chore(deps): update dependency striptags to v3.2.0 [security] #316
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
2 times, most recently
from
a89223f to
ae0fd28
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
from
ae0fd28 to
93b7946
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
3 times, most recently
from
8c77c85 to
d63de54
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
from
d63de54 to
87b465e
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
3 times, most recently
from
2bf15dc to
32f7ee6
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
3 times, most recently
from
69c0c13 to
f6c4225
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
3 times, most recently
from
809c180 to
0808990
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
from
0808990 to
94f7a43
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
2 times, most recently
from
f0640c1 to
67a6c03
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
3 times, most recently
from
1420825 to
db45348
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
3 times, most recently
from
c31dd40 to
5761dcc
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
2 times, most recently
from
3ff9c94 to
80bfdc9
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
2 times, most recently
from
0bb2f99 to
399a21b
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
from
399a21b to
9bd4c3d
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
2 times, most recently
from
ec9479f to
5a7ff19
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
from
5a7ff19 to
d39a726
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
from
d39a726 to
d60afa6
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
3 times, most recently
from
a690a8a to
4a111ff
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
from
4a111ff to
a67958c
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
3 times, most recently
from
7be6145 to
d79cb20
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
5 times, most recently
from
e022a1f to
68045da
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
from
68045da to
18b2053
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
2 times, most recently
from
203d1c8 to
ce3f94f
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
2 times, most recently
from
81362b7 to
f42250f
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
2 times, most recently
from
1681ae7 to
a91ed34
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
from
a91ed34 to
9962a5a
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
from
9962a5a to
c0ff9eb
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
from
c0ff9eb to
fd92f2b
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
from
fd92f2b to
9b73fc4
Compare
renovate
bot
force-pushed
the
renovate/npm-striptags-vulnerability
branch
from
9b73fc4 to
d3b2fc5
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
3.1.1→3.2.0GitHub Vulnerability Alerts
CVE-2021-32696
A type-confusion vulnerability can cause
striptagsto concatenate unsanitized strings when an array-like object is passed in as thehtmlparameter. This can be abused by an attacker who can control the shape of their input, e.g. if query parameters are passed directly into the function.Impact
XSS
Patches
3.2.0Workarounds
Ensure that the
htmlparameter is a string before calling the function.Release Notes
ericnorris/striptags (striptags)
v3.2.0Compare Source
This release fixes a potential type confusion vulnerability when passing in a non-string argument to the function.
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.