Search for packages
| purl | pkg:gem/jquery-rails@3.0.0-rc.1 |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-hent-wkr8-c7hb
Aliases: CVE-2016-10707 GHSA-mhpp-875w-9cpv |
Denial of Service in jquery Affected versions of `jquery` use a lowercasing logic on attribute names. When given a boolean attribute with a name that contains uppercase characters, `jquery` enters into an infinite recursion loop, exceeding the call stack limit, and resulting in a denial of service condition. |
Affected by 7 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T15:56:26.357729+00:00 | GHSA Importer | Affected by | VCID-hent-wkr8-c7hb | https://github.com/advisories/GHSA-mhpp-875w-9cpv | 38.0.0 |
| 2026-04-01T15:18:36.819003+00:00 | Ruby Importer | Affected by | VCID-hent-wkr8-c7hb | https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2016-10707.yml | 38.0.0 |
| 2026-04-01T13:03:46.631575+00:00 | GithubOSV Importer | Affected by | VCID-hent-wkr8-c7hb | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/01/GHSA-mhpp-875w-9cpv/GHSA-mhpp-875w-9cpv.json | 38.0.0 |
| 2026-04-01T12:47:33.315412+00:00 | GitLab Importer | Affected by | VCID-hent-wkr8-c7hb | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2016-10707.yml | 38.0.0 |