Open thaiscpaz opened 3 years ago
While running an application through a CI pipeline, a step that runs the dependency vulnerability check, raised the following issue:
Filename: swagger-ui-dist:3.38.0 | Highest CVSS Score: 6.1 | Amount of CVSS: 1 | References: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (6.1)
CWE-79 description
Run dependency-check cli vulnerability tool in any project that has swagger-ui-dist as dependency: $ dependency-check --scan <path to project>
$ dependency-check --scan <path to project>
No vulnerabilities reported.
Good to know:
Description
While running an application through a CI pipeline, a step that runs the dependency vulnerability check, raised the following issue:
CWE-79 description
To reproduce
Run dependency-check cli vulnerability tool in any project that has swagger-ui-dist as dependency:
$ dependency-check --scan <path to project>Expected behavior
No vulnerabilities reported.