From ee9785ca234d8c487f135d24a60832132b16a396 Mon Sep 17 00:00:00 2001
From: Miki <miki@amazon.com>
Date: Wed, 25 Sep 2024 16:05:38 -0700
Subject: [PATCH] [CVE-2024-45801] Bump `dompurify` from 3.0.11 to 3.1.6
 (#8346)

* [CVE-2024-45801] Bump `dompurify` from 3.0.11 to 3.1.6

Signed-off-by: Miki <miki@amazon.com>

* Changeset file for PR #8346 created/updated

---------

Signed-off-by: Miki <miki@amazon.com>
Co-authored-by: opensearch-changeset-bot[bot] <154024398+opensearch-changeset-bot[bot]@users.noreply.github.com>
---
 changelogs/fragments/8346.yml | 2 ++
 yarn.lock                     | 6 +++---
 2 files changed, 5 insertions(+), 3 deletions(-)
 create mode 100644 changelogs/fragments/8346.yml

diff --git a/changelogs/fragments/8346.yml b/changelogs/fragments/8346.yml
new file mode 100644
index 000000000000..66708de94eae
--- /dev/null
+++ b/changelogs/fragments/8346.yml
@@ -0,0 +1,2 @@
+security:
+- [CVE-2024-45801] Bump `dompurify` from 3.0.11 to 3.1.6 ([#8346](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/8346))
\ No newline at end of file
diff --git a/yarn.lock b/yarn.lock
index 848a12505dc1..c9ddaa2fdac9 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -7263,9 +7263,9 @@ domhandler@^4.0, domhandler@^4.0.0, domhandler@^4.2.0, domhandler@^4.2.2, domhan
     domelementtype "^2.2.0"
 
 dompurify@^3.0.11:
-  version "3.0.11"
-  resolved "https://registry.yarnpkg.com/dompurify/-/dompurify-3.0.11.tgz#c163f5816eaac6aeef35dae2b77fca0504564efe"
-  integrity sha512-Fan4uMuyB26gFV3ovPoEoQbxRRPfTu3CvImyZnhGq5fsIEO+gEFLp45ISFt+kQBWsK5ulDdT0oV28jS1UrwQLg==
+  version "3.1.6"
+  resolved "https://registry.yarnpkg.com/dompurify/-/dompurify-3.1.6.tgz#43c714a94c6a7b8801850f82e756685300a027e2"
+  integrity sha512-cTOAhc36AalkjtBpfG6O8JimdTMWNXjiePT2xQH/ppBGi/4uIpmj8eKyIkMJErXWARyINV/sB38yf8JCLF5pbQ==
 
 domutils@1.5.1:
   version "1.5.1"