Описание
Denial of Service in jquery
Affected versions of jquery use a lowercasing logic on attribute names. When given a boolean attribute with a name that contains uppercase characters, jquery enters into an infinite recursion loop, exceeding the call stack limit, and resulting in a denial of service condition.
Recommendation
Update to version 3.0.0 or later.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2016-10707
- https://github.com/jquery/jquery/issues/3133
- https://github.com/jquery/jquery/issues/3133#issuecomment-358978489
- https://github.com/jquery/jquery/pull/3134
- https://github.com/advisories/GHSA-mhpp-875w-9cpv
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2016-10707.yml
- https://snyk.io/vuln/npm:jquery:20160529
- https://www.npmjs.com/advisories/330
Пакеты
jquery
= 3.0.0-rc.1
3.0.0
jQuery
= 3.0.0-rc.1
3.0.0
org.webjars.npm:jquery
= 3.0.0-rc.1
3.0.0
jquery-rails
= 3.0.0-rc.1
3.0.0
Связанные уязвимости
jQuery 3.0.0-rc.1 is vulnerable to Denial of Service (DoS) due to removing a logic that lowercased attribute names. Any attribute getter using a mixed-cased name for boolean attributes goes into an infinite recursion, exceeding the stack call limit.
jQuery 3.0.0-rc.1 is vulnerable to Denial of Service (DoS) due to removing a logic that lowercased attribute names. Any attribute getter using a mixed-cased name for boolean attributes goes into an infinite recursion, exceeding the stack call limit.
jQuery 3.0.0-rc.1 is vulnerable to Denial of Service (DoS) due to remo ...