Assigned

Feature Request

Status Update

No update yet.

Description

rm...@google.com

created issue #1

Jan 30, 2024 08:38PM

What you would like to accomplish:

Outdated libraries have been flagged for vulnerabilities. However, the vulnerable URL field is inconsistently populated – sometimes empty, and sometimes showing the URL in subsequent scans of the same library (jquery 1.7.1 as an example)

How this might work:

While the scanner may not determine all instances of a vulnerable library, the 'Vulnerable URL' field should still suggest a potential entry point for investigation, and not an empty field.

empty_url.png

93 KB

View

Download

deleted

0 B

Comments

rm...@google.com <rm...@google.com> #2Jan 30, 2024 08:41PM

Thanks for the report. I will route this to the appropriate internal team and update this when I hear back from them.

with_url (1).png

67 KB

View

Download

sa...@google.com <sa...@google.com> Jan 30, 2024 11:15PM

Assigned to sa...@google.com.

sa...@google.com <sa...@google.com> #3Jan 31, 2024 06:46AM

Reassigned to gc...@google.com.

One more detail, Data Layer event calls from the watch to the phone (running Android 13) do work on if the listener is in an Activity or Fragment.

IssueTracker

Provide more information/improvement on the Vulnerable URL in OUTDATED_LIBRARY

Status Update

Description

What you would like to accomplish:

How this might work:

Comments

rm...@google.com <rm...@google.com> #2Jan 30, 2024 08:41PM

sa...@google.com <sa...@google.com> Jan 30, 2024 11:15PM

sa...@google.com <sa...@google.com> #3Jan 31, 2024 06:46AM

Issue 323032332

Description

What you would like to accomplish:

How this might work:

Issue summary

Comments

rm...@google.com <rm...@google.com> #2Jan 30, 2024 08:41PM

sa...@google.com <sa...@google.com> Jan 30, 2024 11:15PM

sa...@google.com <sa...@google.com> #3Jan 31, 2024 06:46AM

Add comment

Issue metadata