New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

There is a vulnerability in highlight.js 9.18.1,upgrade recommended #156

Open

QiAnXinCodeSafe opened this issue Jan 22, 2021 · 0 comments

QiAnXinCodeSafe commented Jan 22, 2021

echarts-doc/package-lock.json

Lines 4410 to 4413 in 47f5c06

    
           "highlight.js": { 
        
             "version": "9.18.1", 
        
             "resolved": "https://registry.npmjs.org/highlight.js/-/highlight.js-9.18.1.tgz", 
        
             "integrity": "sha512-OrVKYz70LHsnCgmbXctv/bfuvntIKDz177h0Co37DQ5jamGZLVmoCVMtjMtNZY3X9DrCcKfklHPNeA0uPZhSJg=="

Recommended upgrade version：9.18.2

# for free to join this conversation on GitHub. Already have an account? # to comment