Bug #94583
closed
Upgrade packages chart.js, codemirror, ckeditor4
100%
Description
Upgrade JavaScript packages chart.js, codemirror and ckeditor4 addressing known and disclosed vulnerabilities.
- chart.js: Prototype Pollution
https://app.snyk.io/vuln/SNYK-JS-CHARTJS-1018716 - codemirror: Regular Expression DoS (ReDoS)
https://app.snyk.io/vuln/SNYK-JS-CODEMIRROR-1016937 - ckeditor4: Cross-Site Scripting
https://app.snyk.io/vuln/SNYK-JS-CKEDITOR4-1303090
Updated by Gerrit Code Review over 3 years ago
- Status changed from New to Under Review
Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/69956
Updated by Gerrit Code Review over 3 years ago
Patch set 1 for branch 10.4 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/69957
Updated by Gerrit Code Review over 3 years ago
Patch set 1 for branch 9.5 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/69958
Updated by Gerrit Code Review over 3 years ago
Patch set 1 for branch 11.3 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/69963
Updated by Oliver Hader over 3 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset 048d29576fdf5cda9c06fd492c510fa1aa215153.
Updated by