"Acceptable minimum versions" list does not satisfy statement "common JavaScript libraries that do not contain known security flaws" within Microsoft mitigation. #93988
Should the acceptable minimum version listing be removed, as it is static security guidance that doesn't age well? Instead use wording such as "common JavaScript libraries that do not contain known security flaws, and maintained"
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
ID: 71a7f29e-89b2-f87c-bcf5-7f8f9b844a96
Version Independent ID: fe57f2f0-b2fe-1120-e480-da7aa0706a18
https://github.com/MicrosoftDocs/azure-docs/blob/58f37499b1d9c6143573fc6030ea4c47d8bce578/articles/security/develop/threat-modeling-tool-configuration-management.md?plain=1#L201
"I did a spot check for Jquery 1.7.1 and found the below CVE listing that include vulnerabilities for that version:
https://www.cvedetails.com/vulnerability-list/vendor_id-6538/product_id-11031/year-2020/Jquery-Jquery.html
Should the acceptable minimum version listing be removed, as it is static security guidance that doesn't age well? Instead use wording such as "common JavaScript libraries that do not contain known security flaws, and maintained"
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.