Vulnerable Dependencies #3477

jfgrenier-inm · 2024-11-21T19:08:46Z

Required Information

AEM Version, including Service Packs, Cumulative Fix Packs, etc: AEM as a Cloud Service
ACS AEM Commons Version: 6.6.4
Reproducible on Latest? yes We also tried with version 6.9.6

Expected Behavior

We are utilizing ACS AEM Commons in our project and it needs to pass our security gate without the need to suppress the vulnerabilities.

Actual Behavior

We are utilizing ACS AEM Commons in our project and have identified some vulnerable dependencies during our security scan with sonarqube. Vulnerabilities needs to be fixed or we will need to remove the ACS AEM Commons from our project.

acs-aem-commons-ui.apps-6.6.4-cloud.zip: angular-animate.js (pkg:javascript/[email protected]) : CVE-2022-25844, CVE-2024-21490, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2024-8372, CVE-2024-8373, End-of-Life: Long term support for AngularJS has been discontinued as of December 31, 2021
acs-aem-commons-ui.apps-6.6.4-cloud.zip: angular-animate.min.js (pkg:javascript/[email protected]) : CVE-2022-25844, CVE-2024-21490, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2024-8372, CVE-2024-8373, End-of-Life: Long term support for AngularJS has been discontinued as of December 31, 2021
acs-aem-commons-ui.apps-6.6.4-cloud.zip: angular-aria.js (pkg:javascript/[email protected]) : CVE-2022-25844, CVE-2024-21490, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2024-8372, CVE-2024-8373, End-of-Life: Long term support for AngularJS has been discontinued as of December 31, 2021
acs-aem-commons-ui.apps-6.6.4-cloud.zip: angular-aria.min.js (pkg:javascript/[email protected]) : CVE-2022-25844, CVE-2024-21490, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2024-8372, CVE-2024-8373, End-of-Life: Long term support for AngularJS has been discontinued as of December 31, 2021
acs-aem-commons-ui.apps-6.6.4-cloud.zip: angular-cookies.js (pkg:javascript/[email protected]) : CVE-2022-25844, CVE-2024-21490, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2024-8372, CVE-2024-8373, End-of-Life: Long term support for AngularJS has been discontinued as of December 31, 2021
acs-aem-commons-ui.apps-6.6.4-cloud.zip: angular-cookies.min.js (pkg:javascript/[email protected]) : CVE-2022-25844, CVE-2024-21490, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2024-8372, CVE-2024-8373, End-of-Life: Long term support for AngularJS has been discontinued as of December 31, 2021
acs-aem-commons-ui.apps-6.6.4-cloud.zip: angular-loader.js (pkg:javascript/[email protected]) : CVE-2022-25844, CVE-2024-21490, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2024-8372, CVE-2024-8373, End-of-Life: Long term support for AngularJS has been discontinued as of December 31, 2021
acs-aem-commons-ui.apps-6.6.4-cloud.zip: angular-loader.min.js (pkg:javascript/[email protected]) : CVE-2022-25844, CVE-2024-21490, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2024-8372, CVE-2024-8373, End-of-Life: Long term support for AngularJS has been discontinued as of December 31, 2021
acs-aem-commons-ui.apps-6.6.4-cloud.zip: angular-message-format.js (pkg:javascript/[email protected]) : CVE-2022-25844, CVE-2024-21490, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2024-8372, CVE-2024-8373, End-of-Life: Long term support for AngularJS has been discontinued as of December 31, 2021
acs-aem-commons-ui.apps-6.6.4-cloud.zip: angular-message-format.min.js (pkg:javascript/[email protected]) : CVE-2022-25844, CVE-2024-21490, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2024-8372, CVE-2024-8373, End-of-Life: Long term support for AngularJS has been discontinued as of December 31, 2021
acs-aem-commons-ui.apps-6.6.4-cloud.zip: angular-messages.js (pkg:javascript/[email protected]) : CVE-2022-25844, CVE-2024-21490, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2024-8372, CVE-2024-8373, End-of-Life: Long term support for AngularJS has been discontinued as of December 31, 2021
acs-aem-commons-ui.apps-6.6.4-cloud.zip: angular-messages.min.js (pkg:javascript/[email protected]) : CVE-2022-25844, CVE-2024-21490, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2024-8372, CVE-2024-8373, End-of-Life: Long term support for AngularJS has been discontinued as of December 31, 2021
acs-aem-commons-ui.apps-6.6.4-cloud.zip: angular-mocks.js (pkg:javascript/[email protected]) : CVE-2022-25844, CVE-2024-21490, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2024-8372, CVE-2024-8373, End-of-Life: Long term support for AngularJS has been discontinued as of December 31, 2021
acs-aem-commons-ui.apps-6.6.4-cloud.zip: angular-parse-ext.js (pkg:javascript/[email protected]) : CVE-2022-25844, CVE-2024-21490, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2024-8372, CVE-2024-8373, End-of-Life: Long term support for AngularJS has been discontinued as of December 31, 2021
acs-aem-commons-ui.apps-6.6.4-cloud.zip: angular-parse-ext.min.js (pkg:javascript/[email protected]) : CVE-2022-25844, CVE-2024-21490, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2024-8372, CVE-2024-8373, End-of-Life: Long term support for AngularJS has been discontinued as of December 31, 2021
acs-aem-commons-ui.apps-6.6.4-cloud.zip: angular-resource.js (pkg:javascript/[email protected]) : CVE-2022-25844, CVE-2024-21490, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2024-8372, CVE-2024-8373, End-of-Life: Long term support for AngularJS has been discontinued as of December 31, 2021
acs-aem-commons-ui.apps-6.6.4-cloud.zip: angular-resource.min.js (pkg:javascript/[email protected]) : CVE-2022-25844, CVE-2024-21490, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2024-8372, CVE-2024-8373, End-of-Life: Long term support for AngularJS has been discontinued as of December 31, 2021
acs-aem-commons-ui.apps-6.6.4-cloud.zip: angular-route.js (pkg:javascript/[email protected]) : CVE-2022-25844, CVE-2024-21490, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2024-8372, CVE-2024-8373, End-of-Life: Long term support for AngularJS has been discontinued as of December 31, 2021
acs-aem-commons-ui.apps-6.6.4-cloud.zip: angular-route.min.js (pkg:javascript/[email protected]) : CVE-2022-25844, CVE-2024-21490, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2024-8372, CVE-2024-8373, End-of-Life: Long term support for AngularJS has been discontinued as of December 31, 2021
acs-aem-commons-ui.apps-6.6.4-cloud.zip: angular-sanitize.js (pkg:javascript/[email protected]) : CVE-2022-25844, CVE-2024-21490, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2024-8372, CVE-2024-8373, End-of-Life: Long term support for AngularJS has been discontinued as of December 31, 2021
acs-aem-commons-ui.apps-6.6.4-cloud.zip: angular-sanitize.min.js (pkg:javascript/[email protected]) : CVE-2022-25844, CVE-2024-21490, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2024-8372, CVE-2024-8373, End-of-Life: Long term support for AngularJS has been discontinued as of December 31, 2021
acs-aem-commons-ui.apps-6.6.4-cloud.zip: angular-touch.js (pkg:javascript/[email protected]) : CVE-2022-25844, CVE-2024-21490, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2024-8372, CVE-2024-8373, End-of-Life: Long term support for AngularJS has been discontinued as of December 31, 2021
acs-aem-commons-ui.apps-6.6.4-cloud.zip: angular-touch.min.js (pkg:javascript/[email protected]) : CVE-2022-25844, CVE-2024-21490, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2024-8372, CVE-2024-8373, End-of-Life: Long term support for AngularJS has been discontinued as of December 31, 2021
acs-aem-commons-ui.apps-6.6.4-cloud.zip: angular.js (pkg:javascript/[email protected]) : CVE-2022-25844, CVE-2024-21490, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2024-8372, CVE-2024-8373, End-of-Life: Long term support for AngularJS has been discontinued as of December 31, 2021
acs-aem-commons-ui.apps-6.6.4-cloud.zip: angular.min.js (pkg:javascript/[email protected]) : CVE-2022-25844, CVE-2024-21490, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2024-8372, CVE-2024-8373, End-of-Life: Long term support for AngularJS has been discontinued as of December 31, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Vulnerable Dependencies #3477

Vulnerable Dependencies #3477

jfgrenier-inm commented Nov 21, 2024

Vulnerable Dependencies #3477

Vulnerable Dependencies #3477

Comments

jfgrenier-inm commented Nov 21, 2024

Required Information

Expected Behavior

Actual Behavior