[I] [Task]: Harden the pipeline and workflow XML parser (hop)

via GitHub Fri, 17 Oct 2025 19:38:45 -0700


mattcasters opened a new issue, #5804:
URL: https://github.com/apache/hop/issues/5804


   ### What needs to happen?
   
   For security reasons we should harden the Hop metadata XML parser here:
    
https://github.com/apache/hop/blob/ce9fb7cab1d6b4269cb23796b826760a1a75c7cc/core/src/main/java/org/apache/hop/core/xml/XmlParserFactoryProducer.java#L45
   
   To be more precise, we should disable DTD processing in this parser factory.
   
   
   ### Issue Priority
   
   Priority: 1
   
   ### Issue Component
   
   Component: API


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

[I] [Task]: Harden the pipeline and workflow XML parser (hop)

Reply via email to