Standards version of the package is outdated.
high
The package is severely out of date with respect to the Debian Policy.The package should be updated to follow the last version of Debian Policy
(Standards-Version 4.6.2 instead of
3.9.4).
This package has been
orphaned. This means that it does not have a real
maintainer at the moment. Please consider adopting this package
if you are interested in it. Please see bug number #863697 for more information.
Among the 1 debian patch
available in version 1.7.3-1 of the package,
we noticed the following issues:
1 patch
where the metadata indicates that the patch has not yet been forwarded
upstream. You should either forward the patch upstream or update the
metadata to document its real status.
1 issue left for the package maintainer to handle:
CVE-2020-27511:
(needs triaging)
An issue was discovered in the stripTags and unescapeHTML components in Prototype 1.7.3 where an attacker can cause a Regular Expression Denial of Service (ReDOS) through stripping crafted HTML tags.
![[bug history graph]](https://qa.debian.org/data/bts/graphs/p/prototypejs.png){kind=link}