Skip to main content

Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

    •  
      request #31574 Ignore vulnerability in a transitive dep of angular-gettext-cli/angular-gettext-loader
    Actions
    Infos
    #31574
    Thomas Gerbet (tgerbet)
    2023-04-17 14:38
    2023-04-17 12:06
    33161
    Details
    Ignore vulnerability in a transitive dep of angular-gettext-cli/angular-gettext-loader

    CVE-2021-3803 is reported due to the usage of nth-check in the dependency trees of the Angular gettext dev/build tooling. The ReDoS issue cannot really be triggered and we have no easy way to fix it.

    Dev tools
    Empty
    Empty
    • [ ] enhancement
    • [ ] internal improvement
    Empty
    Stage
    Thomas Gerbet (tgerbet)
    Closed
    2023-04-17
    Attachments
    Artifact links

    Releases

    Fixed in

    Artifact ID Project Tracker Summary Status Last Update Date Submitted By Assigned to
    rel #30365 Tuleap Releases 14.8 Delivered 2023-27-04 16:40 Manuel Vacelet (vaceletm)
    Empty
    References
    Referencing request #31574

    Git commit

    tuleap/tuleap/stable

    Closes request #31574: Ignore vulnerability in a transitive dep of angular-gettext-cli/angular-gettext-loader 95d7fc7d65
    User avatar Thomas Gerbet (tgerbet) , 2023-04-17 12:06
    Merge commit 'refs/changes/86/28386/1' of ssh://gerrit.tuleap.net:29418/tuleap into HEAD ff91d3e3f4
    User avatar Marie Ange Garnier (marieange) , 2023-04-17 14:37
    Display settings

    Follow-ups