jQuery — набор функций JavaScript, фокусирующийся на взаимодействии JavaScript и HTML.
Релизный цикл, информация об уязвимостях
График релизов
Количество 66
RLSA-2025:1215
Moderate: tbb security update
RLSA-2025:1306
Moderate: gcc-toolset-13-gcc security update
RLSA-2025:1338
Moderate: gcc-toolset-14-gcc security update
RLSA-2025:1301
Moderate: gcc security update
GHSA-9p3r-vprr-2c27
jQuery v2.2.2 allows XSS via a crafted onerror attribute of an IMG element.
GHSA-q44p-q588-242q
jQuery 1.4.2 allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to use of the text method inside after.
GHSA-579v-mp3v-rrw5
jQuery vulnerable to Cross-Site Scripting (XSS)
GHSA-w97x-8w5v-6mh4
The jQuery framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka "JavaScript Hijacking."
RLSA-2021:1846
Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update
GHSA-2pqj-h3vj-pqgw
Cross-Site Scripting in jquery
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | RLSA-2025:1215 Moderate: tbb security update | 12% Средний | 4 месяца назад | |
| RLSA-2025:1306 Moderate: gcc-toolset-13-gcc security update | 12% Средний | 4 месяца назад | |
| RLSA-2025:1338 Moderate: gcc-toolset-14-gcc security update | 12% Средний | 4 месяца назад | |
| RLSA-2025:1301 Moderate: gcc security update | 12% Средний | 4 месяца назад | |
| GHSA-9p3r-vprr-2c27 jQuery v2.2.2 allows XSS via a crafted onerror attribute of an IMG element. | CVSS3: 6.1 | 0% Низкий | около 3 лет назад |
| GHSA-q44p-q588-242q jQuery 1.4.2 allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to use of the text method inside after. | CVSS3: 6.1 | 1% Низкий | около 3 лет назад |
| GHSA-579v-mp3v-rrw5 jQuery vulnerable to Cross-Site Scripting (XSS) | 4% Низкий | около 3 лет назад | |
| GHSA-w97x-8w5v-6mh4 The jQuery framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka "JavaScript Hijacking." | 1% Низкий | около 3 лет назад | |
| RLSA-2021:1846 Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update | 12% Средний | около 4 лет назад | |
| GHSA-2pqj-h3vj-pqgw Cross-Site Scripting in jquery | CVSS3: 6.1 | 1% Низкий | почти 5 лет назад |
Уязвимостей на страницу