Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:USN-5181-1
HistorySep 09, 2022 - 9:31 a.m.

jqueryui vulnerability

2022-09-0909:31:52
Google
osv.dev
16
jquery ui
vulnerability
validation
untrusted sources
crash
execute
code
ubuntu 18.04
ubuntu 20.4
checkboxradio widget
decode
html entities
cross-site scripting
xss
attack
software

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

AI Score

7.4

Confidence

High

EPSS

0.005

Percentile

75.4%

JSON

It was discovered that jQuery UI did not properly validate the values from
untrusted sources. An attacker could use this vulnerability to cause a crash or
possibly execute arbitrary code. This issue affected only Ubuntu 18.04 ESM and
Ubuntu 20.4 ESM. (CVE-2021-41184)

It was discovered that jQuery UI checkboxradio widget did not properly decode
certain values from HTML entities. An attacker could possibly use this issue to
generate a cross-site scripting(XSS) attack, resulting in a crash or possibly
execute arbitrary code. (CVE-2022-31160)

Related

ubuntu 2
openvas 17
nessus 35
debian 2
osv 8
ibm 39
prion 2
fedora 9
veracode 2
nvd 2
cvelist 2
rubygems 2
ubuntucve 2
f5 2
debiancve 2
redhatcve 2
drupal 1
github 2
cve 2
huntr 1
checkpoint_advisories 1
hp 1
redhat 1
oracle 10
tenable 1
ubuntu
ubuntu
jQuery UI vulnerability
2022-09-09 00:00:00
jQuery UI vulnerabilities
2023-10-05 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5181-1)
2023-01-27 00:00:00
Debian: Security Advisory (DLA-3230-1)
2022-12-08 00:00:00
Fedora: Security Advisory for js-jquery-ui (FEDORA-2022-1a01ed37e2)
2022-11-21 00:00:00
nessus
nessus
Ubuntu 18.04 ESM / 20.04 ESM / 22.04 ESM : jQuery UI vulnerability (USN-5181-1)
2023-10-16 00:00:00
Debian DLA-3230-1 : jqueryui - LTS security update
2022-12-08 00:00:00
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : jQuery UI vulnerabilities (USN-6419-1)
2023-10-05 00:00:00
debian
debian
[SECURITY] [DLA 3230-1] jqueryui security update
2022-12-07 10:30:00
[SECURITY] [DLA 3551-1] otrs2 security update
2023-08-31 00:20:25
osv
osv
jqueryui - security update
2022-12-07 00:00:00
CVE-2022-31160
2022-07-20 20:15:08
jQuery UI vulnerable to XSS when refreshing a checkboxradio with an HTML-like initial text label
2022-07-18 17:07:36
ibm
ibm
Security Bulletin: Multiple vulnerabilities in jQuery affect IBM Tivoli Netcool Impact
2023-12-01 10:23:24
Security Bulletin: IBM Engineering Workflow Management (EWM) vulnerabilities CVE-2021-41182, CVE-2022-31160, CVE-2021-41184, CVE-2021-41183
2023-03-27 17:00:47
Security Bulletin: IBM Workload Scheduler potentially affected by cross-site scripting vulnerability in jQuery UI (CVE-2022-31160)
2023-01-30 17:49:50
prion
prion
Cross site scripting
2022-07-20 20:15:00
Code injection
2021-10-26 15:15:00
fedora
fedora
[SECURITY] Fedora 35 Update: js-jquery-ui-1.13.2-1.fc35
2022-11-21 00:51:38
[SECURITY] Fedora 36 Update: js-jquery-ui-1.13.2-1.fc36
2022-11-21 01:14:37
[SECURITY] Fedora 37 Update: js-jquery-ui-1.13.2-1.fc37
2022-11-21 01:09:21
veracode
veracode
Cross-site Scripting (XSS)
2022-07-19 05:25:38
Cross-site Scripting (XSS)
2021-10-27 05:33:22
nvd
nvd
CVE-2022-31160
2022-07-20 20:15:08
CVE-2021-41184
2021-10-26 15:15:10
cvelist
cvelist
CVE-2021-41184 XSS in the `of` option of the `.position()` util
2021-10-26 00:00:00
CVE-2022-31160 jQuery UI contains potential XSS vulnerability when refreshing a checkboxradio with an HTML-like initial text label
2022-07-20 00:00:00
rubygems
rubygems
XSS in the `of` option of the `.position()` util in jquery-ui
2021-10-25 21:00:00
jQuery UI vulnerable to XSS when refreshing a checkboxradio with an HTML-like initial text label
2022-07-14 21:00:00
ubuntucve
ubuntucve
CVE-2022-31160
2022-07-20 00:00:00
CVE-2021-41184
2021-10-26 00:00:00
f5
f5
K000134507 : jQuery UI vulnerability CVE-2022-31160
2023-05-08 00:00:00
K50455702 : jQuery vulnerabilities CVE-2021-41182, CVE-2021-41183, and CVE-2021-41184
2022-03-28 00:00:00
debiancve
debiancve
CVE-2022-31160
2022-07-20 20:15:08
CVE-2021-41184
2021-10-26 15:15:10
redhatcve
redhatcve
CVE-2021-41184
2021-11-01 17:41:18
CVE-2022-31160
2022-07-25 18:12:42
drupal
drupal
Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2022-001
2022-01-19 00:00:00
github
github
jQuery UI vulnerable to XSS when refreshing a checkboxradio with an HTML-like initial text label
2022-07-18 17:07:36
XSS in the `of` option of the `.position()` util in jquery-ui
2021-10-26 14:55:12
cve
cve
CVE-2022-31160
2022-07-20 20:15:08
CVE-2021-41184
2021-10-26 15:15:10
huntr
huntr
Jquery UI 1.13.1 in use which is vulnerable to CVE-2022-31160
2023-02-20 08:50:55
checkpoint_advisories
checkpoint_advisories
jQuery UI Cross-site Scripting (CVE-2021-41184)
2022-10-19 00:00:00
hp
hp
Certain HP Enterprise LaserJet, LaserJet Managed printers - Potential denial of service, potential Cross Site Scripting (XSS)
2023-10-04 00:00:00
redhat
redhat
(RHSA-2022:4711) Moderate: RHV Manager (ovirt-engine) [ovirt-4.5.0] security update
2022-05-26 16:04:07
oracle
oracle
Oracle Critical Patch Update Advisory - July 2024
2024-07-16 00:00:00
Oracle Critical Patch Update Advisory - October 2023
2023-10-17 00:00:00
Oracle Critical Patch Update Advisory - January 2024
2024-01-16 00:00:00
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

AI Score

7.4

Confidence

High

EPSS

0.005

Percentile

75.4%

JSON
Related for OSV:USN-5181-1
ubuntu2openvas17nessus35debian2osv8ibm39prion2fedora9veracode2nvd2cvelist2rubygems2ubuntucve2f52debiancve2redhatcve2drupal1github2cve2huntr1checkpoint_advisories1hp1redhat1oracle10tenable1