Description
jquery: Prototype pollution in object's prototype leading to denial of.
jquery: Cross-site scripting via cross-domain ajax requests.
bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute.
jquery: Untrusted code execution via <option> tag in HTML passed to DOM.
jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method.
bootstrap: XSS in the data-target attribute.
bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy.
sshd-common: mina-sshd: Java unsafe deserialization vulnerability.
woodstox-core: woodstox to serialise XML data was vulnerable to Denial of.
bootstrap: Cross-site Scripting (XSS) in the data-container property of.
bootstrap: XSS in the tooltip or popover data-template attribute.
nodejs-moment: Regular expression denial of service.
wildfly-elytron: possible timing attacks via use of unsafe comparator.
jackson-databind: use of deeply nested arrays.
jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS.
jettison: parser crash by stackoverflow.
jettison: memory exhaustion via user-supplied XML or JSON data.
jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos.
CXF: Apache CXF: SSRF Vulnerability.