DOMPurify vulnerabilities | ww.wp.xz.cn

Resolved anugrahjaya1
(@anugrahjaya1)

1 year, 4 months ago

Hi, is there any plan to update DOMPurify version? because on the latest version of svg support the DOMPurify still using version 2.3.8

References:
– https://github.com/advisories/GHSA-p3vf-v8qc-cwcr
– https://github.com/cure53/DOMPurify/security/advisories/GHSA-p3vf-v8qc-cwcr
– https://nvd.nist.gov/vuln/detail/CVE-2024-48910
– https://github.com/cure53/DOMPurify/commit/d1dd0374caef2b4c56c3bd09fe1988c3479166dc

Thanks

Viewing 1 replies (of 1 total)

Plugin Author Benbodhi
(@benbodhi)

1 year, 3 months ago

DOMPurify has been updated to 2.5.8 in SVG Support 2.5.9

Viewing 1 replies (of 1 total)

The topic ‘DOMPurify vulnerabilities’ is closed to new replies.

1 reply
2 participants
Last reply from: Benbodhi
Last activity: 1 year, 3 months ago
Status: resolved