Matt Gilman created NIFI-15852:
----------------------------------
Summary: Upgrade nifi-frontend dependencies for dependabot alerts
Key: NIFI-15852
URL: https://issues.apache.org/jira/browse/NIFI-15852
Project: Apache NiFi
Issue Type: Task
Components: Core UI
Reporter: Matt Gilman
Assignee: Matt Gilman
# npm audit report
dompurify <=3.3.3
Severity: moderate
DOMPurify's ADD_TAGS function form bypasses FORBID_TAGS due to short-circuit
evaluation - https://github.com/advisories/GHSA-39q2-94rc-95cp
fix available via `npm audit fix`
node_modules/dompurify
follow-redirects <=1.15.11
Severity: moderate
follow-redirects leaks Custom Authentication Headers to Cross-Domain Redirect
Targets - https://github.com/advisories/GHSA-r4q5-vmmm-2653
fix available via `npm audit fix`
node_modules/follow-redirects
hono <4.12.14
Severity: moderate
hono Improperly Handles JSX Attribute Names Allows HTML Injection in hono/jsx
SSR - https://github.com/advisories/GHSA-458j-xx4x-4375
fix available via `npm audit fix`
node_modules/hono
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
