Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - ferpagano

Pages: [1]
1
Bug Report / PQGrid jszip 2.5.0 vulnerabilities
« on: March 08, 2023, 05:25:27 pm »
Hello Support!.

We are currently using PQGrid v8.6.0 and have been using Veracode to track vulnerabilities and improvements. Recently, Veracode detected a high severity vulnerability related to the jszip v2.5.0 dependency used in PQGrid. The vulnerability details have been provided below:

Quote
CVE-2022-48285| CWE-22
Directory Traversal: jszip is vulnerable to Directory Traversal. The vulnerability exists as untrusted user input is not properly validated and/or sanitized, allowing an attacker to exploit the vulnerability via a crafted ZIP archive.

Could it be possible to you to update PQGrid to use the latest version of jszip (or v3.8.0 or later) to address this issue?.
This vulnerability also applies to PQGrid v8.7.0.

Please refer to the following links for further details on this vulnerability:
https://nvd.nist.gov/vuln/detail/CVE-2022-48285
https://cwe.mitre.org/data/definitions/22.html


Hope you can help.
Thanks in advance.

Best regards,
Fernando.

2
Bug Report / Tooltip show / hide error
« on: January 12, 2023, 12:04:25 am »
Hello,

I'm using pgGrid (v8.7,0) with column validation inside an Angular v13(13.3.12) App. When the validator fires It should show the tooltip but It's throwing a TypeError. The line that has the problem is (jquery-ui):
"options.complete = callback;"
The variable "options" is a boolean, and I think problem is related to strict mode because when I tried a similar line without strict mode, it ran fine.

jquery -> v3.4.0
jquery-ui-pack -> v1.12.3

Thanks in advance.
Fernando.

TypeError: Cannot create property 'complete' on boolean 'true'
Error:
core.mjs:7739
ERROR TypeError: Cannot create property 'complete' on boolean 'true'
at $.Widget. [as _show] (jquery-ui.js:716:3)
at $..._open (jquery-ui.js:15926:8)
at $..._open (jquery-ui.js:139:25)
at $..._updateContent (jquery-ui.js:15855:9)
at $..._updateContent (jquery-ui.js:139:25)
at Object. (jquery-ui.js:15732:10)
at Function.each (jquery.js:391:19)
at $..._setOption (jquery-ui.js:15731:6)
at $..._setOption (jquery-ui.js:139:25)
at $..._setOptions (jquery-ui.js:429:9)

Pages: [1]