Uploaded image for project: 'Nuxeo Web UI'
  1. Nuxeo Web UI
  2. WEBUI-1523

[MARKED] SRCCLR-SID-6274 | Unknown

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: In Review
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Web UI

      Description

      SRCCLR-SID-6274 | Unknown

      Severity : Medium

      marked is vulnerable to regular expression denial of service (ReDoS) attacks. A malicious user can pass a string that when parsed can cause a ReDoS.

      Module : marked

      nuxeo-web-ui.zip#zip:node_modules:marked

      Current Version : 0.3.19

      Recommended version to upgrade : 12.0.2 ( Latest )

        Attachments

        1. image-2024-05-15-16-23-26-403.png
          93 kB
          Madhur Kulshrestha
        2. Screenshot from 2024-09-09 10-43-36.png
          60 kB
          rakesh.kumarsingh@contractors.onbase.com

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 1 day, 1 hour
                  1d 1h