You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@archiva.apache.org by Eric Fetzer <er...@gmail.com> on 2020/08/31 16:19:06 UTC

Re: Archiva jQuery Vulnerability

Did this make it to the archiva user group?  Haven't gotten any replies.
Thanks - Eric

On Wed, Aug 26, 2020 at 1:42 PM Eric Fetzer <er...@gmail.com> wrote:

> Hi all!  We’re running archiva on port 8081 on a RHEL7 machine.  We just
> got hit from our security team on a vulnerability for version 1.11.1 of
> jQuery running on this port:
>
>
>
> Plugin Output:
>   URL               : http://myMachine:8081/js/jquery-1.11.1.min.js
> <http://mymachine:8081/js/jquery-1.11.1.min.js>
>   Installed version : 1.11.1
>   Fixed version     : 3.5.0
>
>
>
> We’re running version 2.2.4 of Archiva.  How can I fix this vulnerability?
>
>
>
> Thanks,
>
> Eric
>
>
>