Published: 18/01/2018 Updated: 10/02/2024

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 446

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

jQuery 3.0.0-rc.1 is vulnerable to Denial of Service (DoS) due to removing a logic that lowercased attribute names. Any attribute getter using a mixed-cased name for boolean attributes goes into an infinite recursion, exceeding the stack call limit.

Vulnerable Product	Search on Vulmon	Subscribe to Product
jquery jquery 3.0.0

A front-end rendering solution , support IE6, IE7, IE8 and modern browser

Sheep A front-end rendering solution , support IE6 , IE8 and modern browser Version 02 rewrite all code run in IE5,IE6,IE7,IE8 and modern browser success( fix issue #1) support dom bind event Install start server cd server npm install node app start client cd resources\views npm install npm start

A fairly simple nationbuilder site based on colllective theme and some unique styles.

OneArizona A fairly simple nationbuilder site based on colllective theme and some unique styles This is an old repo and no longer maintained jquery version here has vulnerabities, though they are not exposed its important to point out in case of code modifaction var var = ['CVE-2015-9251', 'CVE-2016-10707'] nvdnistgov/vuln/detail/${var[*]}

CWE-674 https://snyk.io/vuln/npm:jquery:20160529 https://github.com/jquery/jquery/pull/3134 https://github.com/jquery/jquery/issues/3133 https://nvd.nist.gov https://github.com/flyher/sheep https://www.cisa.gov/uscert/ics/advisories/icsa-22-097-01

CVE-2016-10707

Vulnerability Summary

ICS Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect