Miggo Logo
Miggo Vulnerability Database
CVE-2016-10707

CVE-2016-10707: Denial of Service in jquery

7.5

CVSS Score
3.0

Basic Information

CVE ID
CVE-2016-10707
GHSA ID
GHSA-mhpp-875w-9cpv
EPSS Score
0.63187%
CWE
CWE-400
Published
1/22/2018
Updated
2/12/2024
KEV Status
No
Technology
TechnologyJavaScript

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
jquerynpm= 3.0.0-rc.13.0.0
jQuerynuget= 3.0.0-rc.13.0.0
org.webjars.npm:jquerymaven= 3.0.0-rc.13.0.0
jquery-railsrubygems= 3.0.0-rc.13.0.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from jQuery's attribute handling logic where boolean attribute getters would recursively call themselves when given mixed-case names. The commit diff shows the fix involved adding proper lowercasing before checking attribute handlers (jQuery.attrHandle). The vulnerable code path in attr.js would check for attribute handlers using the original case rather than lowercased names, creating a loop when handling boolean attributes like 'requiRed' due to case-sensitive handler lookups.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*****t** v*rsions o* `jqu*ry` us* * low*r**sin* lo*i* on *ttri*ut* n*m*s. W**n *iv*n * *ool**n *ttri*ut* wit* * n*m* t**t *ont*ins upp*r**s* ***r**t*rs, `jqu*ry` *nt*rs into *n in*init* r**ursion loop, *x****in* t** **ll st**k limit, *n* r*sultin* in

Reasoning

T** vuln*r**ility st*ms *rom jQu*ry's *ttri*ut* **n*lin* lo*i* w**r* *ool**n *ttri*ut* **tt*rs woul* r**ursiv*ly **ll t**ms*lv*s w**n *iv*n mix**-**s* n*m*s. T** *ommit *i** s*ows t** *ix involv** ***in* prop*r low*r**sin* ***or* ****kin* *ttri*ut* *