[JOC-1028] Update use of serialize-javascript to 3.1.0 or newer due to 3rd party vulnerability issue (CVE-2020-7660) - SOS JIRA

XML

Word

Printable

Details

Type: Fix
Status: Released (View Workflow)
Priority: Minor
Resolution: Fixed
Affects Version/s: 2.0.0
Fix Version/s: 2.0.0
Component/s: JOC Cockpit GUI
Labels:
None

CVE-ID:
CVE-2020-7660

Description

Vulnerability

Currently JOC Cockpit has a reference to serialize-javascript < 3.1.0 through a 3rd party dependency.
A vulnerability affects this version, see https://nvd.nist.gov/vuln/detail/CVE-2020-7660
Severity Level:

Attachments

Activity

People

Assignee:: Sourabh Agrawal

Reporter:: Santiago Aucejo Petzoldt

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 06 October 2020 12:33

Updated:: 22 September 2021 17:34

Resolved:: 07 October 2020 07:10