You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
BlackDuck scan has reported a vulnerability in fast-xml-parser, which is included as a transitive dependency in the cds-feature component.
The vulnerability exists in the XMLBuilder component when the preserveOrder option is set to true. Improper input validation may allow specially crafted XML input to cause deep recursion, leading to a stack overflow and potential Denial-of-Service (DoS).
Since the dependency is transitive, the issue needs to be resolved by updating dependency version.
BlackDuck scan has reported a vulnerability in fast-xml-parser, which is included as a transitive dependency in the cds-feature component.
The vulnerability exists in the XMLBuilder component when the preserveOrder option is set to true. Improper input validation may allow specially crafted XML input to cause deep recursion, leading to a stack overflow and potential Denial-of-Service (DoS).
Since the dependency is transitive, the issue needs to be resolved by updating dependency version.
https://sap.blackducksoftware.com/api/projects/d9c85527-97c0-4758-947e-6eaa349d2ca1/versions/f9685608-cf5d-4af6-9885-4592f60a596a/components?filter=bomInclusion%3Afalse&filter=bomMatchInclusion%3Afalse&filter=bomMatchReviewStatus%3Areviewed&filter=securityRisk%3AMEDIUM&limit=100&offset=0
another issue related to this only
https://sap.blackducksoftware.com/api/projects/d9c85527-97c0-4758-947e-6eaa349d2ca1/versions/f9685608-cf5d-4af6-9885-4592f60a596a/vulnerabilities?filter=bomComponents%3AaHR0cHM6Ly9zYXAuYmxhY2tkdWNrc29mdHdhcmUuY29tL2FwaS9jb21wb25lbnRzL2UzZTE4ZTViLThkZGMtNGRkNC04YTFhLWMyMDkxODJkYzc4Ny92ZXJzaW9ucy84YjI0NmNjNy0zNTNkLTRiZTgtYjFhMi0wMzI1MjhkOTVlZGE%3D&limit=100&offset=0