Your use of this site is conditioned on Your continued compliance with the Terms of Use.

I have read Terms of Use. I am aware I may use the Site and/or its Content for personal use only in accordance with the Terms of Use, as a part of my relationship with ABBYY. It’s expressly forbidden to use the Site and/or its Content for competitive and benchmarking purposes.

IF YOU DO NOT AGREE, DO NOT USE THE SITE.

Terms of Use

The sites https://www.abbyy.com/, https://help.abbyy.com/ and other ABBYY-owned sites (collectively, “Site”) are the property of ABBYY Development Inc. and affiliates, the ABBYY group companies ("ABBYY") and its licensors. BY USING THE SITE, YOU AGREE TO THESE TERMS OF USE; IF YOU DON’T AGREE, DO NOT USE THE SITE.

The services and information that ABBYY provides to You are subject to the following Terms of Use (referred to as “Terms”). ABBYY reserves the right, at its sole discretion, to change, modify, add or remove portions of these Terms, at any time. It is Your responsibility to check these Terms for amendments. ABBYY reserves the right to do any of the following, at any time, without notice: to modify, suspend or terminate operation of or access to the Site, or any portion of the Site, for any reason; to modify or change the Site, or any portion of the Site; and to interrupt the operation of the Site or any portion of the Site for maintenance or other reason. You may not use the Site or any Content for any purpose that is unlawful or prohibited by these Terms, or to solicit the performance of any illegal activity or other activity which infringes the rights of ABBYY or others. You agree that ABBYY may, in its sole discretion and without prior notice, terminate Your access to the Site and/or block Your future access to the Site if ABBYY finds that You have violated these Terms or other agreements. You agree that any violation by You of these Terms will constitute an unlawful and unfair business practice. You agree that ABBYY may, in its sole discretion and without prior notice, terminate Your access to the Site. You agree that ABBYY will not be liable to You or to any third party for termination of Your access to the Site as a result of any violation of these Terms.

Your continued use of the Site means that You agree to the amendments. As long as You comply with these Terms, ABBYY grants You a personal, non-exclusive, non-transferable, limited right to enter and use the Site.

Disclaimer of Warranty

All materials contained herein, the Site and any Content, service or features are provided "AS IS" and "AS-AVAILABLE" without warranty of any kind. ABBYY disclaims all warranties of any kind, including all warranties and conditions of accuracy, merchantability, whether express implied or statutory, fitness for a particular purpose, defects-free, virus-free, contamination title and non-infringement, specific results warranty. Any use of the materials of this site is at Your own discretion and risk and You are solely responsible for any damage to Your computer system, including but not limited to loss of data.

ABBYY DISCLAIMS ALL LIABILITY FOR THE ACTS, OMISSIONS AND CONDUCT OF ANY THIRD PARTIES IN CONNECTION WITH OR RELATED TO YOUR USE OF THE SITE AND/OR ANY SERVICES. YOU ASSUME TOTAL RESPONSIBILITY FOR YOUR USE OF THE SITE AND ANY LINKED SITES AND PAGES. YOUR SOLE REMEDY AGAINST ABBYY FOR DISSATISFACTION WITH THE SITE OR ANY CONTENT IS TO STOP USING THE SITE OR ANY SUCH CONTENT.

Limitation of Liability

Under no circumstances shall ABBYY be liable for any kind of damages, indirect or consequential, exemplary, incidental or punitive damages, including, without limitation loss of profits or revenues and/or costs of replacement goods and all damages resulting from (i) downloading of any software available, (ii) use of the Content or the Site, or the service, or the software, (iii) ABBYY's failure to provide services, whether in action of contract, negligence or other tortuous action even if ABBYY has been informed in advance of the possibility of such damages.If, notwithstanding the other provisions of these Terms, ABBYY is found to be liable to You for any damage or loss which arises out of or is in any way connected with Your use of the Site or any Content, ABBYY’s liability shall in no event exceed fifty US dollars. Some jurisdictions do not allow limitations of liability, so the foregoing limitation may not apply to You.

