1. guides
  2. en
  3. Knowledge base
  4. Other troubleshooting
  5. Security advisories
  6. Lexmark Devices Showing Security Vulnerabilities for jQuery 3.3.1: specifically CVE-2020-7656, CVE-2020-11022, and CVE-2020-11023

Lexmark Devices Showing Security Vulnerabilities for jQuery 3.3.1: specifically CVE-2020-7656, CVE-2020-11022, and CVE-2020-11023

Affected Products:
Single-Function: All 2016 - 2020 Lexmark Color and Mono products
Multifunction: All 2016 - 2020 Lexmark Color and Mono products
Issue Description:
Some vulnerability scanners report that Lexmark printers have vulnerabilities for an outdated
jQuery version (3.3.1) JavaScript library
.
Additional Details:
Despite security scanners flagging the version of jQuery being used by Lexmark as vulnerable,
this vulnerability is not exploitable in Lexmark firmware and apps
.
The Lexmark development team has analyzed
CVE-2020-7656
,
CVE-2020-11022
 and
CVE-2020-11023
, and
jQuery 3.5.0
 release publications and identified the following items in our code which prevented vulnerability exposure related to these CVEs:
  • All HTML forms and templates used adhere to standard HTML style guide and coding conventions.
  • These forms and templates are internally generated and no external (
    untrusted
    ) JavaScript code are sourced.
If running third party Embedded Solutions Framework (
ESF
) Applications,
please reach out to the developer of those applications
.
Still Need Help?
Have the following available when calling Lexmark Technical Support;
  • Printer model(s)
  • Printer serial number
  • Software / Solution
LEGACY ID:
SO8969

This site uses cookies for various purposes including enhancing your experience, analytics, and ads. By continuing to browse this site or by clicking "Accept and close", you agree to our use of cookies. For more information, read our Cookies page.