Azure Linux 3.0 Security Update: js-jquery (CVE-2019-20149)

The version of js-jquery installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-20149 advisory. - ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite certain internal attribute...

AZL-45051 CVE-2022-24999 affecting package js-jquery 3.5.0-4

qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an proto key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload in the query string ...

AZL-44547 CVE-2017-16042 affecting package js-jquery 3.5.0-4

Growl adds growl notification support to nodejs. Growl before 1.10.2 does not properly sanitize input before passing it to exec, allowing for arbitrary command execution...