github-actions[bot]
commented
1 month ago Issue still exists.
Open github-actions[bot] opened 1 month ago
github-actions[bot]
commented
1 month ago Issue still exists.
Description
Versions prior to 3.0.0 in jQuery are vulnerable to Denial of Service (DoS) due to removing a logic that lowercased attribute names. Any attribute getter using a mixed-cased name for boolean attributes goes into an infinite recursion, exceeding the stack call limit.
HIGH Vulnerable Package issue exists @ jquery in branch master
Vulnerability ID: CVE-2016-10707
Package Name: jquery
Severity: HIGH
CVSS Score: 7.5
Publish Date: 2018-01-18T23:29:00
Current Package Version: 1.11.0
Remediation Upgrade Recommendation: 3.5.0
Link To SCA
Reference – NVD link