Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

rubygems jquery-ui-rails Security Advisories

Loading...
Moderate
GSA_kwCzR0hTQS1oNmdqLTZqanEtaDhnOc4AAtcw
jQuery UI vulnerable to XSS when refreshing a checkboxradio with an HTML-like initial text label
Ecosystems: nuget, rubygems, maven, npm
Packages: jQuery.UI.Combined, jquery-ui-rails, org.webjars.npm:jquery-ui, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 55.7
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1qN3F2LXBnZjYtaHZoNM0Wtw
XSS in `*Text` options of the Datepicker widget in jquery-ui
Ecosystems: rubygems, nuget, maven, npm
Packages: jquery-ui-rails, jQuery.UI.Combined, org.webjars.npm:jquery-ui, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 59.3
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1ncHFxLTk1MnEtNTMyN80Wtg
XSS in the `of` option of the `.position()` util in jquery-ui
Ecosystems: rubygems, nuget, maven, npm
Packages: jquery-ui-rails, jQuery.UI.Combined, org.webjars.npm:jquery-ui, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 59.3
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS05Z2ozLWh3cDUtcG13Y80WtQ
XSS in the `altField` option of the Datepicker widget in jquery-ui
Ecosystems: rubygems, maven, nuget, npm
Packages: jquery-ui-rails, org.webjars.npm:jquery-ui, jQuery.UI.Combined, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 59.3
Published: over 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdjbTItOWM4OS13bWZt
Cross-site Scripting in jquery-ui
Ecosystems: rubygems, nuget, maven, npm
Packages: jquery-ui-rails, jQuery.UI.Combined, org.webjars.npm:jquery-ui, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 55.7
Published: over 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFxeHAteHA5di12dng2
jquery-ui Tooltip widget vulnerable to XSS
Ecosystems: nuget, maven, rubygems, npm
Packages: jQuery.UI.Combined, org.webjars.npm:jquery-ui, jquery-ui-rails, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhwY2YtOHZmOS1xNGdq
jQuery-UI vulnerable to Cross-site Scripting in dialog closeText
Ecosystems: nuget, maven, rubygems, npm
Packages: jQuery.UI.Combined, org.webjars.npm:jquery-ui, jquery-ui-rails, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 55.7
Published: over 6 years ago
Statistics
Advisories: 19,557
Packages: 8,629
Repositories: 2
Ecosystems: 12
Filter by Package
actionpack 58 nokogiri 43 rubygems-update 25 rack 23 puppet 23 activerecord 21 publify_core 14 activesupport 14 passenger 13 actionview 12 rails 11 puma 11 fat_free_crm 10 jquery-rails 9 decidim 9 rails-html-sanitizer 9 jquery 8 org.webjars.npm:jquery 8 org.jruby:jruby-stdlib 7 jQuery 7 jQuery.UI.Combined 7 jquery-ui 7 jquery-ui-rails 7 org.webjars.npm:jquery-ui 7 camaleon_cms 6 katello 6 doorkeeper 6 ember-source 6 loofah 6 spree_auth_devise 5 bundler 5 spree 5 sidekiq 5 commonmarker 5 grpc 4 grpcio 4 rails_admin 4 avo 4 devise 4 carrierwave 4 mail 4 sanitize 4 webrick 4 sinatra 4 dragonfly 4 fluentd 4 activestorage 4 yard 3 cgi 3 resque 3 bootstrap 3 gollum 3 omniauth 3 rest-client 3 geminabox 3 bootstrap 3 private_address_check 3 rexml 3 chartkick 3 rubyzip 3 io.grpc:grpc-protobuf 3 rdoc 3 rack-cors 3 phlex 3 json-jwt 3 decidim-core 3 activeadmin 3 git 3 openssl 3 ruby-saml 3 faye 2 twitter-bootstrap-rails 2 logstash-core 2 redcarpet 2 json 2 uri 2 httparty 2 VladTheEnterprising 2 omniauth-facebook 2 ox 2 echor 2 mini_magick 2 facter 2 yajl-ruby 2 git-fastclone 2 net-ldap 2 spina 2 bson 2 paperclip 2 kaminari 2 user_agent_parser 2 pghero 2 devise-two-factor 2 solidus_frontend 2 secure_headers 2 pdfkit 2 cocoapods-downloader 2 radiant 2 field_test 2 qiita-markdown 2 kramdown 2 decidim-templates 2 sprockets 2 mechanize 2 pyarrow 2 safemode 2 red-arrow 2 mapbox.js 2 i18n 2 google-protobuf 2 com.google.protobuf:protobuf-kotlin 2 administrate 2 sup 2 pageflow 2 mapbox-rails 2 com.google.protobuf:protobuf-java 2 bootstrap-sass 2 decidim-admin 2 view_component 2 ruby-openid 2 solidus_core 2 actiontext 2 paratrooper-newrelic 1 octopoller 1 jmespath 1 trilogy 1 date 1 github.com/github/hub 1 hub 1 sentry-raven 1 websocket-extensions 1 ruby_parser 1 railties 1 foreman_ansible 1 gitlab-grit 1 geokit-rails 1 multi_xml 1 keynote 1 padrino-contrib 1 bolt 1 omniauth-microsoft_graph 1 lynx 1 rubocop 1 ruby-mysql 1 kafo 1 hammer_cli_foreman 1 jruby-openssl 1 redcloth 1 em-http-request 1 command_wrap 1 gtk2 1 rotp 1 @turbo-boost/commands 1 activejob 1 personnummer 1 turbo_boost-commands 1 kcapifony 1 brbackup 1 discordrb 1 rmagick 1 diffy 1 recurly 1 solidus_backend 1 md2pdf 1 sounder 1 ldap_fluff 1 resque-scheduler 1 xapian-core 1 mixlib-archive 1 rswag 1 pdf_info 1 inline_svg 1 foreman_fog_proxmox 1 message_bus 1 shrine 1 papercrop 1 omniauth-auth0 1 spree_api 1 omniauth-apple 1 asciidoctor 1 audited 1 govuk_tech_docs 1 oauth 1 clockwork_web 1 trestle-auth 1 point-cli 1 openshift-origin-node 1 decidim-system 1 lean-ruport 1 flash_tool 1 tweetstream 1 ftpd 1 twitter-stream 1 pysha3 1 better_errors 1 sha3 1 mongrel 1 unpoly-rails 1 cap-strap 1 ruby-jss 1