You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
react-pdf displays PDFs in React apps. If PDF.js is used to load a malicious PDF, and PDF.js is configured with isEvalSupported set to true (which is the default value), unrestricted attacker-controlled JavaScript will be executed in the context of the hosting domain. This vulnerability is fixed in 7.7.3 and 8.0.2.
https://www.npmjs.com/package/react-pdf current available version is 9.1.1, compared to dependencie versions 5.7.1 used by react-notion-x as of today (v6.16.0)
version 9.1.1 is compatible for react version >= 16.8
The text was updated successfully, but these errors were encountered:
Description
react-pdf displays PDFs in React apps. If PDF.js is used to load a malicious PDF, and PDF.js is configured with
isEvalSupportedset totrue(which is the default value), unrestricted attacker-controlled JavaScript will be executed in the context of the hosting domain. This vulnerability is fixed in 7.7.3 and 8.0.2.https://www.npmjs.com/package/react-pdf current available version is 9.1.1, compared to dependencie versions 5.7.1 used by react-notion-x as of today (v6.16.0)
version 9.1.1 is compatible for react version >= 16.8
The text was updated successfully, but these errors were encountered: