By: Kartik Agarwal user 10 Aug 2021 at 7:34 a.m. CDT

3 Responses
Kartik Agarwal gravatar
Hi, We are using Gluu as a part of our application architecture. Recently our security group reported that gluu is using jquery version 3.4.1 which have reported security vulnerabilities. https://snyk.io/test/npm/jquery/3.4.1 Is there any release plans to update jquery dependencies to latest stable 3.6.0 version.

By Mohib Zico Account Admin 12 Aug 2021 at 10:38 p.m. CDT

Mohib Zico gravatar
Let me touch base on this and I'll get back to you...

By Michael Schwartz Account Admin 13 Aug 2021 at 11:55 a.m. CDT

Michael Schwartz gravatar
Community EOL for 3.x [was last year](https://gluu.org/docs/#end-of-life) You should update to version 4.2.3. Version 4.3 is coming out at the end of the month and is fully scanned and updated.

By Kartik Agarwal user 13 Aug 2021 at 12:14 p.m. CDT

Kartik Agarwal gravatar
We are using Gluu server version 4.2.3 only. And it uses jQuery version 3.4.1 only. I checked Gluu Server version 4.3 github repo code too it is also dependent on jQuery 3.4.1 which has reported security related vulnerabilities.