Severity: Critical

Description: SAS Risk Governance Framework 7.5 contains DOMPurify 2.2.9, which contains multiple vulnerabilities.

Potential Impact: The impact might vary by the vulnerabilities. For details, see https://security.snyk.io/package/npm/dompurify/2.2.9.

Note: The hot fix upgrades DOMPurify to version 3.2.4.