Transmission and Submission of Information

ABBYY does not guarantee the security of any information transmitted to or from the Site. Any material, information or other communication You transmit or post to this Site will be considered non-confidential. ABBYY will have no obligations with respect to such communications. Additionally, by using the Site, You acknowledge and agree that Internet transmissions are never completely secure. You understand that any message or information You send to the Site may be read or intercepted by others.

By transmitting or posting any information You grant ABBYY an unrestricted royalty free right to copy, disclose, distribute, otherwise dispose and use of such information.

While browsing through this site You agree to refrain from posting or transmitting to or from this Site any unlawful material that may violate any domestic and/or international legislation.

ABBYY may at it's own discretion monitor or review any areas on this site where users transmit or post materials or communicate solely with each other, including but not limited to any kind of chat rooms or user forums. ABBYY will have no liability related to the content of any such areas.

Relevant ABBYY Privacy Policy (Notice) and Cookie Policy (if applicable) apply to use of this Site, and its terms are made a part of these Terms by this reference. In conflict, Privacy Policy (Notice) and Cookie Policy provisions prevail. If You choose to provide ABBYY with your personal information (including but not limited to via web-forms located at the Site), your personal information will be treated in accordance with relevant Privacy Policy (Notice) which is available via link displayed on the same webpage where such information is collected.

Downloads

Any software that is made available to download from this Site is the copyrighted work of ABBYY and/or its suppliers. Such software shall be used in accordance with the respective terms of the end user license agreement (EULA) or terms of service which accompany the software. Any use of the Software not in accordance with the respective agreement is expressly prohibited. ABBYY’s obligations, if any, with regard to its products and services are governed by the agreements pursuant to which they are provided, and nothing on this Site should be construed to alter such agreements.

Should ABBYY make available certain materials for downloading from the Site and expressly agree upon it, You may use information on ABBYY products and services, provided that You (a use such information only for Your personal, non-commercial informational purpose, (b) make no modifications to any such information (c) do not remove any proprietary notices in all copies of such documentation, and (d) not make any additional representations or warranties relating to such documentation. It is expressly forbidden to use the Site or its Content for benchmarking and competitive purposes.

If there is a conflict between these Terms and the terms posted for or applicable to a specific portion of the Site or for any service offered on or through the Site, the latter terms shall control with respect to Your use of that portion of the Site or the specific service.

ABBYY may make changes to any products or services offered on the Site, or to the applicable prices for any such products or services, at any time, without notice. The materials on the Site with respect to products and services may be outdated, and ABBYY makes no commitment to update the materials on the Site with respect to such products and services. ABBYY provides access to ABBYY international data and documentation and may contain references to products and services that are not offered in every country. Such reference does not imply that ABBYY intends to offer such products or services in Your country. Although the Site is accessible worldwide, not all features, products or services referenced or offered through or on the Site are available to all persons or in all geographic locations. ABBYY reserves the right to limit, in its sole discretion, the provision and quantity of any Content, feature, product or service to any person or geographic area. Any offer for any feature, product or service made on the Site is void where prohibited.

Use of Content

All the text, communications, software, scripting, photos, text, video, visual interfaces, graphics, trademarks, logos, music, sounds, images, artwork and computer code and other materials (collectively "Content") are owned, controlled or licensed by or to ABBYY and are protected by intellectual property, competition laws and are provided by ABBYY as a service to its customers only and is exclusively for personal use. Except as expressly provided in these Terms, You may not use any portion of this Site or the Content without ABBYY’s express prior written consent. Usage for benchmarking or competitive purpose is expressly prohibited.

Trademarks

The trademarks, logos, and service marks (collectively "Trademarks") appearing on the ABBYY website are the property of ABBYY, its licensorsand other third-parties. All Trademarks are provided for Your information and do not grant You a license to use them. Neither title nor intellectual property rights are transferred to You.A list of third-party Trademarks and patents is available here.

Links to Third-Party Sites

This site may provide links to other third-party sites. ABBYY makes no representations whatsoever about any other site which You may access through this site. You acknowledge and agree that ABBYY is not responsible for the content of any linked site or any link contained in a linked site.

