Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dependabot Alert: path-to-regexp outputs backtracking regular expressions #709

Open
JennaySDavis opened this issue Sep 18, 2024 · 2 comments
Open

Dependabot Alert: path-to-regexp outputs backtracking regular expressions #709

JennaySDavis opened this issue Sep 18, 2024 · 2 comments
Assignees
@johnbeallgsa
Labels
Dependabot Alert Sprint 40

Comments

@JennaySDavis
Copy link
Contributor

JennaySDavis commented Sep 18, 2024
edited
Loading

A bad regular expression is generated any time you have two parameters within a single segment, separated by something that is not a period (.)
@john-labbate john-labbate self-assigned this Sep 19, 2024
@JennaySDavis
Copy link
Contributor Author

JennaySDavis commented Sep 20, 2024
edited
Loading

[ 709 Acceptance Criteria

Pass/Fail Description
Pass Full Regression Testing

Comments/Additional Notes
N/A

ADA Compliance (Automated scan via Chrome Lighthouse)

Criteria Score
Performance 98
Accessibility 100
Best Practices 100

Passed 09/20/2024 - JSD

@johnbeallgsa
Copy link
Contributor

Thanks for the demo. Moving to Done.

felder101 added a commit that referenced this issue Oct 3, 2024
@felder101
Production Release
b55c4fe 
Issue #702 Dependabot Alert: Regular Expression Denial of Service (ReDoS) in micromatch
Issue #712 Dependabot Alert: Vite's server.fs.deny is bypassed when using ?import&raw
Issue #711 Dependabot Alert: Vite DOM Clobbering gadget found in vite bundled scripts that leads to XSS
Issue #709 Dependabot Alert: path-to-regexp outputs backtracking regular expressions
Issue #710 Dependabot Alert: dset Prototype Pollution vulnerability
Issue #595 Update Headers on State Tax Information Pages with Notes
Issue #718 Sprint 40 Content Changes
Issue #593 Update the Updated Date on the State Tax Forms
Issue #715 Contract Payments
@felder101 felder101 mentioned this issue Oct 3, 2024
Merged
felder101 added a commit that referenced this issue Oct 4, 2024
@felder101
Production Release (#724)
6f55227 
Issue #702 Dependabot Alert: Regular Expression Denial of Service (ReDoS) in micromatch
Issue #712 Dependabot Alert: Vite's server.fs.deny is bypassed when using ?import&raw
Issue #711 Dependabot Alert: Vite DOM Clobbering gadget found in vite bundled scripts that leads to XSS
Issue #709 Dependabot Alert: path-to-regexp outputs backtracking regular expressions
Issue #710 Dependabot Alert: dset Prototype Pollution vulnerability
Issue #595 Update Headers on State Tax Information Pages with Notes
Issue #718 Sprint 40 Content Changes
Issue #593 Update the Updated Date on the State Tax Forms
Issue #715 Contract Payments
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@johnbeallgsa johnbeallgsa

Labels
Dependabot Alert Sprint 40
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@john-labbate @johnbeallgsa @JennaySDavis