We are doing in phases and unfortunately it will take more time and I dont have an exact ETA yet.
Original Message:
Sent: Jul 11, 2025 05:51 AM
From: Stefano Lazzarotto
Subject: AngularJS vulnerability
Thanks Suman, I already shared it but they still sayng that is an old version.
The real question is : when Clarity will migrate to Stencil and remove AngularJS ? is there any date available to share?
Original Message:
Sent: Jul 11, 2025 05:44 AM
From: Suman Pramanik
Subject: AngularJS vulnerability
The KB article is correct, this is a 3rd Party library so we cant change the version however we have patched the vulnerability and our version is v1.6.9.clarity.1.
You can share this KB to the security team and add as exception.
------------------------------
Thanks & Regards
Suman Pramanik
Original Message:
Sent: Jul 11, 2025 05:38 AM
From: Stefano Lazzarotto
Subject: AngularJS vulnerability
Good morning.
Customer is complaining that angularjs (used in clarity) is vulnerable and not in the last version.
I explained that angularjs has been patched but he is still complaining that it''s an old version.
Clarity version is 16.2.2.
There is this article Is Clarity Vulnerable to CVE-2020-7676 in co-relation with AngularJS v1.6.9
that explains that Broacom is committed to remove angularjs in the future.
Is there any prevision ?
Thanks and regards.
Stefano