Adobe-Consulting-Services / acs-aem-commons

http://adobe-consulting-services.github.io/acs-aem-commons/
Apache License 2.0
453 stars 600 forks source link

Angular versions (1.2, 1.3) being used #2039

Closed ksurendra closed 4 years ago

ksurendra commented 5 years ago

Required Information

Expected Behavior

No significant issues. This is an observation. Either upgrade to a newer version of angular or clean up if not being used.

Screen Shot 2019-09-10 at 10 24 25 AM

Actual Behavior

As expected.

Steps to Reproduce

Observed that under /ui.apps/src/main/content/jcr_root/apps/acs-commons/clientlibs/vendor/angularjs versions being used are 1.2 and 1.3

And on finding Angular references,

Links

NA

kwin commented 5 years ago

The following issues are raised by the dependency-check-maven-plugin if examining acs-aem-commons in version 4.3.2:

INFO] --- dependency-check-maven:5.1.1:check (default) @ <some module> ---
[INFO] Central analyzer disabled
[INFO] Instance is null, returning unconfigured instance
[INFO] thread_pool.default PoolConfiguration = useBoundary = [false] boundarySize = [2000] maximumPoolSize = [150] minimumPoolSize = [4] keepAliveTime = [300000] whenBlockedPolicy = [RUN] startUpSize = [4]
[INFO] Setting default auxiliaries to ODC
[INFO] setting defaultCompositeCacheAttributes to [ useLateral = true, useRemote = true, useDisk = true, maxObjs = 0, maxSpoolPerRun = -1, diskUsagePattern = UPDATE, spoolChunkSize = 2 ]
[INFO] setting defaultElementAttributes to [ IS_LATERAL = false, IS_SPOOL = true, IS_REMOTE = false, IS_ETERNAL = false, MaxLifeSeconds = 86400, IdleTime = 1800, CreateTime = 1568638791866, LastAccessTime = 1568638791866, getTimeToLiveSeconds() = 86399, createTime = 1568638791866 ]
[INFO] initialized MemoryCache for CENTRAL
[INFO] Constructed cache with name [CENTRAL] and cache attributes [ useLateral = true, useRemote = true, useDisk = true, maxObjs = 0, maxSpoolPerRun = -1, diskUsagePattern = UPDATE, spoolChunkSize = 2 ]
[INFO] No cache event logger defined for auxiliary [jcs.auxiliary.ODC]
[INFO] Using standard serializer [org.apache.commons.jcs.utils.serialization.StandardSerializer@19fc0ef7] for auxiliary [jcs.auxiliary.ODC]
[INFO] thread_pool.disk_cache_event_queue PoolConfiguration = useBoundary = [false] boundarySize = [2000] maximumPoolSize = [150] minimumPoolSize = [4] keepAliveTime = [300000] whenBlockedPolicy = [RUN] startUpSize = [4]
[INFO] Region [CENTRAL] Cache file root directory: /Users/konradwindszus/.m2/ergo-repository/org/owasp/dependency-check-data/4.0/cache
[INFO] Region [CENTRAL] Set maxKeySize to: '1000000'
[INFO] Region [CENTRAL] Indexed Disk Cache is alive.
[INFO] initialized MemoryCache for POM
[INFO] Constructed cache with name [POM] and cache attributes [ useLateral = true, useRemote = true, useDisk = true, maxObjs = 0, maxSpoolPerRun = -1, diskUsagePattern = UPDATE, spoolChunkSize = 2 ]
[INFO] No cache event logger defined for auxiliary [jcs.auxiliary.ODC]
[INFO] Using standard serializer [org.apache.commons.jcs.utils.serialization.StandardSerializer@259aec72] for auxiliary [jcs.auxiliary.ODC]
[INFO] Region [POM] Cache file root directory: /Users/konradwindszus/.m2/ergo-repository/org/owasp/dependency-check-data/4.0/cache
[INFO] Region [POM] Set maxKeySize to: '1000000'
[INFO] Region [POM] Indexed Disk Cache is alive.
[INFO] initialized MemoryCache for NODEAUDIT
[INFO] Constructed cache with name [NODEAUDIT] and cache attributes [ useLateral = true, useRemote = true, useDisk = true, maxObjs = 0, maxSpoolPerRun = -1, diskUsagePattern = UPDATE, spoolChunkSize = 2 ]
[INFO] No cache event logger defined for auxiliary [jcs.auxiliary.ODC]
[INFO] Using standard serializer [org.apache.commons.jcs.utils.serialization.StandardSerializer@36d39655] for auxiliary [jcs.auxiliary.ODC]
[INFO] Region [NODEAUDIT] Cache file root directory: /Users/konradwindszus/.m2/ergo-repository/org/owasp/dependency-check-data/4.0/cache
[INFO] Region [NODEAUDIT] Set maxKeySize to: '1000000'
[INFO] Region [NODEAUDIT] Indexed Disk Cache is alive.
[INFO] Parsed regions [CENTRAL, POM, NODEAUDIT]
[INFO] Finished configuration in 46 ms.
[INFO] Checking for updates
[INFO] Skipping NVD check since last check was within 24 hours.
[INFO] Skipping RetireJS update since last update was within 24 hours.
[INFO] Check for updates complete (7 ms)
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (1 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
00:00  INFO: Vulnerability found: angularjs below 1.5.0-rc2
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.5
00:00  INFO: Vulnerability found: angularjs below 1.5.0-rc2
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.5.0-rc2
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.5
00:00  INFO: Vulnerability found: angularjs below 1.5.0-rc2
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.5
00:00  INFO: Vulnerability found: angularjs below 1.6.5
00:00  INFO: Vulnerability found: angularjs below 1.5.0-rc2
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.5
00:00  INFO: Vulnerability found: angularjs below 1.5.0-rc2
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.5
00:00  INFO: Vulnerability found: angularjs below 1.5.0-rc2
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.5
00:00  INFO: Vulnerability found: angularjs below 1.5.0-rc2
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.5
00:00  INFO: Vulnerability found: angularjs below 1.5.0-rc2
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.5
00:00  INFO: Vulnerability found: angularjs below 1.2.30
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.5
00:00  INFO: Vulnerability found: angularjs below 1.2.30
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.5
00:00  INFO: Vulnerability found: angularjs below 1.5.0-rc2
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.5
00:00  INFO: Vulnerability found: angularjs below 1.2.30
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.5
00:00  INFO: Vulnerability found: angularjs below 1.2.30
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.5
00:00  INFO: Vulnerability found: angularjs below 1.2.30
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.5
00:00  INFO: Vulnerability found: angularjs below 1.2.30
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.5
00:00  INFO: Vulnerability found: angularjs below 1.2.30
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.5
00:00  INFO: Vulnerability found: angularjs below 1.2.30
00:00  INFO: Vulnerability found: angularjs below 1.5.0-rc2
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.5
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.5
00:00  INFO: Vulnerability found: angularjs below 1.2.30
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.3
00:00  INFO: Vulnerability found: angularjs below 1.6.5
00:00  INFO: Vulnerability found: jquery below 1.12.0
00:00  INFO: Vulnerability found: jquery below 1.12.0
00:00  INFO: Vulnerability found: jquery below 3.4.0
00:00  INFO: Vulnerability found: jquery below 3.0.0-beta1
00:00  INFO: Vulnerability found: jquery below 2.2.0
00:00  INFO: Vulnerability found: jquery below 3.4.0
00:01  INFO: Vulnerability found: angularjs below 1.2.30
00:01  INFO: Vulnerability found: angularjs below 1.6.3
00:01  INFO: Vulnerability found: angularjs below 1.6.3
00:01  INFO: Vulnerability found: angularjs below 1.6.5
00:01  INFO: Vulnerability found: angularjs below 1.2.30
00:01  INFO: Vulnerability found: angularjs below 1.6.3
00:01  INFO: Vulnerability found: angularjs below 1.6.3
00:01  INFO: Vulnerability found: angularjs below 1.6.5
00:01  INFO: Vulnerability found: angularjs below 1.5.0-rc2
00:01  INFO: Vulnerability found: angularjs below 1.6.3
00:01  INFO: Vulnerability found: angularjs below 1.6.3
00:01  INFO: Vulnerability found: angularjs below 1.6.5
00:01  INFO: Vulnerability found: angularjs below 1.5.0-rc2
00:01  INFO: Vulnerability found: angularjs below 1.6.3
00:01  INFO: Vulnerability found: angularjs below 1.6.3
00:01  INFO: Vulnerability found: angularjs below 1.6.5
[INFO] Finished RetireJS Analyzer (1 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Analysis Complete (4 seconds)
[WARNING] 

One or more dependencies were identified with known vulnerabilities in <Some Project>:

acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-cookies.min.js (pkg:javascript/angularjs@1.3.3) : DOS in $sanitize, The attribute usemap can be used as a security exploit, Universal CSP bypass via add-on in Firefox, XSS in $sanitize in Safari/Firefox
acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-aria.min.js (pkg:javascript/angularjs@1.3.3) : DOS in $sanitize, The attribute usemap can be used as a security exploit, Universal CSP bypass via add-on in Firefox, XSS in $sanitize in Safari/Firefox
acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular.min.js (pkg:javascript/angularjs@1.3.3) : DOS in $sanitize, The attribute usemap can be used as a security exploit, Universal CSP bypass via add-on in Firefox, XSS in $sanitize in Safari/Firefox
acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-loader.min.js (pkg:javascript/angularjs@1.3.3) : DOS in $sanitize, The attribute usemap can be used as a security exploit, Universal CSP bypass via add-on in Firefox, XSS in $sanitize in Safari/Firefox
acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-messages.min.js (pkg:javascript/angularjs@1.3.3) : DOS in $sanitize, The attribute usemap can be used as a security exploit, Universal CSP bypass via add-on in Firefox, XSS in $sanitize in Safari/Firefox
acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-scenario.js (pkg:javascript/angularjs@1.3.3, pkg:javascript/jquery@2.1.1) : CVE-2015-9251, CVE-2019-11358, DOS in $sanitize, The attribute usemap can be used as a security exploit, Universal CSP bypass via add-on in Firefox, XSS in $sanitize in Safari/Firefox
acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-loader.js (pkg:javascript/angularjs@1.3.3) : DOS in $sanitize, The attribute usemap can be used as a security exploit, Universal CSP bypass via add-on in Firefox, XSS in $sanitize in Safari/Firefox
acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-touch.min.js (pkg:javascript/angularjs@1.3.3) : DOS in $sanitize, The attribute usemap can be used as a security exploit, Universal CSP bypass via add-on in Firefox, XSS in $sanitize in Safari/Firefox
acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-route.min.js (pkg:javascript/angularjs@1.3.3) : DOS in $sanitize, The attribute usemap can be used as a security exploit, Universal CSP bypass via add-on in Firefox, XSS in $sanitize in Safari/Firefox
acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular.js (pkg:javascript/angularjs@1.3.3) : DOS in $sanitize, The attribute usemap can be used as a security exploit, Universal CSP bypass via add-on in Firefox, XSS in $sanitize in Safari/Firefox
acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-sanitize.min.js (pkg:javascript/angularjs@1.3.3) : DOS in $sanitize, The attribute usemap can be used as a security exploit, Universal CSP bypass via add-on in Firefox, XSS in $sanitize in Safari/Firefox
acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-resource.min.js (pkg:javascript/angularjs@1.3.3) : DOS in $sanitize, The attribute usemap can be used as a security exploit, Universal CSP bypass via add-on in Firefox, XSS in $sanitize in Safari/Firefox
acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-animate.min.js (pkg:javascript/angularjs@1.3.3) : DOS in $sanitize, The attribute usemap can be used as a security exploit, Universal CSP bypass via add-on in Firefox, XSS in $sanitize in Safari/Firefox
acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-cookies.min.js (pkg:javascript/angularjs@1.2.26) : DOS in $sanitize, The attribute usemap can be used as a security exploit, Universal CSP bypass via add-on in Firefox, XSS in $sanitize in Safari/Firefox
acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular.min.js (pkg:javascript/angularjs@1.2.26) : DOS in $sanitize, The attribute usemap can be used as a security exploit, Universal CSP bypass via add-on in Firefox, XSS in $sanitize in Safari/Firefox
acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-loader.min.js (pkg:javascript/angularjs@1.2.26) : DOS in $sanitize, The attribute usemap can be used as a security exploit, Universal CSP bypass via add-on in Firefox, XSS in $sanitize in Safari/Firefox
acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-scenario.js (pkg:javascript/angularjs@1.2.26, pkg:javascript/jquery@1.10.2) : CVE-2015-9251, CVE-2019-11358, DOS in $sanitize, The attribute usemap can be used as a security exploit, Universal CSP bypass via add-on in Firefox, XSS in $sanitize in Safari/Firefox
acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-loader.js (pkg:javascript/angularjs@1.2.26) : DOS in $sanitize, The attribute usemap can be used as a security exploit, Universal CSP bypass via add-on in Firefox, XSS in $sanitize in Safari/Firefox
acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-touch.min.js (pkg:javascript/angularjs@1.2.26) : DOS in $sanitize, The attribute usemap can be used as a security exploit, Universal CSP bypass via add-on in Firefox, XSS in $sanitize in Safari/Firefox
acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-route.min.js (pkg:javascript/angularjs@1.2.26) : DOS in $sanitize, The attribute usemap can be used as a security exploit, Universal CSP bypass via add-on in Firefox, XSS in $sanitize in Safari/Firefox
acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular.js (pkg:javascript/angularjs@1.2.26) : DOS in $sanitize, The attribute usemap can be used as a security exploit, Universal CSP bypass via add-on in Firefox, XSS in $sanitize in Safari/Firefox
acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-sanitize.min.js (pkg:javascript/angularjs@1.2.26) : DOS in $sanitize, The attribute usemap can be used as a security exploit, Universal CSP bypass via add-on in Firefox, XSS in $sanitize in Safari/Firefox
acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-resource.min.js (pkg:javascript/angularjs@1.2.26) : DOS in $sanitize, The attribute usemap can be used as a security exploit, Universal CSP bypass via add-on in Firefox, XSS in $sanitize in Safari/Firefox
acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-animate.min.js (pkg:javascript/angularjs@1.2.26) : DOS in $sanitize, The attribute usemap can be used as a security exploit, Universal CSP bypass via add-on in Firefox, XSS in $sanitize in Safari/Firefox
....
ERROR] Failed to execute goal org.owasp:dependency-check-maven:5.1.1:check (default) on project <some embedding project>: 
[ERROR] 
[ERROR] One or more dependencies were identified with vulnerabilities: 
[ERROR] 
[ERROR] accesscontroltool-package-2.3.2.zip: org.apache.sling.installer.provider.installhook-1.0.4.jar: CVE-2016-5394, CVE-2016-6798
[ERROR] acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-cookies.min.js: Universal CSP bypass via add-on in Firefox, DOS in $sanitize, XSS in $sanitize in Safari/Firefox, The attribute usemap can be used as a security exploit
[ERROR] acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-aria.min.js: Universal CSP bypass via add-on in Firefox, DOS in $sanitize, XSS in $sanitize in Safari/Firefox, The attribute usemap can be used as a security exploit
[ERROR] acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular.min.js: Universal CSP bypass via add-on in Firefox, DOS in $sanitize, XSS in $sanitize in Safari/Firefox, The attribute usemap can be used as a security exploit
[ERROR] acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-loader.min.js: Universal CSP bypass via add-on in Firefox, DOS in $sanitize, XSS in $sanitize in Safari/Firefox, The attribute usemap can be used as a security exploit
[ERROR] acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-messages.min.js: Universal CSP bypass via add-on in Firefox, DOS in $sanitize, XSS in $sanitize in Safari/Firefox, The attribute usemap can be used as a security exploit
[ERROR] acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-scenario.js: CVE-2015-9251, Universal CSP bypass via add-on in Firefox, DOS in $sanitize, XSS in $sanitize in Safari/Firefox, CVE-2019-11358, The attribute usemap can be used as a security exploit
[ERROR] acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-loader.js: Universal CSP bypass via add-on in Firefox, DOS in $sanitize, XSS in $sanitize in Safari/Firefox, The attribute usemap can be used as a security exploit
