WebSite X5Help Center

 
Aristotelis Biliouris
Aristotelis Biliouris
User

Lighthouse audit - jquery 3.3.0 vulnerability  en

Autore: Aristotelis Biliouris
Visite 2524, Followers 1, Condiviso 0  

Dear Sirs,

When i run Lighthouse - Audit for my website https://www.irishellas.com i ve got an error message "vulnerability detected" regarding the use of jQuery@3.0.0      

Can Website use jQuery 3.5.x which it seems that is less vulnerable?

Regards

Aristotelis

Postato il
9 RISPOSTE
Aleksej H.
Aleksej H.
Moderator

Hello. I sent a notification about your question to the company employees, expect an answer from them here in the comments.

Leggi di più
Postato il da Aleksej H.
Antal Z.
Antal Z.
User

Unfortunately, the objects are not compatible with all of them.

Therefore, when used, the website will fall apart.

Leggi di più
Postato il da Antal Z.
Incomedia
Stefano G.
Incomedia

Hello Aristotelis 

The vulnerabilities with the current version of jQuery are known and the developers have been informed of this so that the matter can be discussed. As of now, it shouldn't represent a major problem to your website. In any case I confirm that the issue is being examined in order to understand whether it could be possible to update jQuery without any side effect

Thank you

Stefano

Leggi di più
Postato il da Stefano G.
Aristotelis Biliouris
Aristotelis Biliouris
User
Autore

Hello Stefano,

Is there any estimate of the time of problem solving?

Regards

Aristotelis

Leggi di più
Postato il da Aristotelis Biliouris
Incomedia
Stefano G.
Incomedia

Hello Aristotelis

At the moment, not yet. As indicated before, I confirm that the issue is being examined in order to understand whether it could be possible to update jQuery without any major side effect

As soon as news on this becomes available, it will be made known to the community officially

Thank you

Stefano

Leggi di più
Postato il da Stefano G.
Nektarios K.
Nektarios K.
User

Dear Stefano,

any update regarding the issue? I have the same problem with the specific file. 

Leggi di più
Postato il da Nektarios K.
Incomedia
Stefano G.
Incomedia

Hello Nektarios

At the moment, not yet. Updating this component would change many aspects of the logic behind the software and this is not a simple update that can be done in a short time like a fix to a specific issue. The developers have acknowledged the issue and are working towards updating this, but it might not come in a brief period of time. It will definitely be updated, but I cannot say when as of now.

Keep in mind that the website will not suffer from any particular problems due to this since the vulnerabilities mentioned might refer to functionalities that are not even used by the website.

As soon as news on this becomes available, it will be made known to the community officially

Thank you for your patience and understanding

Stefano

Leggi di più
Postato il da Stefano G.
Richard Cunha
Richard Cunha
User

I have the same problem when I test at https://www.webpagetest.org/

Is there an intention to address this vulnerability? I see that it dates back to May.

Is there an expected update which will implement a solution?

About how long before we can expect some kind of results?

Thanks,

Rick

Leggi di più
Postato il da Richard Cunha
Incomedia
Stefano G.
Incomedia

Hello Richard

As mentioned before, an update is certainly in the developer's intentions. That being said, updating this component would change many aspects of the logic behind the software and this is not a simple update that can be done in a short time like a fix to a specific issue. The developers have acknowledged the issue and are working towards updating this, but it might not come in a brief period of time. It will definitely be updated, but I cannot say when as of now.

As soon as news on this becomes available, it will be made known to the community officially

Thank you for your patience and understanding

Stefano

Leggi di più
Postato il da Stefano G.