You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When I run OWASP dependency check in Java project, the jsondoc-ui-webjar-1.2.22 dependency identified with known vulnerabilities:
jsondoc-ui-webjar-1.2.22.jar: bootstrap.min.js (pkg:javascript/[email protected]) : CVE-2018-14040, CVE-2018-14041, CVE-2018-14042, CVE-2019-8331
jsondoc-ui-webjar-1.2.22.jar: handlebars.min.js (pkg:javascript/[email protected]) : Disallow calling helperMissing and blockHelperMissing directly, Prototype pollution, Quoteless attributes in templates can lead to XSS
jsondoc-ui-webjar-1.2.22.jar: jquery.min.js (pkg:javascript/[email protected]) : CVE-2015-9251, CVE-2019-11358, Regex in its jQuery.htmlPrefilter sometimes may introduce XSS
I believe the jsondoc-ui-webjar-1.2.22 is the latest version. Is there a way around to mitigate the vulnerabilities?
The text was updated successfully, but these errors were encountered:
When I run OWASP dependency check in Java project, the jsondoc-ui-webjar-1.2.22 dependency identified with known vulnerabilities:
I believe the jsondoc-ui-webjar-1.2.22 is the latest version. Is there a way around to mitigate the vulnerabilities?
The text was updated successfully, but these errors were encountered: