You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Iq recommandation : There is no non-vulnerable upgrade path for this component/package. We recommend investigating alternative components or a potential mitigating control.
My question is :
Is there a next version of compodoc planned without the lib zepto
Thanks
The text was updated successfully, but these errors were encountered:
Hi,
My problem
Compodoc 1.1.23 pulls the lib zepto which is vulnerable to Cross-Site Scripting (XSS) attacks.
My company's IQ server reports the vulnerability and blocks my deployments
Sonatype
Ref : sonatype-2020-1437
Advisories link :https://securitylab.github.com/advisories/GHSL-2020-098-mxss-zepto
Iq recommandation : There is no non-vulnerable upgrade path for this component/package. We recommend investigating alternative components or a potential mitigating control.
My question is :
Is there a next version of compodoc planned without the lib zepto
Thanks
The text was updated successfully, but these errors were encountered: