Open izzybell7 opened 1 month ago
Hi @izzybell7 - thanks for bringing this to our attention, I've been meaning to have us handle these for awhile. We will definitely have jQuery updated to version 3.7.1 for 4.5.3. angular will be a little more complicated, but we'll see what we can do.
Hello,
My team has Nagios Core 4.4.13 deployed on rhel 8 servers.
Mend OpenSource scanning has detected vulnerabilities for jquery-1.12.4.min.js and angular-1.3.9.min.js.
We are considering upgrade to Nagios 4.5.2, but based on the code in github, Nagios Core 4.5.2 includes the same vulnerable versions of angular and jquery.
CVEdetails does not list any vulnerabilities for Nagios Core 4.4.13. Have the vulnerabilities been identified as no risk to Nagios Core? Will upgrade to 4.5.2 resolve the concerns?
Thank you !
Here is CVE detail : angular-1.3.9.min.js CVE-2019-10768 angular-1.3.9.min.js CVE-2019-14863 angular-1.3.9.min.js CVE-2020-7676 angular-1.3.9.min.js CVE-2022-25869 angular-1.3.9.min.js CVE-2023-26116 angular-1.3.9.min.js CVE-2023-26117 angular-1.3.9.min.js CVE-2023-26118 jquery-1.12.4.min.js CVE-2015-9251 jquery-1.12.4.min.js CVE-2019-11358 jquery-1.12.4.min.js CVE-2020-11022 jquery-1.12.4.min.js CVE-2020-11023