WS-2014-0012 (Medium) detected in sanitize-html-1.4.2.tgz - autoclosed #8
Labels
Mend: dependency security vulnerability
Security vulnerability detected by WhiteSource
Comments
mend-bolt-for-github
bot
added
the
Mend: dependency security vulnerability
mend-bolt-for-github
bot
changed the title
|
✔️ This issue was automatically closed by WhiteSource because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the WhiteSource inventory. |
|
This thread has been automatically locked because it has not had recent activity after it was closed. 🔒 Please open a new issue for regressions or related bugs. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
WS-2014-0012 - Medium Severity Vulnerability
Clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis
Library home page: https://registry.npmjs.org/sanitize-html/-/sanitize-html-1.4.2.tgz
Path to dependency file: /tmp/ws-scm/juice-shop/package.json
Path to vulnerable library: /juice-shop/node_modules/sanitize-html/package.json
Dependency Hierarchy:
Found in HEAD commit: 77ff18d7d50a1115dce65ed2ad6dd63af8059b63
Sanitization not applied recursively
Publish Date: 2014-10-14
URL: WS-2014-0012
Base Score Metrics not available
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: