Uploaded image for project: 'Talend Data Prep'
  1. Talend Data Prep
  2. TDP-10339

[onPrem] Fix frontend CVEs

Apply templateInsert Lucidchart Diagram
    XMLWordPrintable

Details

    • Work Item
    • Status: closed
    • Minor
    • Resolution: Done
    • None
    • 8.0.1
    • Frontend
    • All
    • DGA Sprint 11 (6/8 to 23/8), DGA Sprint 12 (27/8 to 13/9)
    • GreenHopper Ranking:
      0|i27ufv:
    • 9223372036854775807
    • Only on-premise
    • Small
    • 1

    Description

      https://10az.online.tableau.com/#/site/talendbi/views/SecurityDashboard_15849710937280/SLAOpenIssues?:iid=2
      Issues
      Issue ID Issue Type Severity Description Library Name & Version In Use
      77323183 Vulnerability 6.1 NO-CVE: Cross-site Scripting (XSS) ag-grid-community 24.1.0
      77323340 Vulnerability 5.3 NO-CVE: Regular Expression Denial Of Service (ReDoS) html-parse-stringify2 2.0.1
      77323347 Vulnerability 7.2 CVE-2021-23337: Command Injection lodash 4.17.20
      77323348 Vulnerability 5.3 CVE-2020-28500: Regular Expression Denial Of Service (ReDoS) lodash 4.17.20
      77323349 Vulnerability 6.5 NO-CVE: Prototype Pollution request 2.88.2
      77323350 Vulnerability 3.7 NO-CVE: Insecure Cipher request 2.88.2
      77323351 Vulnerability 7.5 CVE-2021-27292: Regular Expression Denial Of Service (ReDoS) ua-parser-js 0.7.23
      77323352 Vulnerability 5.3 NO-CVE: Regular Expression Denial Of Service (ReDoS) ua-parser-js 0.7.23
      77323353 Vulnerability 5.3 CVE-2021-32640 : Regular Expression Denial Of Service (ReDoS) ws 7.4.2
      77323354 Vulnerability 4.7 NO-CVE: Denial Of Service (DoS) ws 7.4.2

      Attachments

        Activity

          People

            Unassigned Unassigned
            gjouannic Gwendal Jouannic
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: