Hello, I got an information from Google:
New Advisory Notification Dear Google Cloud customer,You've received an important Google Cloud notification affecting your resource, webtrees Google Cloud service(s).Notification Title: [Security Alert]: Polyfill.io Issue for Google Maps Platform users
Hello Google Maps Platform Customer,We're writing to let you know that a security issue may be affecting websites using specific third-party libraries (including polyfill.io). What happenedWe have become aware of a security issue that may be affecting websites using specific third-party libraries (including polyfill.io). This issue can sometimes redirect visitors away from the intended website without website owner knowledge or permission, or potentially cause other malicious behavior. Many of the Maps JavaScript API samples in the Developer Documentation previously included a polyfill.io script declaration. We have removed this from those samples. If you have used the Maps JavaScript API samples that contain this declaration, we recommend removing the declaration. What to doPlease see below to learn how to take action, if needed:
- Investigate your website: Check your website's code to see if you're loading any compromised libraries (including polyfill.io).
- Remove or replace the code: If you find compromised libraries, consider:
- Hosting a clean, secure version of the code yourself
- Switching to an alternative library or provider
- Removing the library if you don’t need it
- Re-deploy your code through your regular process.
For your reference, attached is a list of your projects where we have detected Maps Javascript API usage. Please check all sites associated with these projects.
How do you deal with it? Is there a way to solve the problem?
An upgrade to 2.x is not easily possible.
best regards, Marko
Ps.:
www.theregister.com/2024/06/25/polyfillio_china_crisis/
