[WEBUI-1561] Check if WebUI is affected by CVE-2024-38526 - polyfill.io library usage - Nuxeo Issue Tracker

XML

Word

Printable

Details

Type: Task
Status: Resolved
Priority: Major
Resolution: Done
Affects Version/s: 3.0.0, 3.1.0
Fix Version/s: None
Component/s: Web UI

Tags:
- SupCom
- nxUI
- security
Backlog priority:
1,000

Description

Is WebUI affected by CVE-2024-38526?

If yes, please fix the vulnerability for Nuxeo WebUI.

AC

Check if WebUI / elements is loading content from domain cdn[.]polyfill[.]io
Report back on the result in a comment of this ticket
If any project is affected, create the corresponding tickets for the fix

Attachments

Activity

People

Assignee:

Madhur Kulshrestha

Reporter:

Thierry Martins

Participants:

Madhur Kulshrestha, Thierry Martins

Votes:

0 Vote for this issue

Watchers:

2 Start watching this issue

Dates

Created:

2024-07-08 13:53

Updated:

2024-07-09 09:52

Resolved:

2024-07-09 09:52