chore(deps): update dependency dompurify to v3.1.1 - autoclosed
This MR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
dompurify | devDependencies | patch | 3.1.0 -> 3.1.1 |
MR created with the help of gitlab-org/frontend/renovate-gitlab-bot
Release Notes
cure53/DOMPurify (dompurify)
v3.1.1
: DOMPurify 3.1.1
- Fixed an mXSS sanitiser bypass reported by @icesfont
- Added new code to track element nesting depth
- Added new code to enforce a maximum nesting depth of 255
- Added coverage tests and necessary clobbering protections
Note that this is a security release and should be upgraded to immediately. Please also note that further releases may follow as the underlying vulnerability is apparently new and further variations may be discovered.
Configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot.