Overview
After upgrading to the latest version of DNN Evoq, some files such as DNN.js will still reflect an older version number. This is expected behavior. The version numbers in these files correspond to the version of that file, not the version of the DNN Evoq install itself.
Solution
Some security scans have been triggered by the presence of the following line of code in dnn.js:
var dnnJscriptVersion="6.0.0";
Version 6.0.0 of dnn.js appears in Evoq installs the way through Evoq version 9+ (9.6.4 at time of publication). Security scans sometimes assume that version numbers of individual files and their parent install should line up if no other information is available. Because of this, they assume that DNN.js is a leftover file from before an upgrade, and may reflect a possible security risk. If you are experiencing a security warning because of this assumption, it can be safely ignored.
Current known security vulnerabilities can be checked and searched using the NIST’s National Vulnerability Database (NVD), or Mitre’s Common Vulnerabilities and Exposures (CVE) lists. At time of publication, there are no known vulnerabilities in the most current (9.6.4) version of Evoq, nor in dnn.js version 6.0.0.
Comments
0 comments
Please sign in to leave a comment.