Security vulnerability issues
ManjuSagar opened this issue · comments
ManjuSagar commented
Currently, there are security vulnerabilities in the D3js version 3.4.1, is there any fix done in the newer versions. I don't see any documentation in the changelog related to the security vulnerability.
ManjuSagar commented
I am seeing 2 security vulnerabilities in D3.js
-
Dynamic Code injection or execution: Where random code can be executed by the attacker in the front-end using the HTML input,
-
Race Condition: In a multi-threading system, threads need to execute concurrently in some order, but the attacker may exploit the order of execution and he may get access to some data.