Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Security vulnerability in react-pdf@7.7.1 #250

Open
Ryanv030 opened this issue May 10, 2024 · 4 comments
Open

Security vulnerability in react-pdf@7.7.1 #250

Ryanv030 opened this issue May 10, 2024 · 4 comments
Labels
bug Something isn't working

Comments

@Ryanv030
Copy link

Original vulnerability that affected react-pdf: GHSA-wgrm-67xf-hhpq

react-pdf fix: GHSA-87hq-q4gp-9wr4

Updating to react-pdf@7.7.3 will fix the issue.

Thanks!

@cyntler
Copy link
Owner

cyntler commented May 12, 2024

@Ryanv030 Try to use the latest version: https://github.com/cyntler/react-doc-viewer/releases/tag/v1.15.0. I updated the version.

@Ryanv030
Copy link
Author

Looks like that worked for fixing the security vulnerability, unfortunately we're still going to be getting flagged even though it's technically fixed.

The maintainer of react-pdf made a comment about his plans on fixing this in the future. (just in case you get more issues about this)

@cyntler cyntler added the bug Something isn't working label May 16, 2024
@xiaolongkipsi
Copy link

react-pdf is updated. Can it be upgraded so it won't get flagged?

@xiaolongkipsi
Copy link

xiaolongkipsi commented May 29, 2024

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

3 participants