Depends on vulnerable versions of jQuery and Chart.js

**Description:**
The **spark-script.js** file in this project includes dependencies on two JS libraries with known security vulnerabilities: **jQuery** and **Chart.js**.

**1. jQuery Dependency:**
The project currently includes jQuery 3.2.1 vulnerable to [CVE-2020-23064](https://github.com/advisories/GHSA-257q-pv89-v3xv).
**Affected Versions**: jQuery versions >= 1.0.3 and < 3.5.0
**Resolution**: Update the jQuery version in jquery.js to 3.5.0 or a later secure version to mitigate this issue.

**2. Chart.js Dependency:**
The project uses Chart.js version 2.7.2, which is vulnerable to [CVE-2020-7746](https://github.com/advisories/GHSA-h68q-55jf-x68w).
**Affected Versions**: Chart.js < 2.9.4
**Resolution**: Update Chart.js to 2.9.4 or a later secure version.


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Depends on vulnerable versions of jQuery and Chart.js #444

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Depends on vulnerable versions of jQuery and Chart.js #444

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions