...
Repository | Group | Impact Analysis | Action | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
clamp | com.fasterxml.jackson.core |
|
| ||||||||||
clamp | angular | It impacts our UI as angular is the skeleton technology used in the code. Anyway we have mitigated the issue by setting the angular version to 1.3.2 with the least amount of security issue reported by Nexus IQ (for Release 1.XX) | Analyze how to migrate the UI to a recent angular version (> 4.X)
| ||||||||||
clamp | bootstrap | It impacts our UI as bootstrap (one of the latest version, 4.1.1) is used in clamp code. We could be impacted by the possible Cross-Site Scripting (XSS) reported by Nexus IQ | Wait until Bootstrap library is fixed or investigate how to delete/replace itbootstrap library 4.1.3 CLAMP is using, doesn't present a vulnerability anymore
|
...