search

jsreport / jsreport-core

The minimalist jsreport rendering core
GNU Lesser General Public License v3.0
85 stars 24 forks source link

Found vulnerabilities #37

Closed jagdeep-anetcorp closed 6 years ago

jagdeep-anetcorp commented 6 years ago 
                  === npm audit security report ===

                             Manual Review
         Some vulnerabilities require your attention to resolve

      Visit https://go.npm.me/audit-guide for additional guidance

High Regular Expression Denial of Service

Package string

Patched in No patch available

Dependency of jsreport

Path jsreport > jsreport-core > script-manager > string

More info https://nodesecurity.io/advisories/536

pofider commented 6 years ago

https://github.com/jsreport/jsreport/issues/354#issuecomment-377030562