WordPress.org

Make WordPress Core

Context Navigation

← Previous Ticket
Next Ticket →

Opened 3 years ago

Closed 3 years ago

Last modified 3 years ago

#43694 closed defect (bug) (duplicate)

Chrome Lighthouse Audit - jQuery Vulnerabilities

Reported by:	joellisenby	Owned by:
Milestone:		Priority:	normal
Severity:	normal	Version:	4.9.5
Component:	External Libraries	Keywords:
Focuses:		Cc:

Description

As you can see, with Google Chrome 65.0.3325.181 when running a Lighthouse (https://github.com/GoogleChrome/lighthouse) 2.8.0 audit, there is a new test which claims there is a vulnerability in the version of jQuery ([email protected]) included with WordPress.

Includes front-end JavaScript libraries with known security vulnerabilities.

Some third-party scripts may contain known security vulnerabilities  that are easily identified and exploited by attackers.

https://snyk.io/vuln/npm:[email protected]

Is this something to be concerned about and are there any plans to update the version of jQuery included with WordPress to one without the linked vulnerabilities?

Change History (2)

#1 @adamsilverstein
3 years ago

Milestone Awaiting Review deleted
Resolution set to duplicate
Status changed from new to closed

Hi @joellisenby thanks for the report. This is a concern, and we are already tracking this issue in #37110.

This ticket was mentioned in Slack in #forums by jcastaneda. View the logs.

3 years ago

Note: See TracTickets for help on using tickets.

Trac UI Preferences

Download in other formats: