WebSite X5Help Center

 
Aristotelis Biliouris
Aristotelis Biliouris
User

Lighthouse audit - jquery 3.3.0 vulnerability  en

Autor: Aristotelis Biliouris
Visitado 2522, Seguidores 1, Compartilhado 0  

Dear Sirs,

When i run Lighthouse - Audit for my website https://www.irishellas.com i ve got an error message "vulnerability detected" regarding the use of jQuery@3.0.0      

Can Website use jQuery 3.5.x which it seems that is less vulnerable?

Regards

Aristotelis

Publicado em
9 RESPOSTAS
Aleksej H.
Aleksej H.
Moderator

Hello. I sent a notification about your question to the company employees, expect an answer from them here in the comments.

Ler mais
Publicado em de Aleksej H.
Antal Z.
Antal Z.
User

Unfortunately, the objects are not compatible with all of them.

Therefore, when used, the website will fall apart.

Ler mais
Publicado em de Antal Z.
Incomedia
Stefano G.
Incomedia

Hello Aristotelis 

The vulnerabilities with the current version of jQuery are known and the developers have been informed of this so that the matter can be discussed. As of now, it shouldn't represent a major problem to your website. In any case I confirm that the issue is being examined in order to understand whether it could be possible to update jQuery without any side effect

Thank you

Stefano

Ler mais
Publicado em de Stefano G.
Aristotelis Biliouris
Aristotelis Biliouris
User
Autor

Hello Stefano,

Is there any estimate of the time of problem solving?

Regards

Aristotelis

Ler mais
Publicado em de Aristotelis Biliouris
Incomedia
Stefano G.
Incomedia

Hello Aristotelis

At the moment, not yet. As indicated before, I confirm that the issue is being examined in order to understand whether it could be possible to update jQuery without any major side effect

As soon as news on this becomes available, it will be made known to the community officially

Thank you

Stefano

Ler mais
Publicado em de Stefano G.
Nektarios K.
Nektarios K.
User

Dear Stefano,

any update regarding the issue? I have the same problem with the specific file. 

Ler mais
Publicado em de Nektarios K.
Incomedia
Stefano G.
Incomedia

Hello Nektarios

At the moment, not yet. Updating this component would change many aspects of the logic behind the software and this is not a simple update that can be done in a short time like a fix to a specific issue. The developers have acknowledged the issue and are working towards updating this, but it might not come in a brief period of time. It will definitely be updated, but I cannot say when as of now.

Keep in mind that the website will not suffer from any particular problems due to this since the vulnerabilities mentioned might refer to functionalities that are not even used by the website.

As soon as news on this becomes available, it will be made known to the community officially

Thank you for your patience and understanding

Stefano

Ler mais
Publicado em de Stefano G.
Richard Cunha
Richard Cunha
User

I have the same problem when I test at https://www.webpagetest.org/

Is there an intention to address this vulnerability? I see that it dates back to May.

Is there an expected update which will implement a solution?

About how long before we can expect some kind of results?

Thanks,

Rick

Ler mais
Publicado em de Richard Cunha
Incomedia
Stefano G.
Incomedia

Hello Richard

As mentioned before, an update is certainly in the developer's intentions. That being said, updating this component would change many aspects of the logic behind the software and this is not a simple update that can be done in a short time like a fix to a specific issue. The developers have acknowledged the issue and are working towards updating this, but it might not come in a brief period of time. It will definitely be updated, but I cannot say when as of now.

As soon as news on this becomes available, it will be made known to the community officially

Thank you for your patience and understanding

Stefano

Ler mais
Publicado em de Stefano G.