Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-6327

Security Vulnerabilities Identified in Outdated JavaScript Libraries

XMLWordPrintable

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Hello,

       

      We have identified that several JavaScript libraries used in the system are outdated and contain publicly known security vulnerabilities. If these libraries are not updated with their latest security patches, they could expose the system to potential attacks or unauthorized access.

       

      References:{}

      CWE-1104: Use of Unmaintained Third-Party Components

      Underscore.js Package Versions

      Axios Release Notes

       

      Affected Files:{}

      • /download/batch/com.atlassian.crowd.crowd-frontend-plugin:split_vendors-node_modules_axios_index_js-node_modules_lodash_get_js-node_modules_lodash_merge_js-n-458b87/com.atlassian.crowd.crowd-frontend-plugin:split_vendors-node_modules_axios_index_js-node_modules_lodash_get_js-node_modules_lodash_merge_js-n-458b87.js

      • /download/contextbatch/js/aui,atl.general,bamboo.configuration,-_super/batch.js?locale=en

       

      Additional Vulnerabilities Identified:{}

      CVE-2023-45857{}

      CVE-2021-23358{}

              Unassigned Unassigned
              c67a4874-16a7-4a13-961d-d80f94d007bc Deleted Account (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: