67949 - SAS® Life Science Analytics Framework 5.3 - Security vulnerability identified in jQuery version included in application HTML Commons component

Problem Note 67949: SAS® Life Science Analytics Framework 5.3 - Security vulnerability identified in jQuery version included in application HTML Commons component

Severity: Medium

Description: Security vulnerabilities were identified in the version of jQuery that is currently included in a version of HTML Commons that is part of SAS Life Science Analytics Framework 5.3. HTML Commons is providing a hot fix for all versions of HTML Commons that are currently in the field or pending release.

For existing SAS Life Science Analytics Framework 5.3 customers, a fix (contained in 5.3.1) is required in order to accommodate the HTML Commons fix.

Potential Impact: For details about the addressed vulnerabilities, see these links:

CVE-2020-11022
CVE-2019-11358

To obtain a fix for this issue, contact SAS Technical Support.

Operating System and Release Information

Product Family	Product	System	Product Release		SAS Release
			Reported	Fixed*	Reported	Fixed*
SAS System	SAS Life Science Analytics Framework	Linux for x64	5.3	5.3.1	9.4 TS1M7	9.4 TS1M7

* For software releases that are not yet generally available, the Fixed Release is the software release in which the problem is planned to be fixed.

Type:	Problem Note
Priority:	high

Date Modified:	2021-06-03 14:55:31
Date Created:	2021-05-24 16:48:11