Uploaded image for project: 'OpenNMS'
  1. OpenNMS
  2. NMS-10965

Prevent CME in OSGI service binding

    XMLWordPrintable

    Details

    • Type: Enhancement
    • Status: Resolved (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 24.0.0
    • Component/s: None
    • Security Level: Default (Default Security Scheme)
    • Labels:
      None
    • Sprint:
      Horizon - December 12th 2018, Horizon - December 19th 2018

      Description

      I noticed a few instances of OSGI service binding where we can be vulnerable to a CME due to either explicitly iterating a non-thread-safe collection or exposing a reference to a non-thread-safe collection that a client could then iterate.

        Attachments

          Activity

            People

            • Assignee:
              mbrooks Matthew Brooks
              Reporter:
              mbrooks Matthew Brooks
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: