Jquery UI library included in download has known security issues
Jquery UI library included in download has known security issues
kmeekva
Posts: 1Questions: 1Answers: 0
Link to test case:
Debugger code (debug.datatables.net):
Error messages shown:
Description of problem: Version 1.12.1 of JQUERY UI has known security issues as described in links below.
These are addressed in latest version of jquery UI library 1.13.2. Recommend you include this in the bundled download instead of the vulnerable version 1.12.1
https://bugs.jqueryui.com/ticket/15284
https://github.com/jquery/jquery-ui/security/advisories/GHSA-gpqq-952q-5327
https://nvd.nist.gov/vuln/detail/CVE-2021-41184
https://nvd.nist.gov/vuln/detail/CVE-2021-41183
https://github.com/jquery/jquery-ui/security/advisories/GHSA-9gj3-hwp5-pmwc
https://nvd.nist.gov/vuln/detail/CVE-2021-41182
Answers
Many thanks! That's it updated in out download builder now.
Allan