AZL-49158 CVE-2024-45296 affecting package js-jquery 3.5.0-4

path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single threaded and regex matching runs on the main thread, poor performance will block the event...

AZL-43600 CVE-2024-37890 affecting package js-jquery 3.5.0-4

ws is an open source WebSocket client and server for Node.js. A request with a number of headers exceeding theserver.maxHeadersCount threshold could be used to crash a ws server. The vulnerability was fixed in [email protected] e55e510 and backported to [email protected] 22c2876, [email protected] eeb76d3, and [email protected]...

AZL-44241 CVE-2023-28155 affecting package js-jquery 3.5.0-4

The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect HTTP to HTTPS, or HTTPS to HTTP. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

AZL-43444 CVE-2023-28155 affecting package js-jquery 3.5.0-4

The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect HTTP to HTTPS, or HTTPS to HTTP. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

AZL-44946 CVE-2022-3517 affecting package js-jquery 3.5.0-4

A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service ReDoS when calling the braceExpand function with specific arguments, resulting in a Denial of Service...

AZL-45225 CVE-2021-23440 affecting package js-jquery 3.5.0-4

This affects the package set-value before =3.0.0 4.0.1. A type confusion vulnerability can lead to a bypass of CVE-2019-10747 when the user-provided keys used in the path parameter are arrays...

AZL-44430 CVE-2020-28481 affecting package js-jquery 3.5.0-4

The package socket.io before 2.4.0 are vulnerable to Insecure Defaults due to CORS Misconfiguration. All domains are whitelisted by default...

Seeker - Find GeoLocation With High Accuracy

Seeker utilizes HTML5, Javascript, JQuery and PHP to grab Device Information and GeoLocation with High Accuracy. Other tools and services offer IP Geolocation which is not very accurate and does not give location of user. Generally if a user accepts location permsission, Accuracy of the informati...