franbueno
commented
2 years ago Still happening for 19.1.0
To reproduce:
https://app.snyk.io/test/npm/@swimlane/ngx-charts/19.1.0?tab=issues
Open internalsystemerror opened 3 years ago
franbueno
commented
2 years ago Still happening for 19.1.0
To reproduce:
https://app.snyk.io/test/npm/@swimlane/ngx-charts/19.1.0?tab=issues
AnwarHemdene
commented
2 years ago Same problem with v19.1.0, error : Regular Expression Denial of Service (ReDoS) in d3-color@2.0.0 introduced by @swimlane/ngx-charts@19.1.0 > d3-color@2.0.0 and 7 other path(s)
SimonasMuleviciusIBM
commented
2 years ago @internalsystemerror @franbueno @AnwarHemdene Any updates on this issue?
AnwarHemdene
commented
2 years ago @SimonasMuleviciusIBM the solution for me was to update snyk severity level to high
dqjauthentrics
commented
1 year ago @SimonasMuleviciusIBM the solution for me was to update snyk severity level to high
Thank you, but I didn't understand what you meant. Is there a way to include the latest ngx-charts without vulnerability to this error?
Describe the bug Snyk is reporting this package to contain a ReDoS vulnerability via the D3 package.
To Reproduce https://app.snyk.io/test/npm/@swimlane/ngx-charts/18.0.1?tab=issues
Expected behavior No vulnerabilities.
ngx-charts version Only tested 18.0.1.
Additional context This appears to be fixed in the latest D3 packages.