Closed fecjjeng closed 3 months ago
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 77.84%. Comparing base (
f3107e7
) to head (4afc22b
).
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
This PR was automatically created by Snyk using the credentials of a real user.
![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)
Snyk has created this PR to upgrade dompurify from 2.2.7 to 2.5.4.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.- The recommended version is **30 versions** ahead of your current version. - The recommended version was released on **22 days ago**. #### Issues fixed by the recommended upgrade: | | Issue | Score | Exploit Maturity | :-------------------------:|:-------------------------|:-------------------------|:------------------------- ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png 'medium severity') | Template Injection
[SNYK-JS-DOMPURIFY-6474511](https://snyk.io/vuln/SNYK-JS-DOMPURIFY-6474511) | **586** | Proof of Concept
Release notes
Package name: dompurify
isNaN
checks affecting MSIE, thanks @ tulachNote that this is a security release and should be upgraded to immediately. Please also note that further releases may follow as the underlying vulnerability is apparently new and further variations may be discovered.