Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-6327

Security Vulnerabilities Identified in Outdated JavaScript Libraries

XMLWordPrintable

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Hello,

       

      We have identified that several JavaScript libraries used in the system are outdated and contain publicly known security vulnerabilities. If these libraries are not updated with their latest security patches, they could expose the system to potential attacks or unauthorized access.

       

      References:{}

      CWE-1104: Use of Unmaintained Third-Party Components

      Underscore.js Package Versions

      Axios Release Notes

       

      Affected Files:{}

      • /download/batch/com.atlassian.crowd.crowd-frontend-plugin:split_vendors-node_modules_axios_index_js-node_modules_lodash_get_js-node_modules_lodash_merge_js-n-458b87/com.atlassian.crowd.crowd-frontend-plugin:split_vendors-node_modules_axios_index_js-node_modules_lodash_get_js-node_modules_lodash_merge_js-n-458b87.js

      • /download/contextbatch/js/aui,atl.general,bamboo.configuration,-_super/batch.js?locale=en

       

      Additional Vulnerabilities Identified:{}

      CVE-2023-45857{}

      CVE-2021-23358{}

            [CWD-6327] Security Vulnerabilities Identified in Outdated JavaScript Libraries

            There are no comments yet on this issue.

              Unassigned Unassigned
              a39eae963bdb Carlos_Perez_Lago
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: