Uploaded image for project: 'JOC - JobScheduler Operations Center'
  1. JOC - JobScheduler Operations Center
  2. JOC-1434

Update d3-color to 3.1.0 due to 3rd Party vulnerability SNYK-JS-D3COLOR-1076592

    XMLWordPrintable

Details

    • Fix
    • Status: Released (View Workflow)
    • Minor
    • Resolution: Fixed
    • 2.5.0
    • 2.5.1
    • None
    • None
    • SNYK-JS-D3COLOR-1076592

    Description

      Current Situation

      JS7 JOC Cockpit uses the d3-color 3rd-party packageĀ  which is affected by a vulnerability. No CVE ID is currently known, see https://security.snyk.io/vuln/SNYK-JS-D3COLOR-1076592.

      As the vulnerability depends on user input, we rate this being low, as no user input can change the usage dynamically.

      Desired Behavior

      JS7 JOC Cockpit should use the updated version 3.1.0 of d3-color which fixes the issue.

      Attachments

        Activity

          People

            ztsa0019 Sourabh Agrawal
            sp Santiago Aucejo Petzoldt
            Pratishtha Pandey Pratishtha Pandey
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: