search

syncfusion / ej2-javascript-ui-controls

Syncfusion JavaScript UI controls library offer more than 50+ cross-browser, responsive, and lightweight HTML5 UI controls for building modern web applications.
https://www.syncfusion.com/javascript-ui-controls
Other
401 stars 160 forks source link

unset-value 1.0 has a high security vulnerability, fixed in 2.0.1 #175

Closed 24601 closed 7 months ago

24601 commented 8 months ago

Please update ASAP, this breaks compliance certification for us (we are a paying customer)

Snyk scan result:

Screenshot 2024-02-07 at 01 38 22

kmkrish001 commented 8 months ago

Hi @24601

We are working on this issue, we will update once the issue was resolved.

Regards, Muthukrishnan K

Mohamed7Imran commented 8 months ago

Hi 24601,

We have thoroughly validated the reported issue from our end, and we're pleased to inform you that we have taken the necessary steps to address the security vulnerability introduced in the react-filemanager package. The unset package has been eliminated from our filemanager component, ensuring that our package no longer references this third-party package. Additionally, we have undergone testing on our side to ensure that this package is no longer referred to. I have attached necessary images for your reference.

Package.json: image

Package.lock.json: image

node_modules: image

If you have any further questions or need additional assistance, please feel free to reach out to us at any time. We're here to help.

Regards, Mohamed Imran T

gsumankumar commented 7 months ago

Since there has been no activity on this issue for over a week, we are closing it as part of our routine maintenance. If the previously shared solution doesn't resolve the problem or if you have additional information to assist us, please feel free to reopen the issue. We appreciate your understanding.