WS-2016-0090 (Medium) detected in jquery-2.2.4.tgz - autoclosed
Closed this issue · 1 comments
mend-bolt-for-github commented
WS-2016-0090 - Medium Severity Vulnerability
Vulnerable Library - jquery-2.2.4.tgz
JavaScript library for DOM operations
Library home page: https://registry.npmjs.org/jquery/-/jquery-2.2.4.tgz
Dependency Hierarchy:
- eonasdan-bootstrap-datetimepicker-4.17.47.tgz (Root Library)
- ❌ jquery-2.2.4.tgz (Vulnerable Library)
Found in HEAD commit: bb7465065dfeed9f49bb99b6901ab933563af739
Vulnerability Details
JQuery is vulnerable to Cross-site Scripting (XSS) attacks via text/javascript response with arbitrary code execution.
Publish Date: 2016-11-27
URL: WS-2016-0090
Suggested Fix
Type: Upgrade version
Origin: jquery/jquery@b078a62
Release Date: 2019-04-08
Fix Resolution: 3.0.1
Step up your Open Source Security Game with WhiteSource here
mend-bolt-for-github commented
✔️ This issue was automatically closed by WhiteSource because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the WhiteSource inventory.