Outdated JavaScript libraries scanned show vulnerability at jQuery UI Datepicker
search cancel

Outdated JavaScript libraries scanned show vulnerability at jQuery UI Datepicker

book

Article ID: 274977

calendar_today

Updated On:

Products

CA Identity Suite

Issue/Introduction

 

Outdated JavaScript libraries

You are using an outdated version of one or more JavaScript libraries. A newer version is available. Although your version was not found to be affected by any security issues, vulnerabilities, it is recommended to keep the libraries up to date.

Detail
jQuery UI Dialog 1.12.1
URL: https://iptest.domain.com/sigma/app/index
Detection method: The library name and version were determined based on its
dynamic behavior.

Underscore.js 1.8.3
URL: https://iptest.domain.com/sigma/app/index
Detection method: The library name and version were determined based on its
dynamic behavior.

Lodash 1.8.3
URL: https://iptest.domain.com/sigma/app/index
Detection method: The library's name and version were determined based on its dynamic behavior.
References:
https://github.com/lodash/lodash/tags

Update the libraries to a latest version

 

The required in this case is to update to the last version of these libraries .

The  information was checked from https://iportal/sigma/app/index

 

Environment

Release : 14.5

Cause

Scan reported as vulnerability

Resolution

The reported vulnerability is taken care by Identity Portal  UI framework design.

There is no impact on Identity Portal by this vulnerability. But as part of upgrade of third party libraries, we will be updating the jQuery UI Datepicker version to 1.13.2 

 

Notes :

- For every release, DEV team will do a scan of security vulnerabilities and fix all critical and high security vulnerabilities.

- If the reported vulnerabilities are critical and high, then we will be fixing them by upgrading the versions in the upcoming releases.

Powered by Wolken Software