Uploaded image for project: 'JOC - JS7 Operations Center'
  1. JOC - JS7 Operations Center
  2. JOC-2120

Upgrade @babel/runtime to 7.28.4 due to 3rd party vulnerability CVE-2025-27789

    XMLWordPrintable

Details

    • Fix
    • Status: Released (View Workflow)
    • Minor
    • Resolution: Fixed
    • 2.7.5
    • 2.5.12, 2.7.6
    • None
    • None
    • CVE-2025-27789

    Description

      Current Stuation

      Currently JS7 JOC-Cockpit ships with @babel/runtime 7.25.0 which is affected by CVE-2025-27789.

      We rate the impact to our software asĀ low as there is no direct impact to our software as we do not expose @babel/runtime functionality to end users.

      Desired Behavior

      JS7 should use @babel/runtime version 7.28.4 which solves the issue.

      Attachments

        Activity

          People

            ZtRahul193 Rahul Patidar
            sp Santiago Aucejo Petzoldt
            Ajay Kumbhkar Ajay Kumbhkar
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: