Vulnerable JavaScript libraries Found

Nash

New Member
Vulnerable JavaScript libraries:



Name Version Known issues Identified files
jquery 2.1.3 SNYK-npm:jquery:20150627
SNYK-JS-JQUERY-174006
 

Ivan boytz

New Member
Security alert

Your app contains one or more libraries with known security issues. Please see this Google Help Centre article for details.

Vulnerable JavaScript libraries:



Name Version Known issues Identified files
jquery 2.1.3 SNYK-npm:jquery:20150627
SNYK-JS-JQUERY-174006 assets/html/jquery-2.1.3.min.js






Affects APK version 13.

Go to Manage releases


-----------------------------------------------------------------------------------------------------------------------------------------------

Security alert

Your app contains one or more libraries with known security issues. Please see this Google Help Centre article for details.

Vulnerable JavaScript libraries:


Name Version Known issues Identified files
jquery 2.1.3 SNYK-npm:jquery:20150627
SNYK-JS-JQUERY-174006 assets/html/jquery-2.1.3.min.js


Affects APK version 5.

Go to Manage releases
=============================================================
Security alert

Your app contains one or more libraries with known security issues. Please see this Google Help Centre article for details.

Vulnerable JavaScript libraries:



Name Version Known issues Identified files
jquery 2.1.3 SNYK-npm:jquery:20150627
SNYK-JS-JQUERY-174006 assets/html/jquery-2.1.3.min.js

Affects APK version 9.

Go to Manage releases

Security alert

Your app contains one or more libraries with known security issues. Please see this Google Help Centre article for details.

Vulnerable JavaScript libraries:



Name Version Known issues Identified files
jquery 2.1.3 SNYK-npm:jquery:20150627
SNYK-JS-JQUERY-174006 assets/html/jquery-2.1.3.min.js






Affects APK version 6.

Go to Manage releases
 

Attachments

  • Screenshot (3).png
    Screenshot (3).png
    260.2 KB · Views: 19
  • Screenshot (2).png
    Screenshot (2).png
    263.3 KB · Views: 17

Daniel Scott

New Member
where did you get this warning message from? please attach a screenshot to show the issue
Remediation for Vulnerable Libraries with known Security Issues
This information is intended for developers with app(s) that contain one or more Java or JavaScript libraries with known security issues (e.g., common vulnerabilities and exposures - CVEs). Although unintended by the app developer, including such vulnerable libraries in an app can put app users at risk. A list of detected unsafe libraries and their locations can be found in the Play Console notification for your app.

How to fix “Vulnerable libraries with known security issues” alerts
To resolve this issue, you can take one of the following three actions for each detected unsafe library:

  1. Use an up-to-date version of the library: If the app has a direct dependency on the detected unsafe version of a library, and the security issue has been resolved in the latest version of that library, rebuilding the app with the latest version will resolve the issue.

  2. Contact the library developer: It is possible that the library is still maintained but the security issue has not yet been fixed. It is also possible that the app has a transitive dependency on the detected unsafe library (i.e., the app directly depends on a library, which in turn depends on the unsafe library). Under such circumstances, contact the library developer to fix the issue.

  3. Find an alternative: If the unsafe library with one or more security issues is no longer maintained, please find and use a safe alternative library.
Next steps
  1. Update your app using the steps highlighted above.

  2. Sign in to your Play Console and submit the updated version of your app.
Your app will be reviewed again; if the app has not been updated correctly, you will still see the warning. This process can take several hours.

We’re here to help
If you have technical questions about the vulnerability, you can post to Stack Overflow and use the tag “android-security.”
 
Top