Details
Assignee
Margarida LeiteMargarida Leite(Deactivated)Reporter
Gurudev S RGurudev S RLabels
Edit Screen Preamble
<div class="notify info" style="margin-bottom: 10px;">
If you are a Pentaho customer, please use the <a href="http://support.pentaho.com">Customer Support portal</a> to log issues.
<p />
This system is used for logging bugs and enhancement requests only. Please use our <a href="https://community.pentaho.com">community at https://community.pentaho.com</a> if you have questions, configuration issues, or have an issue with a marketplace plugin as Pentaho does not support marketplace plugins unless written by Pentaho.
<p />
Lastly, when creating a bug, please provide as much detail as possible. To prevent unnecessary delays in reviewing your issue, please attach complete server logs, SQL/MDX logs where applicable, schemas, etc. Also, screen-shots and screen-cams are especially helpful in demonstrating the issue.
<p />
Thank-you so much,<br />
The Pentaho Team
</div>
Notice
<div class="notify info" style="margin-bottom: 10px;">
When an issue is open, the "Fix Version/s" field conveys a target, not necessarily a commitment. When an issue is closed, the "Fix Version/s" field conveys the version that the issue was fixed in.
</div>
Sprint Team
Tatooine (Maint)Story Points
5Fix versions
Affects versions
Priority
Urgent
Details
Details
Assignee
Reporter
Labels
Edit Screen Preamble
<div class="notify info" style="margin-bottom: 10px;">
If you are a Pentaho customer, please use the <a href="http://support.pentaho.com">Customer Support portal</a> to log issues.
<p />
This system is used for logging bugs and enhancement requests only. Please use our <a href="https://community.pentaho.com">community at https://community.pentaho.com</a> if you have questions, configuration issues, or have an issue with a marketplace plugin as Pentaho does not support marketplace plugins unless written by Pentaho.
<p />
Lastly, when creating a bug, please provide as much detail as possible. To prevent unnecessary delays in reviewing your issue, please attach complete server logs, SQL/MDX logs where applicable, schemas, etc. Also, screen-shots and screen-cams are especially helpful in demonstrating the issue.
<p />
Thank-you so much,<br />
The Pentaho Team
</div>
Notice
<div class="notify info" style="margin-bottom: 10px;">
When an issue is open, the "Fix Version/s" field conveys a target, not necessarily a commitment. When an issue is closed, the "Fix Version/s" field conveys the version that the issue was fixed in.
</div>
Sprint Team
Story Points
Fix versions
Affects versions
Priority
Urgent
The application is currently using the Handlebars JavaScript framework in version 4.0.5. It has known security vulnerabilities (https://snyk.io/vuln/SNYK-JS-HANDLEBARS-173692), which can render the application vulnerable to Prototype Pollution, under certain circumstances.
Refer the link:
https://snyk.io/vuln/SNYK-JS-HANDLEBARS-173692
Remediation recommendation: Upgrade handlebars to version 4.0.13 or higher.