[
https://issues.apache.org/jira/browse/SPARK-27167?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sean Owen updated SPARK-27167:
------------------------------
Questions should go to the mailing list, and anything before Spark 2.3 is EOL.
You may have a point, but what 1.x version fixes what vulnerability?
> What would be the possible impact if I upgrade /static/jquery-1.11.1.min.js ?
> -----------------------------------------------------------------------------
>
> Key: SPARK-27167
> URL: https://issues.apache.org/jira/browse/SPARK-27167
> Project: Spark
> Issue Type: Dependency upgrade
> Components: Spark Core
> Affects Versions: 1.6.2
> Reporter: Jerry Garcia
> Priority: Minor
>
> Will there be a big impact on the system if current
> /static/jquery-1.11.1.min.js will be update to latest version ?
> As per our vulnerability scan javascript library that we are currently using
> is vulnerable and we wanted to address this vulnerability. Appreciate any
> help we could get from the community.
> *Description:*
> You are using a vulnerable Javascript library. One or more vulnerabilities
> were reported for this version of the Javascript library. Consult Attack
> details and Web References for more information about the affected library
> and the vulnerabilities that were reported.
> *CWE #:*
> CWE-16 - Category - configuration
>
> Thank you,
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org
