Skip to content

bizcharts 存在依赖漏洞 #1571

New issue
New issue
Open
Open
bizcharts 存在依赖漏洞#1571
@ganyanchuan1989

Description

@ganyanchuan1989
ganyanchuan1989
opened on Sep 29, 2025
`-- [email protected]
  `-- @antv/[email protected]
    `-- [email protected]
      `-- [email protected]
High            DOM Clobbering Gadget found in rollup bundled scripts that
                  leads to XSS

  Package         rollup

  Patched in      >=2.79.2

  Dependency of   bizcharts

  Path            bizcharts > @antv/g2plot > fmin > rollup

  More info       https://github.com/advisories/GHSA-gcx4-mw62-g8wm

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions