osgirl / vedanta Goto Github PK
View Code? Open in Web Editor NEWThis project forked from keshavpatil/vedanta
This project forked from keshavpatil/vedanta
The most popular front-end framework for developing responsive, mobile first projects on the web.
path: /vedanta/Styles/bootstrap.min.js
Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.0.2/bootstrap.min.js
Dependency Hierarchy:
In Bootstrap before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
Publish Date: 2019-02-20
URL: CVE-2019-8331
Base Score Metrics:
Type: Upgrade version
Origin: twbs/bootstrap#28236
Release Date: 2019-02-20
Fix Resolution: v4.3.1
Step up your Open Source Security Game with WhiteSource here
Parse, validate, manipulate, and display dates
path: /vedanta/Scripts/moment.js
Library home page: https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.10.3/moment.js
Dependency Hierarchy:
The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a "regular expression Denial of Service (ReDoS)."
Publish Date: 2017-01-23
URL: CVE-2016-4055
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4055
Release Date: 2017-01-23
Fix Resolution: 2.11.2
Step up your Open Source Security Game with WhiteSource here
The most popular front-end framework for developing responsive, mobile first projects on the web.
path: /vedanta/Styles/bootstrap.min.js
Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.0.2/bootstrap.min.js
Dependency Hierarchy:
In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
Publish Date: 2018-07-13
URL: CVE-2018-14042
Base Score Metrics:
Step up your Open Source Security Game with WhiteSource here
A curated set of user interface interactions, effects, widgets, and themes built on top of the jQuery JavaScript Library.
path: /vedanta/Scripts/jquery-ui.min.js
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js
Dependency Hierarchy:
Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
Publish Date: 2017-03-15
URL: CVE-2016-7103
Base Score Metrics:
Type: Upgrade version
Origin: https://nodesecurity.io/advisories/127
Release Date: 2016-07-21
Fix Resolution: Upgrade to jQuery-UI 1.12.0 or later.
Step up your Open Source Security Game with WhiteSource here
JavaScript library for DOM operations
path: /vedanta/jquery-2.1.4.min.js
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
Dependency Hierarchy:
JavaScript library for DOM operations
path: /vedanta/Scripts/jquery-1.4.1.min.js
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.4.1/jquery.min.js
Dependency Hierarchy:
In v2.2.4 and previous, a lowercasing logic was used on the attribute names and was removed in v3.0.0.
Because of this, boolean attributes whose names were not all lowercase cause infinite recursion, and will exceed the stack call limit.
Publish Date: 2017-04-15
URL: WS-2017-0195
Type: Change files
Origin: jquery/jquery@d12e13d
Release Date: 2016-05-29
Fix Resolution: Replace or update the following files: attr.js, attributes.js
Step up your Open Source Security Game with WhiteSource here
The most popular front-end framework for developing responsive, mobile first projects on the web.
path: /vedanta/Styles/bootstrap.min.js
Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.0.2/bootstrap.min.js
Dependency Hierarchy:
In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
Publish Date: 2018-07-13
URL: CVE-2018-14040
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2018-14040
Release Date: 2018-07-13
Fix Resolution: 4.1.2
Step up your Open Source Security Game with WhiteSource here
JavaScript library for DOM operations
path: /vedanta/Scripts/jquery-1.4.1.min.js
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.4.1/jquery.min.js
Dependency Hierarchy:
jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.
Publish Date: 2018-01-18
URL: CVE-2012-6708
Base Score Metrics:
Type: Change files
Origin: jquery/jquery@05531fc#diff-bf0908d787469dbf983b3ed33447c516
Release Date: 2012-12-13
Fix Resolution: Replace or update the following files: selector.js, traversing.js, core.js, sizzle, core.js
Step up your Open Source Security Game with WhiteSource here
The most popular front-end framework for developing responsive, mobile first projects on the web.
path: /vedanta/Styles/bootstrap.min.js
Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.0.2/bootstrap.min.js
Dependency Hierarchy:
XSS in data-target in bootstrap (3.3.7 and before)
Publish Date: 2017-06-27
URL: WS-2018-0021
Type: Change files
Origin: twbs/bootstrap@d9be1da
Release Date: 2017-08-25
Fix Resolution: Replace or update the following files: alert.js, carousel.js, collapse.js, dropdown.js, modal.js
Step up your Open Source Security Game with WhiteSource here
Parse, validate, manipulate, and display dates
path: /vedanta/Scripts/moment.js
Library home page: https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.10.3/moment.js
Dependency Hierarchy:
The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.
Publish Date: 2018-03-04
URL: CVE-2017-18214
Base Score Metrics:
Type: Upgrade version
Origin: https://nodesecurity.io/advisories/532
Release Date: 2017-11-27
Fix Resolution: Update to version 2.19.3
Step up your Open Source Security Game with WhiteSource here
Parse, validate, manipulate, and display dates
path: /vedanta/Scripts/moment.js
Library home page: https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.10.3/moment.js
Dependency Hierarchy:
Regular expression denial of service vulnerability in the moment package, by using a specific 40 characters long string in the "format" method.
Publish Date: 2016-10-24
URL: WS-2016-0075
Type: Change files
Origin: moment/moment@663f33e
Release Date: 2016-10-24
Fix Resolution: Replace or update the following files: month.js, lt.js
Step up your Open Source Security Game with WhiteSource here
The most popular front-end framework for developing responsive, mobile first projects on the web.
path: /vedanta/Styles/bootstrap.min.js
Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.0.2/bootstrap.min.js
Dependency Hierarchy:
In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.
Publish Date: 2018-07-13
URL: CVE-2018-14041
Base Score Metrics:
Step up your Open Source Security Game with WhiteSource here
JavaScript library for DOM operations
path: /vedanta/Scripts/jquery-1.11.3.min.js
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/jquery.min.js
Dependency Hierarchy:
JavaScript library for DOM operations
path: /vedanta/jquery-2.1.4.min.js
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
Dependency Hierarchy:
JavaScript library for DOM operations
path: /vedanta/Scripts/jquery-1.4.1.min.js
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.4.1/jquery.min.js
Dependency Hierarchy:
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
Publish Date: 2018-01-18
URL: CVE-2015-9251
Base Score Metrics:
Type: Change files
Origin: jquery/jquery@b078a62#diff-bee4304906ea68bebadfc11be4368419
Release Date: 2015-10-12
Fix Resolution: Replace or update the following files: script.js, ajax.js, ajax.js
Step up your Open Source Security Game with WhiteSource here
JavaScript library for DOM operations
path: /vedanta/Scripts/jquery-1.4.1.min.js
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.4.1/jquery.min.js
Dependency Hierarchy:
Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.
Publish Date: 2013-03-08
URL: CVE-2011-4969
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2011-4969
Release Date: 2013-03-08
Fix Resolution: 1.6.3
Step up your Open Source Security Game with WhiteSource here
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.