Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-53490

org.apache.commons.collections.map.HashedMap rejected due to JEP-200

    Details

    • Similar Issues:

      Description

      After upgrading from 2.89 to 2.121.2.1:

      2018-09-09 23:25:30.792+0000 [id=43]	WARNING	jenkins.security.ClassFilterImpl#notifyRejected: org.apache.commons.collections.map.HashedMap in file:/apps/cache/ejen/war/WEB-INF/lib/commons-collections-3.2.2.jar might be dangerous, so rejecting; see https://jenkins.io/redirect/class-filter/
      

      No further stack trace though

      Oleg Nenashev guessed it could be triggered in this case by https://github.com/jenkinsci/artifactory-plugin/blob/master/src/main/java/org/jfrog/hudson/pipeline/steps/MavenDescriptorStep.java#L33 as that is the only code under the jenkinsci GitHub space that might be at risk. But that is just speculation.

        Attachments

          Activity

          There are no comments yet on this issue.

            People

            • Assignee:
              eyalbe Eyal Ben Moshe
              Reporter:
              owenmehegan Owen Mehegan
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: