContractController.java: [79](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/AccessContractController.java# L79) Attack Vector
MEDIUM SSRF /ui/ui-collect/src/main/java/fr/gouv/vitamui/collect/rest/ProjectObjectGroupController.java: [85](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-collect/src/main/java/fr/gouv/vitamui/collect/rest/ProjectObjectGroupController.java# L85) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-ingest/src/main/java/fr/gouv/vitamui/ingest/rest/IngestController.java: [97](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-ingest/src/main/java/fr/gouv/vitamui/ingest/rest/IngestController.java# L97) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/ProviderController.java: [234](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/ProviderController.java# L234) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/ProviderController.java: [210](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/ProviderController.java# L210) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/ProfileController.java: [160](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/ProfileController.java# L160) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/UserController.java: [152](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/UserController.java# L152) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/LogbookController.java: [152](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/LogbookController.java# L152) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/CustomerController.java: [140](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/CustomerController.java# L140) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/GroupController.java: [127](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/GroupController.java# L127) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-ingest/src/main/java/fr/gouv/vitamui/ingest/rest/IngestController.java: [99](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-ingest/src/main/java/fr/gouv/vitamui/ingest/rest/IngestController.java# L99) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/CustomerController.java: [167](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/CustomerController.java# L167) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/ExternalParamProfileController.java: [163](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/ExternalParamProfileController.java# L163) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/TenantController.java: [153](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/TenantController.java# L153) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/GroupController.java: [149](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/GroupController.java# L149) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/OwnerController.java: [130](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/OwnerController.java# L130) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/ProfileController.java: [118](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/ProfileController.java# L118) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-collect/src/main/java/fr/gouv/vitamui/collect/rest/TransactionController.java: [275](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-collect/src/main/java/fr/gouv/vitamui/collect/rest/TransactionController.java# L275) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/ProfileController.java: [268](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/ProfileController.java# L268) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/ProfileController.java: [234](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/ProfileController.java# L234) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/ProfileController.java: [218](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/ProfileController.java# L218) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/FileFormatController.java: [201](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/FileFormatController.java# L201) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-collect/src/main/java/fr/gouv/vitamui/collect/rest/ProjectController.java: [197](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-collect/src/main/java/fr/gouv/vitamui/collect/rest/ProjectController.java# L197) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/ArchivalProfileUnitController.java: [196](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/ArchivalProfileUnitController.java# L196) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/ProviderController.java: [194](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/ProviderController.java# L194) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/FileFormatController.java: [189](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/FileFormatController.java# L189) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-collect/src/main/java/fr/gouv/vitamui/collect/rest/ProjectController.java: [185](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-collect/src/main/java/fr/gouv/vitamui/collect/rest/ProjectController.java# L185) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/ArchivalProfileUnitController.java: [179](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/ArchivalProfileUnitController.java# L179) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/RuleController.java: [177](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/RuleController.java# L177) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/SecurityProfileController.java: [176](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/SecurityProfileController.java# L176) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/RuleController.java: [176](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/RuleController.java# L176) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-collect/src/main/java/fr/gouv/vitamui/collect/rest/TransactionController.java: [171](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-collect/src/main/java/fr/gouv/vitamui/collect/rest/TransactionController.java# L171) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/OntologyController.java: [169](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/OntologyController.java# L169) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/OperationController.java: [169](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/OperationController.java# L169) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/AgencyController.java: [169](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/AgencyController.java# L169) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/ManagementContractController.java: [166](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/ManagementContractController.java# L166) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/RuleController.java: [165](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/RuleController.java# L165) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/SecurityProfileController.java: [164](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/SecurityProfileController.java# L164) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/RuleController.java: [164](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/RuleController.java# L164) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/IngestContractController.java: [164](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/IngestContractController.java# L164) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/AccessContractController.java: [163](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/AccessContractController.java# L163) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/ContextController.java: [160](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/ContextController.java# L160) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/OntologyController.java: [157](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/OntologyController.java# L157) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/AgencyController.java: [157](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/AgencyController.java# L157) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/RuleController.java: [153](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/RuleController.java# L153) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/RuleController.java: [152](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/RuleController.java# L152) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/AccessContractController.java: [151](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/AccessContractController.java# L151) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/ContextController.java: [148](https://github.com/ProgrammeVitam/vitam-ui/blob/cp_7.1.x_11801//ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/ContextController.java# L148) Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition

More results are available on AST platform

@Regzox Regzox merged commit 6e94d43 into master_7.1.x May 31, 2024
1 check passed
@Regzox Regzox deleted the cp_7.1.x_11801 branch May 31, 2024 08:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@GiooDev GiooDev GiooDev approved these changes

@ebernard ebernard ebernard approved these changes

Assignees

@Regzox Regzox

Labels
Cherry-Pick a cherry pick
Projects
None yet
Milestone
IT 136
Development

Successfully merging this pull request may close these issues.
4 participants
@Regzox @vitam-devops @ebernard @GiooDev