Security vulnerabilities in /tests/unit/assets/jquery.min.js #1268
Comments
|
I also encounter the same 4 security vulnerabilities. What should I Do? |
wenz
added a commit
to wenz/hammer.js
that referenced
this issue
Mar 23, 2021
Require the minimum jQuery version without any known security vulnerabilities, which is 3.5.1 at this time (3.5.0 contains a regression). Fixes hammerjs#1268
|
I've created a pull request, hope this helps! |
|
Thank you! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
There are 4 known security vulnerabilities with the version of jquery that is being included in the tests folder
https://nvd.nist.gov/vuln/detail/CVE-2020-11023
https://nvd.nist.gov/vuln/detail/CVE-2020-11022
https://nvd.nist.gov/vuln/detail/CVE-2019-11358
https://nvd.nist.gov/vuln/detail/CVE-2015-9251
These are all distinct, medium level vulnerabilities. Can the dependency either be removed or updated to a more secure version?
The text was updated successfully, but these errors were encountered: