WS-2018-0347 (Medium) detected in eslint-2.13.1.tgz #1151
Assignees
Labels
cve
Security vulnerabilities detected by Dependabot or Mend
medium severity
Medium severity CVE
Mend: dependency security vulnerability
Security vulnerability detected by Mend
v2.0.0
Comments
mend-for-github-com
bot
added
the
Mend: dependency security vulnerability
tmarkley
added
cve
AMoo-Miki
pushed a commit
to AMoo-Miki/OpenSearch-Dashboards
that referenced
this issue
Feb 10, 2022
…1151) Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.7.6 to 4.7.7. - [Release notes](https://github.com/wycats/handlebars.js/releases) - [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md) - [Commits](handlebars-lang/handlebars.js@v4.7.6...v4.7.7) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Closed
tmarkley
pushed a commit
to tmarkley/OpenSearch-Dashboards
that referenced
this issue
Feb 28, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated to adhere to the newly-introduced rules from the stylelint configuration. A major culprit was the `no-descending-specificity` rule. * Some of the automated fixes that changed function names (e.g. EUI functions like `lightOrDarkTheme`) had to be overridden because EUI doesn't adhere to all of the rules. We can address this after we fold in and replace `node-sass` with Dart Sass. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <markleyt@amazon.com>
tmarkley
pushed a commit
to tmarkley/OpenSearch-Dashboards
that referenced
this issue
Feb 28, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated to adhere to the newly-introduced rules from the stylelint configuration. A major culprit was the `no-descending-specificity` rule. * Some of the automated fixes that changed function names (e.g. EUI functions like `lightOrDarkTheme`) had to be overridden because EUI doesn't adhere to all of the rules. We can address this after we fold in and replace `node-sass` with Dart Sass. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <markleyt@amazon.com>
tmarkley
pushed a commit
to tmarkley/OpenSearch-Dashboards
that referenced
this issue
Mar 1, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated to adhere to the newly-introduced rules from the stylelint configuration. A major culprit was the `no-descending-specificity` rule. * Some of the automated fixes that changed function names (e.g. EUI functions like `lightOrDarkTheme`) had to be overridden because EUI doesn't adhere to all of the rules. We can address this after we fold in and replace `node-sass` with Dart Sass. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <markleyt@amazon.com>
tmarkley
pushed a commit
to tmarkley/OpenSearch-Dashboards
that referenced
this issue
Mar 2, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated to adhere to the newly-introduced rules from the stylelint configuration. A major culprit was the `no-descending-specificity` rule. * Some of the automated fixes that changed function names (e.g. EUI functions like `lightOrDarkTheme`) had to be overridden because EUI doesn't adhere to all of the rules. We can address this after we fold in and replace `node-sass` with Dart Sass. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <markleyt@amazon.com>
tmarkley
pushed a commit
to tmarkley/OpenSearch-Dashboards
that referenced
this issue
Mar 2, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated to adhere to the newly-introduced rules from the stylelint configuration. A major culprit was the `no-descending-specificity` rule. * Some of the automated fixes that changed function names (e.g. EUI functions like `lightOrDarkTheme`) had to be overridden because EUI doesn't adhere to all of the rules. We can address this after we fold in and replace `node-sass` with Dart Sass. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <markleyt@amazon.com>
tmarkley
pushed a commit
to tmarkley/OpenSearch-Dashboards
that referenced
this issue
Mar 4, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated to adhere to the newly-introduced rules from the stylelint configuration. A major culprit was the `no-descending-specificity` rule. * Some of the automated fixes that changed function names (e.g. EUI functions like `lightOrDarkTheme`) had to be overridden because EUI doesn't adhere to all of the rules. We can address this after we fold in and replace `node-sass` with Dart Sass. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <markleyt@amazon.com>
tmarkley
pushed a commit
to tmarkley/OpenSearch-Dashboards
that referenced
this issue