[ERROR] acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-touch.min.js: Universal CSP bypass via add-on in Firefox, DOS in $sanitize, XSS in $sanitize in Safari/Firefox, The attribute usemap can be used as a security exploit
[ERROR] acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-route.min.js: Universal CSP bypass via add-on in Firefox, DOS in $sanitize, XSS in $sanitize in Safari/Firefox, The attribute usemap can be used as a security exploit
[ERROR] acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular.js: Universal CSP bypass via add-on in Firefox, DOS in $sanitize, XSS in $sanitize in Safari/Firefox, The attribute usemap can be used as a security exploit
[ERROR] acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-sanitize.min.js: Universal CSP bypass via add-on in Firefox, DOS in $sanitize, XSS in $sanitize in Safari/Firefox, The attribute usemap can be used as a security exploit
[ERROR] acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-resource.min.js: Universal CSP bypass via add-on in Firefox, DOS in $sanitize, XSS in $sanitize in Safari/Firefox, The attribute usemap can be used as a security exploit
[ERROR] acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-animate.min.js: Universal CSP bypass via add-on in Firefox, DOS in $sanitize, XSS in $sanitize in Safari/Firefox, The attribute usemap can be used as a security exploit
[ERROR] acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-cookies.min.js: Universal CSP bypass via add-on in Firefox, DOS in $sanitize, XSS in $sanitize in Safari/Firefox, The attribute usemap can be used as a security exploit
[ERROR] acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular.min.js: Universal CSP bypass via add-on in Firefox, DOS in $sanitize, XSS in $sanitize in Safari/Firefox, The attribute usemap can be used as a security exploit
[ERROR] acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-loader.min.js: Universal CSP bypass via add-on in Firefox, DOS in $sanitize, XSS in $sanitize in Safari/Firefox, The attribute usemap can be used as a security exploit
[ERROR] acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-scenario.js: CVE-2015-9251, Universal CSP bypass via add-on in Firefox, DOS in $sanitize, XSS in $sanitize in Safari/Firefox, CVE-2019-11358, The attribute usemap can be used as a security exploit
[ERROR] acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-loader.js: Universal CSP bypass via add-on in Firefox, DOS in $sanitize, XSS in $sanitize in Safari/Firefox, The attribute usemap can be used as a security exploit
[ERROR] acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-touch.min.js: Universal CSP bypass via add-on in Firefox, DOS in $sanitize, XSS in $sanitize in Safari/Firefox, The attribute usemap can be used as a security exploit
[ERROR] acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-route.min.js: Universal CSP bypass via add-on in Firefox, DOS in $sanitize, XSS in $sanitize in Safari/Firefox, The attribute usemap can be used as a security exploit
[ERROR] acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular.js: Universal CSP bypass via add-on in Firefox, DOS in $sanitize, XSS in $sanitize in Safari/Firefox, The attribute usemap can be used as a security exploit
[ERROR] acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-sanitize.min.js: Universal CSP bypass via add-on in Firefox, DOS in $sanitize, XSS in $sanitize in Safari/Firefox, The attribute usemap can be used as a security exploit
[ERROR] acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-resource.min.js: Universal CSP bypass via add-on in Firefox, DOS in $sanitize, XSS in $sanitize in Safari/Firefox, The attribute usemap can be used as a security exploit
[ERROR] acs-aem-commons-content-4.3.2-min.zip: acs-aem-commons-ui.apps-4.3.2.zip: angular-animate.min.js: Universal CSP bypass via add-on in Firefox, DOS in $sanitize, XSS in $sanitize in Safari/Firefox, The attribute usemap can be used as a security exploit
[ERROR] 
[ERROR] See the dependency-check report for more details.
[ERROR] -> [Help 1]
stale[bot] commented 4 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

rbotha78 commented 4 years ago

Can we get this issue re-opened?

sonjanaef commented 2 years ago

The same problem still exists. Can we re-open this issue please?