Vulnerable JavaScript libraries Found

Discussion in 'General Discussion' started by Nash, Oct 9, 2019.

  1. Nash

    Nash New Member

    Joined:
    Dec 19, 2018
    Messages:
    7
    Likes Received:
    1
    Vulnerable JavaScript libraries:



    Name Version Known issues Identified files
    jquery 2.1.3 SNYK-npm:jquery:20150627
    SNYK-JS-JQUERY-174006
     
    #1
    amine21 likes this.
  2. Abojasem

    Abojasem New Member

    Joined:
    Jul 9, 2018
    Messages:
    4
    Likes Received:
    2
    #2
    amine21 likes this.
  3. DBN

    DBN New Member

    Joined:
    Dec 4, 2018
    Messages:
    2
    Likes Received:
    1
    #3
    amine21 likes this.
  4. Aadhithya

    Aadhithya New Member

    Joined:
    Oct 10, 2019
    Messages:
    1
    Likes Received:
    1
    @appyet I am also facing this issue, kindly look into this on priority.
     
    #4
    amine21 likes this.
  5. appyet

    appyet Support Team Member
    Staff Member

    Joined:
    Feb 2, 2015
    Messages:
    1,281
    Likes Received:
    440
    where did you get this warning message from? please attach a screenshot to show the issue
     
    #5
    Arnab Mahalder and amine21 like this.
  6. Ivan boytz

    Ivan boytz New Member

    Joined:
    Oct 5, 2019
    Messages:
    2
    Likes Received:
    1
    Security alert

    Your app contains one or more libraries with known security issues. Please see this Google Help Centre article for details.

    Vulnerable JavaScript libraries:



    Name Version Known issues Identified files
    jquery 2.1.3 SNYK-npm:jquery:20150627
    SNYK-JS-JQUERY-174006 assets/html/jquery-2.1.3.min.js






    Affects APK version 13.

    Go to Manage releases


    -----------------------------------------------------------------------------------------------------------------------------------------------

    Security alert

    Your app contains one or more libraries with known security issues. Please see this Google Help Centre article for details.

    Vulnerable JavaScript libraries:


    Name Version Known issues Identified files
    jquery 2.1.3 SNYK-npm:jquery:20150627
    SNYK-JS-JQUERY-174006 assets/html/jquery-2.1.3.min.js


    Affects APK version 5.

    Go to Manage releases
    =============================================================
    Security alert

    Your app contains one or more libraries with known security issues. Please see this Google Help Centre article for details.

    Vulnerable JavaScript libraries:



    Name Version Known issues Identified files
    jquery 2.1.3 SNYK-npm:jquery:20150627
    SNYK-JS-JQUERY-174006 assets/html/jquery-2.1.3.min.js

    Affects APK version 9.

    Go to Manage releases

    Security alert

    Your app contains one or more libraries with known security issues. Please see this Google Help Centre article for details.

    Vulnerable JavaScript libraries:



    Name Version Known issues Identified files
    jquery 2.1.3 SNYK-npm:jquery:20150627
    SNYK-JS-JQUERY-174006 assets/html/jquery-2.1.3.min.js






    Affects APK version 6.

    Go to Manage releases
     

    Attached Files:

    #6
    krees likes this.
  7. Ivan boytz

    Ivan boytz New Member

    Joined:
    Oct 5, 2019
    Messages:
    2
    Likes Received:
    1
    those are some screenshots
    Security alert
     
    #7
  8. Ahmed alsaiaad

    Ahmed alsaiaad New Member

    Joined:
    May 6, 2017
    Messages:
    1
    Likes Received:
    0
    my account too all the apps same Security alert
     
    #8
  9. amine21

    amine21 New Member

    Joined:
    Apr 10, 2017
    Messages:
    5
    Likes Received:
    0
    Me too please fix this ASAP
     
    #9
  10. amine21

    amine21 New Member

    Joined:
    Apr 10, 2017
    Messages:
    5
    Likes Received:
    0
     
    #10
  11. salah rayyan

    salah rayyan New Member

    Joined:
    Jul 4, 2018
    Messages:
    3
    Likes Received:
    1
    Me too @appyet
     
    #11
  12. amine21

    amine21 New Member

    Joined:
    Apr 10, 2017
    Messages:
    5
    Likes Received:
    0
    Screenshot_20191011-183755.png
     
    #12
  13. Updater+

    Updater+ Member

    Joined:
    Apr 8, 2018
    Messages:
    76
    Likes Received:
    14
    so its not just me then? :D
     
    #13
  14. Arnab Mahalder

    Joined:
    Jan 14, 2017
    Messages:
    63
    Likes Received:
    5

    Attached Files:

    #14
  15. Arnab Mahalder

    Joined:
    Jan 14, 2017
    Messages:
    63
    Likes Received:
    5
    Hello everyone issue not solved
     
    #15
    Last edited: Oct 13, 2019 at 1:17 PM
    amine21 likes this.
  16. Daniel Scott

    Daniel Scott New Member

    Joined:
    Oct 9, 2019
    Messages:
    2
    Likes Received:
    0
    Remediation for Vulnerable Libraries with known Security Issues
    This information is intended for developers with app(s) that contain one or more Java or JavaScript libraries with known security issues (e.g., common vulnerabilities and exposures - CVEs). Although unintended by the app developer, including such vulnerable libraries in an app can put app users at risk. A list of detected unsafe libraries and their locations can be found in the Play Console notification for your app.

    How to fix “Vulnerable libraries with known security issues” alerts
    To resolve this issue, you can take one of the following three actions for each detected unsafe library:

    1. Use an up-to-date version of the library: If the app has a direct dependency on the detected unsafe version of a library, and the security issue has been resolved in the latest version of that library, rebuilding the app with the latest version will resolve the issue.

    2. Contact the library developer: It is possible that the library is still maintained but the security issue has not yet been fixed. It is also possible that the app has a transitive dependency on the detected unsafe library (i.e., the app directly depends on a library, which in turn depends on the unsafe library). Under such circumstances, contact the library developer to fix the issue.

    3. Find an alternative: If the unsafe library with one or more security issues is no longer maintained, please find and use a safe alternative library.
    Next steps
    1. Update your app using the steps highlighted above.

    2. Sign in to your Play Console and submit the updated version of your app.
    Your app will be reviewed again; if the app has not been updated correctly, you will still see the warning. This process can take several hours.

    We’re here to help
    If you have technical questions about the vulnerability, you can post to Stack Overflow and use the tag “android-security.”
     
    #16
  17. Ken Tam

    Ken Tam Member

    Joined:
    Feb 16, 2015
    Messages:
    43
    Likes Received:
    2
    @appyet any update about
    Vulnerable JavaScript libraries?
     
    #17
  18. Arnab Mahalder

    Joined:
    Jan 14, 2017
    Messages:
    63
    Likes Received:
    5
    Just Build the new one and upload and wait 24 hours for dismissed

    Sent from my Pixel 2
     
    #18
  19. Ken Tam

    Ken Tam Member

    Joined:
    Feb 16, 2015
    Messages:
    43
    Likes Received:
    2
    Both are
    3.1.46 but the js is different?
     
    #19
  20. Arnab Mahalder

    Joined:
    Jan 14, 2017
    Messages:
    63
    Likes Received:
    5
    My .js problem solved after build new upload
     
    #20

Share This Page