Google App Store Warning - You should upgrade to Apache Cordova 3.5.1 or higher as soon as possible

apache cordova google-play cordova-3

10,249

Solution 1

After some research, I think, I have found the solution here:

http://cordova.apache.org/index.html#download

npm install -g cordova
cd my_project
cordova platform update android

Running the last command does the trick and I get this response:

**cordova platform update android**
Deleting E:/PhoneGap/my_project/platforms/android/libs/cordova-3.1.0.jar
Android project is now at version 3.6.3
If you updated from a pre-3.2.0 version and use an IDE, we now require that you
import the "CordovaLib" library project.

Hope that helps.

Regards

Solution 2

If you are using Phonegap, you just need to update Phonegap to version 3.5.0

It's explained here: http://phonegap.com/blog/2014/06/12/phonegap-3_5_release/

And here's the note from Phonegap that says how you're covered: http://phonegap.com/blog/2014/08/07/cordova-android-3_5_0-patched-with-security-fixes/

10,249

Author by

AnR

Updated on June 03, 2022

Comments

AnR about 2 years
I have received an Email from Google Play Store for my Android App:

This is a notification that your com.mydomain.myapp, is built on a version of Apache Cordova that contains security vulnerabilities. This includes a high severity cross-application scripting (XAS) vulnerability. Under certain circumstances, vulnerable apps could be remotely exploited to steal sensitive information, such as user login credentials. You should upgrade to Apache Cordova 3.5.1 or higher as soon as possible. For more information about the vulnerabilities, and for guidance on upgrading Apache Cordova, please see http://cordova.apache.org/announcements/2014/08/04/android-351.html. Please note, applications with vulnerabilities that expose users to risk of compromise may be considered “dangerous products” and subject to removal from Google Play. Regards, Google Play Team ©2014 Google Inc. 1600 Amphitheatre Parkway Mountain View, CA 94043

If I try the command mentioned on the given link/page, i.e.:
```
cordova platform add [email protected] --usenpm
```
I get an error:
```
Platform android already added
```
How can I upgrade Cordova from 3.1 to 3.5.1? I have tried all sort of things like:
```
npm update -g cordova
```
But I do not appear to be getting successful. The version file in MyApp\platforms\android\cordova folder still shows following entry and no file in this folder changes:
```
// Coho updates this line:
var VERSION = "3.1.0";

console.log(VERSION);
```
jcesarmobile over 9 years

when you updated the app, dit the warning disappeared from google play? I've updated my app to 3.6.3 and the warning is still there
jcesarmobile over 9 years

I answer myself, after a few hours the warning disappears
AnR over 9 years

Yes, the warning disappeared. Though it took some time, not sure how many hours.
Manikandan over 9 years

Where can I get the CordovaLib?
AnR over 9 years

I think u don;t need to get CordovaLib. It will be automatocally created when you will add Android Platform in your project