CVE-2016-10707 in jQueryinfo

Summary

jQuery before 3.0.0 is vulnerable to Denial of Service (DoS) due to removing a logic that lowercased attribute names. Any attribute getter using a mixed-cased name for boolean attributes goes into an infinite recursion, exceeding the stack call limit.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

01/18/2018

Disclosure

01/18/2018

Moderation

VulDB entry created

Entries

VDB-112188 (1)

CPE

ready

CWE

CWE-400 (Confirmed)

CVSS

6.4

EPSS

0.00892

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-10707
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-10707
CVE Details	https://www.cvedetails.com/cve/CVE-2016-10707/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!