| Thread Previous • Date Previous • Date Next • Thread Next |
*** This bug is a duplicate of bug 1955556 ***
https://bugs.launchpad.net/bugs/1955556
** Information type changed from Private Security to Public
** This bug has been marked a duplicate of bug 1955556
Javascript libraries with vulnerabilities
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1960489
Title:
JQuery < 2 has multiple security vulnerabilities
Status in OpenStack Dashboard (Horizon):
New
Bug description:
Horizon depends on JQuery < 2 on master [1]. At least the following
security vulnerabilities are affecting JQuery < 2 and therefore
probably Horizon as well:
https://nvd.nist.gov/vuln/detail/CVE-2020-11023
https://nvd.nist.gov/vuln/detail/cve-2020-11022
https://nvd.nist.gov/vuln/detail/cve-2015-9251
https://nvd.nist.gov/vuln/detail/cve-2019-11358
[1] https://github.com/openstack/horizon/blob/1503e8d88d5afe7fbcaba04c65287bdeea5377a0/requirements.txt#L58
To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1960489/+subscriptions
| Thread Previous • Date Previous • Date Next • Thread Next |
