API Portal : Jquery 2.2.4?CVE-2015-9251?
Article ID: 128839
Updated On:
Products
CA API Developer Portal
CA API Gateway
Issue/Introduction
API Portal3.5 CR9
Does API Portal take the influence of the security vulnerability?
・CVE-2015-9251
If so, is the fix included in the product?
Or, can the customer upgrade Jquery individually?
Jquery 2.2.4 -> Jquery 3.x
CVE-2015-9251 is published in 2018/1.
It is before the release of API Portal 3.5 CR9.
If API Gateway uses Jquery, why was a vulnerable version adopted?
Environment
Release:
Component: APIPRD
Component: APIPRD
Resolution
This vulnerability only exists when cross domain ajax requests are made.
The API Portal does not make cross domain ajax requests, and is not affected.
The API Portal does not make cross domain ajax requests, and is not affected.
Feedback
Yes
No
Powered by
