Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SAST flagged: Unsafe Regular Expression #288

Open
ps-vm opened this issue Jun 8, 2022 · 0 comments
Open

SAST flagged: Unsafe Regular Expression #288

ps-vm opened this issue Jun 8, 2022 · 0 comments

Comments

@ps-vm
Copy link

ps-vm commented Jun 8, 2022

Please help prevent duplicate issues before submitting a new one:

  • [ x] I've searched other open/closed issues for duplicates before opening up this new issue.

Report

Our SAST report picked up a high vulnerability within this library

  • "Potentially unsafe regular expressions. It may take a very long time to run."

What did you do?

Configured SAST to run within GitLab pipelines for our iOS project.

What did you expect to happen?

No high vulnerabilities

What happened instead?

Three high vulnerabilities related to this library has been flagged, this particular one is in the highlight.js file.
We're on the latest version of this library and need to be able to reduce all critical and high vulnerabilities in order to ensure we're releasing secure products.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant