Description:
The spark-script.js file in this project includes dependencies on two JS libraries with known security vulnerabilities: jQuery and Chart.js.
1. jQuery Dependency:
The project currently includes jQuery 3.2.1 vulnerable to CVE-2020-23064.
Affected Versions: jQuery versions >= 1.0.3 and < 3.5.0
Resolution: Update the jQuery version in jquery.js to 3.5.0 or a later secure version to mitigate this issue.
2. Chart.js Dependency:
The project uses Chart.js version 2.7.2, which is vulnerable to CVE-2020-7746.
Affected Versions: Chart.js < 2.9.4
Resolution: Update Chart.js to 2.9.4 or a later secure version.
Description:
The spark-script.js file in this project includes dependencies on two JS libraries with known security vulnerabilities: jQuery and Chart.js.
1. jQuery Dependency:
The project currently includes jQuery 3.2.1 vulnerable to CVE-2020-23064.
Affected Versions: jQuery versions >= 1.0.3 and < 3.5.0
Resolution: Update the jQuery version in jquery.js to 3.5.0 or a later secure version to mitigate this issue.
2. Chart.js Dependency:
The project uses Chart.js version 2.7.2, which is vulnerable to CVE-2020-7746.
Affected Versions: Chart.js < 2.9.4
Resolution: Update Chart.js to 2.9.4 or a later secure version.