VIVO-1942: jQuery version flagged as security vulnerability #3528

chenejac · 2020-11-18T19:22:55Z

Benjamin Gross (Migrated from VIVO-1942) said:

A client's security audit software has identified the version of jQuery included with VIVO (1.12.4) as a security vulnerability of 'medium' severity.

jQuery v 1.12.4 was released in May 2016. The v1 line hasn't been updated since then. I don't have any details on what the potential issues are with using the library, but it seems prudent to update to a modern version if we plan to keep using the library.

chenejac · 2020-11-18T19:36:29Z

Andrew Woods said:

https://jquery.com/download/

chenejac self-assigned this Nov 16, 2021

chenejac removed this from the v1.13 milestone May 9, 2023

gneissone mentioned this issue Nov 29, 2023

Fixed jquery selector for capability map tabs #3921

Merged

chenejac assigned milospp and unassigned chenejac Dec 1, 2023

This was referenced Mar 12, 2024

Update jQuery to v3.7.1 and jquery-ui to v1.13.2 #3955

Draft

Update jQuery to v3.7.1 and jquery-ui to v1.13.2 vivo-project/Vitro#449

Draft

gneissone self-assigned this Mar 14, 2024

litvinovg linked a pull request Apr 30, 2024 that will close this issue

Add Jquery and Jquery UI webjars vivo-project/Vitro#464

Merged

chenejac closed this as completed in vivo-project/Vitro#464 May 30, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

VIVO-1942: jQuery version flagged as security vulnerability #3528

VIVO-1942: jQuery version flagged as security vulnerability #3528

chenejac commented Nov 18, 2020

chenejac commented Nov 18, 2020

VIVO-1942: jQuery version flagged as security vulnerability #3528

VIVO-1942: jQuery version flagged as security vulnerability #3528

Comments

chenejac commented Nov 18, 2020

chenejac commented Nov 18, 2020