jQuery Warnings
Introduction
While ownCloud is using an older version of jQuery, we have fixed the known vulnerabilities in the patches listed below. We closely follow any security related news regarding the library for any new issues.
The jQuery version shipped inside ownCloud is secure. |
Note that automatic scanners may still report false positives even if the CVE’s have been addressed as the scanners just look at the jQuery version shipped.
Fixed Issues
-
jQuery
-
CVE-2020-11022 and CVE-2020-11023
patched in 10.5.0 -
CVE-2015-9251
patched in 10.0.9 RC3 -
CVE-2019-11358
patched in 10.8.0 -
CVE-2016-7103
patched in 10.9.0
-
-
jQuery-ui
-
CVE-2021-41182, CVE-2021-41183 and CVE-2021-41184
patched in 10.9.0 -
CVE-2022-31160
Component "checkboxradio" is not used by ownCloud
-
If you know about any issues which were not patched yet or which are not included in this list please notify us at security@owncloud.com.