THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
Retire.js is a free open source scanner for detecting the use of JavaScript libraries with known vulnerabilities.
Links to get a better insightsinsight:
Following are the efforts put to fix vulnerabilities detected using retire.js:
Scan Date | Ticket | Affected Version | Vulnerabilities | Fix Date | Fixed Release | Fixes | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
18-March-2017 |
| Trunk | CVE-2015-9251 | 20-November-2017 | 17.12.01 | jQuery upgraded from jQuery 1.11.0 to jQuery 3.2.1 | ||||||||||
06-June-2019 |
| 16.11.05 | 18-June-2019 | 16.11.06 | jQuery upgraded from jQuery 1.11.0 to jQuery 3.4.1 | |||||||||||
06-June-2019 |
| 17.12.01, 18.12.01, Trunk | 27-July-2019 | 17.12.01, 18.12.01 | For CVE-2018-14041 Bootstrap upgraded to 4.3 For CVE-2019-11358 jQuery upgraded from jQuery 3.2.1 to jQuery 3.4.1 | |||||||||||
29-May-2020 |
| 17.12.01, 18.12.01, Trunk | Severity:medium Summary: Regex in its jQuery.htmlPrefilter sometimes may introduce XSS;https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/ |