Details
Description
HBase UI is currently using bootstrap 3.3.7. This version is vulnerable to 4 medium CVEs (CVE-2018-14040, CVE-2018-14041, CVE-2018-14042, and CVE-2019-8331). Details on all the bootstrap versions and vulnerabilities is here: https://snyk.io/vuln/npm:bootstrap
Upgrading to bootstrap 4 would be nice, but potentially more work to do. To avoid these CVE issues, we should at least upgrade to the latest bootstrap 3, which is 3.4.1 currently.
Attachments
Issue Links
- links to