References on this site to any names, marks, products or services of any third parties or hypertext links to third party sites or information are provided solely as a convenience to You. ABBYY does not endorse or recommend content of such sites.

Mentioning non ABBYY products or services is for informational purposes only and constitutes neither an endorsement, nor a recommendation.

Foreign Legislation

These Terms constitute the entire agreement between You and ABBYY with regard to Your use of the Site, and any and all other written or oral agreements or understandings previously existing between You and ABBYY with respect to such use are hereby superseded. ABBYY’s failure to enforce strict performance of these Terms shall not be construed as a waiver by ABBYY of any provision or any right it has to enforce these Terms, nor shall any course of conduct between ABBYY and You or any other party be deemed to modify any provision of these Terms. These Terms shall not be interpreted or construed to confer any rights or remedies on any third parties.

ABBYY does not warrant compliance with any foreign legislation. If You access the Site, You are solely responsible for compliance with all applicable local laws.

You may not use or export or re-export any Content or any copy or adaptation of such Content, or any product or service offered on the Site, in violation of any applicable laws or regulations, including without limitation international export control laws and regulations, and/or for competition and benchmarking.

Subscription Terms

The Subscription terms incorporate terms on subscription, billing and payment procedure for the use of ABBYY Software on a subscription-based model. You can review the full terms here.

Partner Subscription Terms

The Partner Subscription Terms incorporate terms on subscription, billing and payment procedure for the use of ABBYY Software on a Subscription-based model by partners. You can review the full terms here.

May 2021

Known Vulnerabilities

Angular vulnerability

A known vulnerability of AngularJS later than 1.7.0 is present in Timeline, which uses AngularJS 1.8.2. The vulnerability exposes Timeline to regular expression denial of service attacks by providing a custom locale that makes it possible to assign a very long string to a certain locale parameter, which in turn blocks the browser. More about the vulnerability here: https://github.com/advisories/GHSA-m2h2-264f-f486

Timeline itself does not make use of the vulnerable custom locale, never configures the vulnerable parameter in any locales with any value, and certainly not with a user-provided string. It is still possible for the user to set this parameter, but not via Timeline, only via the developer console of the browser. Even if that happens, the effect is visible only in the user's browser and only in the actual session. It does not have any effect on any other user, or even the user's own browser after refreshing the page.

Since the impact of this vulnerability is negligible, we decided not to fix it, considering our ongoing work of phasing out AngularJS from Timeline altogether.

d3-color vulnerability

A known vulnerability of the d3-color module version 2.0.0 is present in Timeline. The vulnerability may expose the program to regular expression denial of service attacks by providing an option to manually define colors. More about the vulnerability here: https://github.com/advisories/GHSA-36jr-mh4h-2g58

Timeline uses the d3-color module within the Nivo library. To exploit the vulnerability, the user should have the ability to define colors on charts rendered by Nivo. Timeline users cannot set colors for entities that use the d3-color module in Nivo charts. This way, Timeline itself eliminates the risk of configuring vulnerable parameters in charts.

ansi-regex vulnerability

A known vulnerability of ansi-regex, which is exposed to Inefficient Regular Expression Complexity, appears with the globally installed ansi-regex package in the AWS lambda base image. More about the vulnerability here: https://github.com/advisories/GHSA-93q8-gq69-wqmw

Timeline does not use the package provided in the image.

axios vulnerability

Axios is a promise-based HTTP client for the browser and Node.js, it is used by several Timeline features. Axios is vulnerable to Cross-Site Request Forgery (CSRF) due to inserting the X-XSRF-TOKEN header using the secret XSRF-TOKEN cookie value in all requests to any server when the XSRF-TOKEN cookie is available, and the withCredentials setting is turned on. If a malicious user manages to obtain this value, it can potentially lead to the XSRF defense mechanism bypass. Timeline itself is not affected by the issue, as withCredentials axios config values are always false by default. Some requests are initiated with credentials included, but Timeline uses the XMLHttpRequest framework for those and not axios.
The vulnerability is reported in several GitHub issues, you can refer to the first of them for details: https://github.com/axios/axios/issues/6006

22.02.2024 17:28:05