[
https://issues.apache.org/jira/browse/HBASE-30005?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Dávid Paksy reassigned HBASE-30005:
-----------------------------------
Assignee: Dávid Paksy
> Fix 1 high (flatted), 1 moderate (ajv) CVE in website dependencies
> ------------------------------------------------------------------
>
> Key: HBASE-30005
> URL: https://issues.apache.org/jira/browse/HBASE-30005
> Project: HBase
> Issue Type: Task
> Components: dependencies, security
> Reporter: Dávid Paksy
> Assignee: Dávid Paksy
> Priority: Major
>
> npm audit report
>
> ajv <6.14.0
> Severity: moderate
> ajv has ReDoS when using `$data` option -
> https://github.com/advisories/GHSA-2g4f-4pwh-qvx6
> fix available via `npm audit fix`
> node_modules/ajv
>
> flatted <3.4.0
> Severity: high
> flatted vulnerable to unbounded recursion DoS in parse() revive phase -
> https://github.com/advisories/GHSA-25h7-pfq9-p65f
> fix available via `npm audit fix`
> node_modules/flatted
>
> 2 vulnerabilities (1 moderate, 1 high)
>
> To address all issues, run:
> npm audit fix
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
