]> git.ipfire.org Git - thirdparty/paperless-ngx.git/commitdiff
projects / thirdparty / paperless-ngx.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 44ed78b)
Security: Disable eval in pdfjs (#6615)
authorshamoon <4887959+shamoon@users.noreply.github.com>
Tue, 7 May 2024 16:45:19 +0000 (09:45 -0700)
committerGitHub <noreply@github.com>
Tue, 7 May 2024 16:45:19 +0000 (16:45 +0000)
Closes https://github.com/paperless-ngx/paperless-ngx/security/dependabot/181 see https://github.com/advisories/GHSA-wgrm-67xf-hhpq

src-ui/src/app/components/common/pdf-viewer/pdf-viewer.component.ts patch | blob | blame | history

diff --git a/src-ui/src/app/components/common/pdf-viewer/pdf-viewer.component.ts b/src-ui/src/app/components/common/pdf-viewer/pdf-viewer.component.ts
index 274b06032341fe93cd0f4b8ac8db84d0a71f418d..4fc55429af6a507836aa563a2511e29d4664fbeb 100644 (file)
--- a/src-ui/src/app/components/common/pdf-viewer/pdf-viewer.component.ts
+++ b/src-ui/src/app/components/common/pdf-viewer/pdf-viewer.component.ts
@@ -35,6 +35,7 @@ import type {
 import { PDFSinglePageViewer } from 'pdfjs-dist/web/pdf_viewer'
 
 PDFJS['verbosity'] = PDFJS.VerbosityLevel.ERRORS
+PDFJS['isEvalSupported'] = false
 
 export enum RenderTextMode {
   DISABLED,
Mirror of https://github.com/paperless-ngx/paperless-ngx.git