Mar 4, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated to adhere to the newly-introduced rules from the stylelint configuration. A major culprit was the `no-descending-specificity` rule. * Some of the automated fixes that changed function names (e.g. EUI functions like `lightOrDarkTheme`) had to be overridden because EUI doesn't adhere to all of the rules. We can address this after we fold in and replace `node-sass` with Dart Sass. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <markleyt@amazon.com>
tmarkley
pushed a commit
to tmarkley/OpenSearch-Dashboards
that referenced
this issue
Mar 16, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated with overrides to adhere to the newly-introduced rules from the stylelint configuration. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <markleyt@amazon.com>
tmarkley
pushed a commit
to tmarkley/OpenSearch-Dashboards
that referenced
this issue
Mar 16, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated with overrides to adhere to the newly-introduced rules from the stylelint configuration. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <markleyt@amazon.com>
tmarkley
pushed a commit
to tmarkley/OpenSearch-Dashboards
that referenced
this issue
Mar 17, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated with overrides to adhere to the newly-introduced rules from the stylelint configuration. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <markleyt@amazon.com>
tmarkley
pushed a commit
to tmarkley/OpenSearch-Dashboards
that referenced
this issue
Mar 23, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated with overrides to adhere to the newly-introduced rules from the stylelint configuration. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <markleyt@amazon.com>
tmarkley
pushed a commit
to tmarkley/OpenSearch-Dashboards
that referenced
this issue
Mar 25, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated with overrides to adhere to the newly-introduced rules from the stylelint configuration. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <markleyt@amazon.com>
ashwin-pc
pushed a commit
to ashwin-pc/OpenSearch-Dashboards
that referenced
this issue
Apr 1, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated with overrides to adhere to the newly-introduced rules from the stylelint configuration. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <markleyt@amazon.com>
ashwin-pc
pushed a commit
to ashwin-pc/OpenSearch-Dashboards
that referenced
this issue
Apr 1, 2022
* Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated with overrides to adhere to the newly-introduced rules from the stylelint configuration. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves opensearch-project#551 Resolves opensearch-project#1139 Resolves opensearch-project#1151 Resolves opensearch-project#1152 Resolves opensearch-project#1154 Signed-off-by: Tommy Markley <markleyt@amazon.com>
ashwin-pc
added a commit
that referenced
this issue
Apr 1, 2022
* Replaces `sass-lint` with `stylelint` * Introduces standard scss rules from stylelint with only a few modifications. * `yarn lint` now runs `yarn lint:style` instead of `yarn lint:sass`. * Many of the files were updated with `yarn lint:style --fix`, but some of them had to be manually updated with overrides to adhere to the newly-introduced rules from the stylelint configuration. * Includes a couple fixes such as fixing the class selector for `osdnSuggestionItem--value .osdSuggestionItem__text`. Resolves #551 Resolves #1139 Resolves #1151 Resolves #1152 Resolves #1154 Signed-off-by: Tommy Markley <markleyt@amazon.com> * fix(Style): Fixes flex style Signed-off-by: Ashwin Pc <ashwinpc@amazon.com> * fix(lint): Fixes empty comment lint issue Signed-off-by: Ashwin Pc <ashwinpc@amazon.com> * chore: rebase and updates yarn.lock Signed-off-by: Ashwin Pc <ashwinpc@amazon.com> Co-authored-by: Tommy Markley <markleyt@amazon.com>
8 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
WS-2018-0347 - Medium Severity Vulnerability
An AST-based pattern checker for JavaScript.
Library home page: https://registry.npmjs.org/eslint/-/eslint-2.13.1.tgz
Dependency Hierarchy:
Found in HEAD commit: ddb2cc42e9e43fdc2358fe14019ab9679e775671
Found in base branch: main
A vulnerability was descovered in eslint before 4.18.2. One of the regexes in eslint is vulnerable to catastrophic backtracking.
Publish Date: 2018-02-27
URL: WS-2018-0347
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: Low
For more information on CVSS3 Scores, click here.Type: Upgrade version
Origin: eslint/eslint#10002
Release Date: 2018-02-27
Fix Resolution: 4.18.2
The text was updated successfully, but these errors were encountered: