[wp-trac] [WordPress Trac] #63259: Usage of zxcvbn 4.4.1 with known vulnerability
WordPress Trac
noreply at wordpress.org
Thu Apr 10 11:54:31 UTC 2025
#63259: Usage of zxcvbn 4.4.1 with known vulnerability
--------------------------------+------------------------------
Reporter: fseydel | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: External Libraries | Version:
Severity: major | Resolution:
Keywords: | Focuses: javascript
--------------------------------+------------------------------
Comment (by fseydel):
Feedback from the Bavarian "Landesamt für Sicherheit in der
Informationstechnik":
"The vulnerability only affects the availability of the website in the
client's browser and does not pose a threat to the server side, provided
the affected library is only used on the client side. However, this still
constitutes a violation of the administrative regulation BayITSiR-14,
section 3.4 d), since security patches (including those from third-party
products) must be installed immediately."
--
Ticket URL: <https://core.trac.wordpress.org/ticket/63259#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list