Down icon indicating copy to clipboard operation
Down copied to clipboard

Published 20 hours ago verified publisher icon johnxnguyen

SAST flagged: Unsafe Regular Expression

Open ps-vm opened this issue 2 years ago • 0 comments

Please help prevent duplicate issues before submitting a new one:

  • [ x] I've searched other open/closed issues for duplicates before opening up this new issue.

Report

Our SAST report picked up a high vulnerability within this library

  • "Potentially unsafe regular expressions. It may take a very long time to run."

What did you do?

Configured SAST to run within GitLab pipelines for our iOS project.

What did you expect to happen?

No high vulnerabilities

What happened instead?

Three high vulnerabilities related to this library has been flagged, this particular one is in the highlight.js file. We're on the latest version of this library and need to be able to reduce all critical and high vulnerabilities in order to ensure we're releasing secure products.

ps-vm avatar Jun 08 '22 08:06 ps-vm