[ https://issues.apache.org/jira/browse/MSKINS-203?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
jycr updated MSKINS-203: ------------------------ Description: Generated Maven site (with ) affected by following CVE: * [CVE-2015-9251|https://nvd.nist.gov/vuln/detail/cve-2015-9251] * [CVE-2019-11358|https://nvd.nist.gov/vuln/detail/CVE-2019-11358] * [CVE-2020-11022|https://nvd.nist.gov/vuln/detail/CVE-2020-11022] * [CVE-2020-11023|https://nvd.nist.gov/vuln/detail/CVE-2020-11023] Those CVEs are regarding jQuery version used by this skin: jQuery 1.11.2 An upgrade of jQuery is needed to use jQuery version >= 3.5.0 Unfortunately, Bootstrap 2.3.2 does not support jQuery 3+ An upgrade of Bootstrap is needed to use Bootstrap version >= 3.3.7 Some modifications is needed, see: https://getbootstrap.com/docs/3.4/migration/ Please note: Bootstrap 2 is under Apache License, Bootstrap 3 is under MIT License was: Generated Maven site affected by following CVE: * [CVE-2015-9251|https://nvd.nist.gov/vuln/detail/cve-2015-9251] * [CVE-2019-11358|https://nvd.nist.gov/vuln/detail/CVE-2019-11358] * [CVE-2020-11022|https://nvd.nist.gov/vuln/detail/CVE-2020-11022] * [CVE-2020-11023|https://nvd.nist.gov/vuln/detail/CVE-2020-11023] Those CVEs are regarding jQuery version used by this skin: jQuery 1.11.2 An upgrade of jQuery is needed to use jQuery version >= 3.5.0 Unfortunately, Bootstrap 2.3.2 does not support jQuery 3+ An upgrade of Bootstrap is needed to use Bootstrap version >= 3.3.7 Some modifications is needed, see: https://getbootstrap.com/docs/3.4/migration/ Please note: Bootstrap 2 is under Apache License, Bootstrap 3 is under MIT License > CVEs in generated maven site with maven-fluido-skin > --------------------------------------------------- > > Key: MSKINS-203 > URL: https://issues.apache.org/jira/browse/MSKINS-203 > Project: Maven Skins > Issue Type: Bug > Components: Fluido Skin > Affects Versions: fluido-1.11.1 > Reporter: jycr > Priority: Critical > > Generated Maven site (with ) affected by following CVE: > * [CVE-2015-9251|https://nvd.nist.gov/vuln/detail/cve-2015-9251] > * [CVE-2019-11358|https://nvd.nist.gov/vuln/detail/CVE-2019-11358] > * [CVE-2020-11022|https://nvd.nist.gov/vuln/detail/CVE-2020-11022] > * [CVE-2020-11023|https://nvd.nist.gov/vuln/detail/CVE-2020-11023] > Those CVEs are regarding jQuery version used by this skin: jQuery 1.11.2 > An upgrade of jQuery is needed to use jQuery version >= 3.5.0 > Unfortunately, Bootstrap 2.3.2 does not support jQuery 3+ > An upgrade of Bootstrap is needed to use Bootstrap version >= 3.3.7 > Some modifications is needed, see: > https://getbootstrap.com/docs/3.4/migration/ > Please note: Bootstrap 2 is under Apache License, Bootstrap 3 is under MIT > License -- This message was sent by Atlassian Jira (v8.20.10#820010)