search

geotiffjs / geotiff.js

geotiff.js is a small library to parse TIFF files for visualization or analysis. It is written in pure JavaScript, and is usable in both the browser and node.js applications.
https://geotiffjs.github.io/
MIT License
861 stars 181 forks source link

ReDos vulnerability #240

Closed pelord closed 2 years ago

pelord commented 2 years ago

Our app is now based on ol@6.7.0, and thus, based on geotiff, and I get an vulnerability from Snyk mentionning a Medium severity alert

image

Does some body has the same alert/warning?

constantinius commented 2 years ago

The issue was addressed in #238 and #239

I will make a release so that in OL this will not show up again.

constantinius commented 2 years ago

Okay, version v1.0.6 is released, fixing this issue.