There is 1 open security issue in bullseye.
1 issue left for the package maintainer to handle:
- CVE-2021-23648:
(needs triaging)
The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl function.
You can find information about how to handle this issue in the security team's documentation.
1 issue that should be fixed with the next stable update:
- CVE-2021-43861:
Mermaid is a Javascript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. Prior to version 8.13.8, malicious diagrams can run javascript code at diagram readers' machines. Users should upgrade to version 8.13.8 to receive a patch. There are no known workarounds aside from upgrading.