Bug #26903: update webpack-bundle-analyzer - Foreman

Actions

Copy link

Bug #26903

closed

update webpack-bundle-analyzer

Added by Ohad Levy over 5 years ago. Updated over 5 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Ohad Levy

Category:

JavaScript stack

Target version:

Difficulty:

Triaged:

Bugzilla link:

Pull request:

https://github.com/theforeman/foreman/pull/6804

Fixed in Releases:

1.23.0

Found in Releases:

Red Hat JIRA:

Description

Versions of webpack-bundle-analyzer prior to 3.3.2 are vulnerable to Cross-Site Scripting. The package uses JSON.stringify() without properly escaping input which may lead to Cross-Site Scripting.

https://github.com/webpack-contrib/webpack-bundle-analyzer/issues/263

History
Notes
Property changes
Associated revisions

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Custom queries

Bug #26903

update webpack-bundle-analyzer

Updated by The Foreman Bot over 5 years ago

Updated by Tomer Brisker over 5 years ago

Updated by Ohad Levy over 5 years ago