request #47682 dompurify 3.4.1 -> 3.4.10

Infos

Artifact ID#47682

Submitted byKevin Traini (ktraini)

Last Modified On2026-06-16 15:52

Submitted on2026-06-16 14:37

Rank49423

Details

Summary *

dompurify 3.4.1 -> 3.4.10

Original Submission

Fixes:

GHSA-x4vx-rjvf-j5p4
GHSA-vxr8-fq34-vvx9
CVE-2026-49978
CVE-2026-49459
CVE-2026-49458
GHSA-gvmj-g25r-r7wr
GHSA-76mc-f452-cxcm

No impact for Tuleap. We do not use IN_PLACE option.

Release notes:

CategoryDependencies

Reported in versionEmpty

PlatformEmpty

Is an Enhancement or an internal improvement?

[ ] enhancement
[ ] internal improvement

CC listEmpty

Stage

Assigned toKevin Traini (ktraini)

StatusClosed

Close date2026-06-16

Attachments

AttachmentsEmpty

References

Cross references

Show items referenced by request #47682

Referenced by request #47682

Artifact

rel #47138 17.6

Other

gerrit #38092

Follow-ups

Thomas Gerbet (tgerbet)

2026-06-16 15:52

Connected artifacts
- Added Fixed in: rel #47138

Tracker Workflow Manager (forge__tracker_workflow_manager)

2026-06-16 15:51

Closed by @ktraini with git #tuleap/tuleap/bcd9846defe00c892b41ac7bde8f42d1196a23c7.

Status changed from Under review to Closed
Close date set to 2026-06-16

Kevin Traini (ktraini)

2026-06-16 14:39

See gerrit #38092

Status changed from Under implementation to Under review

Public

Referenced by request #47682

Artifact

Other

Follow-ups