CVSS Score 7.5 Critical

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality Impact

None

Integrity Impact

None

Availability Impact

High

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

Not Recorded

Description

[CVE-2016-10707] jQuery 3.0.0-rc.1 is vulnerable to Denial of Service (DoS) due to removing a log...

jQuery 3.0.0-rc.1 is vulnerable to Denial of Service (DoS) due to removing a logic that lowercased attribute names. Any attribute getter using a mixed-cased name for boolean attributes goes into an infinite recursion, exceeding the stack call limit.

Sign in and get help with:

  • Vulnerability details for your components
  • Affected components
  • Affected versions
Sign In