6 matches found
SUSE CVE-2021-41183
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various Text options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various Text options are now alway...
OESA-2022-1693 python-XStatic-jquery-ui security update
jquery-ui javascript library packaged for setuptools easyinstall / pip. This package is intended to be used by any project that needs these files. It intentionally does not provide any extra code except some metadata nor has any extra requirements. You MAY use some minimal support code from the...
DRUPAL-CONTRIB-2022-004
jQuery UI is a third-party library used by Drupal. The jQuery UI Datepicker module provides the jQuery UI Datepicker library, which is not included in Drupal 9 core. jQuery UI was previously thought to be end-of-life. Late in 2021, jQuery UI announced that they would be continuing development, an...
CVE-2021-41183
creationtimestamp| type| source ---|---|--- 2021-10-26 18:15:05+00:00| seen| https://t.me/cibsecurity/31224...
org.webjars.npm:evol-colorpicker (=3.4.2), org.webjars.npm:jquery-ui-multidatespicker (=1.6.6) potentially affected by CVE-2021-41183 via org.webjars.npm:jquery-ui (=1.13.0-rc.3)
org.webjars.npm:jquery-ui MAVEN version =1.13.0-rc.3 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:jquery-ui and may be impacted: - org.webjars.npm:evol-colorpicker =3.4.2 - org.webjars.npm:jquery-ui-multidatespicker =1.6.6 Source cve...
@atlassian/aui (>=8.2.4 <=9.4.1), @chinchilla-software/ng-date-time-picker (>=1.0.0 <=1.0.1) +129 more potentially affected by CVE-2021-41183 via jquery-ui (>=1.10.4 <=1.12.1)
jquery-ui NPM version =1.10.4, =8.2.4, =1.0.0, =1.0.0, =0.1.0, =2.3.2, =6.4.0, =1.1.42, =5.0.0-110, =0.0.0, =2.1.1, =4.0.0, =1.0.0-alpha.0, =11.0.0, =17.0.0-dev.3 and more Source cves: CVE-2021-41183 Source advisory: OSV:GHSA-J7QV-PGF6-HVH4...