Home > Vulnerability Database > WS-2018-0596

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

WS-2018-0596

Good to know:

Date: February 21, 2018

Vue-Project before version 2.5.14 has a potential regex backtrack vulnerability.

Language: JS

Severity Score

3.7

Related Resources (2)

Url: https://github.com/vuejs/vue/commit/cd334070f3b82d3f5892c4999cc290ccd4f56fd8

Url: https://www.mend.io/vulnerability-database/WS-2018-0596

Severity Score

3.7

Weakness Type (CWE)

Uncontrolled Resource Consumption

CWE-400

Top Fix

Upgrade Version

Upgrade to version nadminpanel/adminpanel - no_fix;shjarah/voyager - dev-update-deps;shjarah/voyager - 1.x-dev;devsfort/fortblog - no_fix;xiaokus/voyager - ls;sd25/extended-voyager - 1.x-dev;ycloudyusa/yusaopeny - 8.2.0.6;ycloudyusa/yusaopeny - dev-link-attributes-2;ycloudyusa/yusaopeny - 8.2.0.0-beta;ycloudyusa/yusaopeny - 8.1.14;novosga/novosga - dev-fix/394_deleted_priority;novosga/novosga - v2.0.0-RC1;novosga/novosga - no_fix;novosga/novosga - dev-dependabot/composer/twig/twig-3.14.0;novosga/novosga - v2.0.1;novosga/novosga - v0.5.1;novosga/novosga - dev-dependabot/composer/symfony/serializer-4.4.35;novosga/novosga - dev-dependabot/composer/twig/twig-2.14.11;novosga/novosga - dev-feature/novosga-v2.2;novosga/novosga - v2.0.7;openclassify/openclassify - dev-l10n_master32;openclassify/openclassify - dev-l10n_master36;openclassify/openclassify - 2.0.30;openclassify/openclassify - dev-samettrans;openclassify/openclassify - dev-l10n_master38;openclassify/openclassify - dev-master;openclassify/openclassify - dev-docker;openclassify/openclassify - dev-vedat;openclassify/openclassify - dev-fatihalp-patch-3;openclassify/openclassify - dev-serdarekremcakir-patch-1;openclassify/openclassify - dev-moradi;openclassify/openclassify - dev-queued-reset-password-email-link-issue;openclassify/openclassify - dev-emrullahardc-patch-1;openclassify/openclassify - dev-vue-compile;openclassify/openclassify - dev-l10n_master40;openclassify/openclassify - 3.10.x-dev;openclassify/openclassify - dev-revert-1341-srdr-curr;openclassify/openclassify - dev-detached2;openclassify/openclassify - dev-gg-minor-changes;openclassify/openclassify - 4857.x-dev;openclassify/openclassify - dev-img-carousel;openclassify/openclassify - dev-muammertop_franch;openclassify/openclassify - dev-vedatakd;openclassify/openclassify - dev-laravel-upgrade-10;openclassify/openclassify - dev-container-hotfix;openclassify/openclassify - 5881.x-dev;openclassify/openclassify - 4798.x-dev;openclassify/openclassify - dev-newcurrency;openclassify/openclassify - dev-vedatakdogan;openclassify/openclassify - dev-mostafamoradi;openclassify/openclassify - dev-muammer_alibaba;openclassify/openclassify - dev-muammer2;openclassify/openclassify - dev-sezer;openclassify/openclassify - dev-4.0-mostafa;yeswiki/yeswiki - dev-improve-metadata-field;yeswiki/yeswiki - dev-lint-format;yeswiki/yeswiki - dev-aceditor-fix;yeswiki/yeswiki - dev-fix-semantic-fields;yeswiki/yeswiki - dev-enum-field-simplify-name;yeswiki/yeswiki - dev-fix-edit-button-on-link;yeswiki/yeswiki - dev-fix-attach-picture-in-pageSpecial;yeswiki/yeswiki - dev-add-management-of-custom-fields;yeswiki/yeswiki - v4.1.0;yeswiki/yeswiki - dev-rip-carte_google;yeswiki/yeswiki - dev-sync-createur-owner-for-entry;yeswiki/yeswiki - dev-fix-remove-warning-in-bazar.fonct;yeswiki/yeswiki - dev-refactor-bazar;yeswiki/yeswiki - dev-groups;yeswiki/yeswiki - dev-refacto/baz_rechercher-fix1;yeswiki/yeswiki - dev-Issue-884;yeswiki/yeswiki - dev-feat-select-entries-html;yeswiki/yeswiki - dev-improve-action-builder;yeswiki/yeswiki - dev-fix-bazar-local;yeswiki/yeswiki - dev-dependabot/composer/nesbot/carbon-2.72.6;yeswiki/yeswiki - dev-proposal-to-prevent-sql-error;yeswiki/yeswiki - dev-custom-templates;yeswiki/yeswiki - dev-bruno;yeswiki/yeswiki - dev-fix-card-title-entry;yeswiki/yeswiki - dev-fix/extension-import-namespace;yeswiki/yeswiki - dev-fix-mail-sendmail;yeswiki/yeswiki - dev-refacto/fix-radio-list-field;yeswiki/yeswiki - dev-extra-fields;yeswiki/yeswiki - dev-refacto/baz_rechercher;yeswiki/yeswiki - dev-fix-creation-empty-id_fiche;yeswiki/yeswiki - dev-pdfjs-by-yarn;yeswiki/yeswiki - dev-improve-link-traking;yeswiki/yeswiki - dev-auto-update-migrations;yeswiki/yeswiki - dev-doryphore-dev;qobo/cakephp-search - dev-task-10423-Improve-reports;qobo/cakephp-search - v1.0.0;qobo/cakephp-search - no_fix;qobo/cakephp-search - v2.0.0;qobo/cakephp-search - v24.0.4;adaptcms/adaptcms - 4.0;adaptcms/adaptcms - no_fix;php300/framework - 2.0;php300/framework - 2.2.0;orchestra/foundation - v3.1.0;orchestra/foundation - v3.3.0-BETA1;mark-villudo/laravel-user-management - 1;SS.Photo - 1.1.3-beta;blazings.vuejs - no_fix;oburatongoi/productivity - 0.0.13;oburatongoi/productivity - no_fix;oburatongoi/productivity - 0.0.1;colee/yii2-vue - 2.0.0;colee/yii2-vue - 1.0.3;colee/yii2-vue - no_fix;colee/yii2-vue - dev-dependabot/npm_and_yarn/assets/vue/karma-6.3.14;mblanch/inventory - dev-analysis-X0bldx;mblanch/inventory - dev-analysis-zE2xJG;mblanch/inventory - no_fix;vue - 2.5.14;roadiz/roadiz - dev-master;roadiz/roadiz - dev-hotfix/v1.6.10;roadiz/roadiz - dev-feature/node-tree;roadiz/roadiz - no_fix;roadiz/roadiz - v1.7.0;griffyn/voyager - 1.x-dev;webreinvent/vaahcms - 0.0.6;webreinvent/vaahcms - dev-feature/database-export-and-import;webreinvent/vaahcms - dev-feature/resolve-some-issue;prestashop/psgdpr - dev-dev;prestashop/psgdpr - v1.2.0;prestashop/psgdpr - no_fix;prestashop/psgdpr - v1.4.1;prestashop/psgdpr - dev-master;pheye/voyager - v0.11.0;pheye/voyager - v0.9.1;inetstudio/admin-panel - v8.0.0;inetstudio/admin-panel - v1.5.65;inetstudio/admin-panel - v1.6.3;inetstudio/admin-panel - v1.4.34;inetstudio/admin-panel - dev-analysis-8nWKMG;inetstudio/admin-panel - dev-L-5.6;guysolamour/laravel-administrable - v5.0.4;guysolamour/laravel-administrable - v5.5.3;guysolamour/laravel-administrable - dev-dependabot/bundler/docs/nokogiri-1.13.3;guysolamour/laravel-administrable - v5.1.5;guysolamour/laravel-administrable - dev-dependabot/bundler/docs/rake-12.3.3;guysolamour/laravel-administrable - v5.0.0;guysolamour/laravel-administrable - v0.1;guysolamour/laravel-administrable - v5.2.0;guysolamour/laravel-administrable - v2.0;guysolamour/laravel-administrable - v5.1.8;streams/core - 1.6.x-dev;streams/core - v1.6.1;streams/core - v1.2.0;streams/core - v1.1.0;streams/core - v1.4.132;heptacom/shopware-heptacom-amp - no_fix;baserproject/basercms - basercms-3.0.5;baserproject/basercms - basercms-1.6.1;baserproject/basercms - basercms-3.0.12;baserproject/basercms - dev-dev-#1596;baserproject/basercms - basercms-3.0.15;baserproject/basercms - basercms-3.0.9;baserproject/basercms - basercms-3.0.0;baserproject/basercms - basercms-2.0.0-beta;baserproject/basercms - basercms-3.0.10;baserproject/basercms - basercms-2.0.0;baserproject/basercms - basercms-3.0.16;baserproject/basercms - basercms-3.0.6;baserproject/basercms - basercms-3.0.1;baserproject/basercms - 4.5.4;baserproject/basercms - basercms-3.0.3;baserproject/basercms - basercms-4.0.0;baserproject/basercms - basercms-4.1.0;baserproject/basercms - basercms-3.0.14;baserproject/basercms - 4.0.0-beta;baserproject/basercms - basercms-1.6.0;baserproject/basercms - basercms-3.0.7;baserproject/basercms - basercms-3.0.11;baserproject/basercms - basercms-4.2.4;baserproject/basercms - basercms-2.0.1;baserproject/basercms - basercms-3.0.2;baserproject/basercms - 4.0.1;baserproject/basercms - basercms-3.0.4;baserproject/basercms - dev-todo_14091;baserproject/basercms - basercms-4.2.3;baserproject/basercms - basercms-3.0.13;davestewart/sketchpad - v1.0.0-beta;sagsoz06/popup-module - no_fix;sagsoz06/popup-module - 1.0.4;notexpired/neapi - no_fix;dariob/cakephp-utils - v1.0.0;dariob/cakephp-utils - no_fix;dariob/cakephp-utils - v2.2.0;dariob/cakephp-utils - v4.0.0;activelogiclabs/administration - 0.5.2;activelogiclabs/administration - no_fix;timoetting/kirby-builder - v2.0.2;timoetting/kirby-builder - v2.0.3;timoetting/kirby-builder - v2.0.0;suyisong/dempo - no_fix;houdunwang/hdphp - v3.0.1;bonnier/wp-bonnier-redirect - dev-Improve_willow_docker_local_setup;bonnier/wp-bonnier-redirect - v1.0.0;bonnier/wp-bonnier-redirect - dev-master;bonnier/wp-bonnier-redirect - 4.0.0;bonnier/wp-bonnier-redirect - 2.02;bonnier/wp-bonnier-redirect - dev-dependabot/composer/rmccue/requests-1.8.0;gabrieltakacs/voyager - v0.10.1;gabrieltakacs/voyager - no_fix;gabrieltakacs/voyager - v0.9.1;chrisbraybrooke/laravel-ecommerce - 0.0.56;chrisbraybrooke/laravel-ecommerce - 0.0.2;chrisbraybrooke/laravel-ecommerce - 0.0.17;chrisbraybrooke/laravel-ecommerce - dev-form-field-key;wizclumsy/utils - 0.8.0;bitepeng/voyager_cn - v0.11.14;SS.Payment - no_fix;yewei-cao/noodle - v0.03;yewei-cao/noodle - dev-dependabot/npm_and_yarn/elliptic-6.5.3;yewei-cao/noodle - dev-dependabot/npm_and_yarn/socket.io-2.4.0;yewei-cao/noodle - dev-dependabot/composer/symfony/http-foundation-2.7.51;yewei-cao/noodle - dev-feature/admin;yewei-cao/noodle - dev-dependabot/npm_and_yarn/y18n-3.2.2;wutongwan/lego - 1.0-beta.10;wutongwan/lego - 0.2.14;wutongwan/lego - 0.1.33;wutongwan/lego - dev-dependabot/npm_and_yarn/decode-uri-component-0.2.2;wutongwan/lego - 0.1.30;wutongwan/lego - 0.3.x-dev;wutongwan/lego - 0.1.44;wutongwan/lego - 0.2.x-dev;wutongwan/lego - 0.1.36;wutongwan/lego - 0.1.21.dev;wutongwan/lego - 0.2.5;wutongwan/lego - 0.1.27;wutongwan/lego - dev-1.0-refactor;hunteryun/hpcms - v2.5;Serene.Templates - 6.4.4;foridom/backend - no_fix;foridom/backend - dev-master;newicon/neon - 2.7.12;newicon/neon - dev-neilc-listObject-docblock;newicon/neon - dev-dougall/object-creation-tweaks;newicon/neon - dev-dougall/horizontal-rule-plugin-for-ckeditor;newicon/neon - no_fix;newicon/neon - dev-dougall-neon-url-method-honours-urlmanager-suffix;newicon/neon - 2.4.3;newicon/neon - dev-Dougall-Winship/buildertraitphp-edited-online-with-bitbu-1648213800460;newicon/neon - dev-dougall-honour-url-manager-suffix;pro-cms/voyager - 1.x-dev;tianfuunion/mark-resources - no_fix;alimranahmed/larablog - dev-174-upgrade-to-Laravel-11;alimranahmed/larablog - 4.1.0;alimranahmed/larablog - dev-dependabot/npm_and_yarn/rollup-4.22.4;alimranahmed/larablog - dev-dependabot/composer/spatie/image-optimizer-1.7.4;alimranahmed/larablog - dev-dependabot/composer/league/commonmark-2.6.0;alimranahmed/larablog - dev-dependabot/npm_and_yarn/braces-3.0.3;alimranahmed/larablog - dev-main;alimranahmed/larablog - dev-dependabot/composer/symfony/http-foundation-7.1.7;alimranahmed/larablog - dev-dependabot/npm_and_yarn/vite-5.4.6;alimranahmed/larablog - dev-dependabot/composer/laravel/framework-8.75.0;oakcms/oakcms - no_fix;sodacms/sodacms - 0.5.1;sodacms/sodacms - 0.4.1;sodacms/sodacms - 0.1.1;sodacms/sodacms - 0.0.1;sodacms/sodacms - 0.3.1;docit/core - no_fix;typerocket/laravel - v2.1.3;typerocket/laravel - no_fix;typerocket/laravel - v2.2.2;typerocket/laravel - v1.0.0-beta;eshop_ibrand/backend - v1.0.0;eshop_ibrand/backend - dev-bugfix/heng/COMMERCE-466-b-uiux-for-download-tutoria;eshop_ibrand/backend - dev-feature/heng/COMMERCE-718-b-the-tutorial-link-seem-be;eshop_ibrand/backend - dev-feature/heng/COMMERCE-648-b-sendbird-notification-cou;andrzejkupczyk/mantis-todolists - dev-override_http_server_restrictions;andrzejkupczyk/mantis-todolists - v2.3.0;stevebauman/ithub - no_fix;stevebauman/ithub - v0.0.1;windwalker/phoenix - dev-master;windwalker/phoenix - 1.5;windwalker/phoenix - dev-dependabot/npm_and_yarn/minimist-1.2.6;windwalker/phoenix - dev-dependabot/npm_and_yarn/ini-1.3.7;smohe1991/persian-voyager - no_fix;smohe1991/persian-voyager - v0.9.1;smohe1991/persian-voyager - v0.10.1;nooku/nooku-framework - dev-feature/244-assets;nooku/nooku-framework - dev-feature/70-buffer;zachleigh/laravel-colors - v0.3.1;visiosoft/streams-platform - v1.6.1;visiosoft/streams-platform - v1.2.0;eugenec138/cakephp-search - v1.0.0;eugenec138/cakephp-search - no_fix;craftcms/vue-asset - 1.0.0;qobo/cakephp-utils - v13.3.4;qobo/cakephp-utils - dev-allow-required-false-unique-true;qobo/cakephp-utils - v2.2.0;qobo/cakephp-utils - v1.0.0;qobo/cakephp-utils - v3.0.0;qobo/cakephp-utils - no_fix;qobo/cakephp-utils - v10.3.4;qobo/cakephp-utils - v2.0.0;ericvvc9/voyager - 1.x-dev;talv86/easel - dev-master;doode/voyager - 1.x-dev;gathernholding/yii-bootstrap-bower - no_fix;Swarm.Node - no_fix;zzhh9857/voyager - v0.11.12;zzhh9857/voyager - 1.0.x-dev;prestashop/ps_faviconnotificationbo - v2.1.0;roadiz/rozier - v2.2.0;roadiz/rozier - 1.7.8;roadiz/rozier - 1.7.6;roadiz/rozier - 1.7.1;roadiz/rozier - 1.7.0;roadiz/rozier - 1.7.11;gabootsoft/gaboot - v0.2.4;ibrand/backend - v2.0.0;ibrand/backend - v.1.02;ibrand/backend - v3.2.1;ibrand/backend - v1.0.0;ibrand/backend - no_fix;shah-newaz/redprint - 2.0.0;shah-newaz/redprint - 2.0.5;htmlburger/form-kit - no_fix;htmlburger/form-kit - v0.1.0;devig/voyager - v1.0.0;ymcatwincities/openy - dev-8.x-2.x;ymcatwincities/openy - dev-allow_carnationv2;ymcatwincities/openy - 8.2.0.8;yadjet/yii2-rbac - no_fix;soda-framework/cms - 0.5.1;soda-framework/cms - 0.0.1;soda-framework/cms - 0.3.1;soda-framework/cms - 0.4.1;soda-framework/cms - 0.1.1;baserproject/bc-admin-third - dev-dependabot/npm_and_yarn/minimist-1.2.6;baserproject/bc-admin-third - dev-dependabot/npm_and_yarn/loader-utils-1.4.1;baserproject/bc-admin-third - no_fix;trrtly/backend - no_fix;dfz/dola - no_fix;mingju/vue - 0.6.0;misma/laravel-mailpeek - no_fix;oceing/backend - v3.1.3;oceing/backend - v1.0.4;oceing/backend - v3.1.6;oceing/backend - v5.0.1;oceing/backend - dev-laravel-8.x;oceing/backend - v5.0.3;oceing/backend - 2.x-dev;oceing/backend - v3.0.2;oceing/backend - v1.0.2;oceing/backend - dev-saas;oceing/backend - v3.1.1;sagsoz06/guestbook - 1.0;sagsoz06/guestbook - 1.1.4;anla/skipper - no_fix;chictem/chictem - v0.1.0;pixney/fiske-theme - 1.0.1;pixney/fiske-theme - v0.0.1-alpha;anomaly/streams-platform - v1.1.0;anomaly/streams-platform - 1.6.x-dev;anomaly/streams-platform - v1.6.1;anomaly/streams-platform - v1.2.0;lobbykit/intra - v0.2.1;lobbykit/intra - dev-analysis-zd0nPg;themelogy/bauhaus-theme - no_fix;jetiradoro/consultas-module - 0.9;jetiradoro/consultas-module - no_fix;nch/codeforlife - no_fix;friparia/admin - no_fix;visiosoft/base-theme - no_fix;mengniang/mengniang - no_fix;pixney/hjortron-theme - 1.4.02;pixney/hjortron-theme - no_fix;pixney/hjortron-theme - 1.0.25;simplon/component_mvc - no_fix;purepanel/streams-platform - v1.2.0;purepanel/streams-platform - v1.6.1;selvinortiz/patrol - dev-craft-3;selvinortiz/patrol - 3.1.3;tcg/voyager - dev-update-deps;tcg/voyager - 1.x-dev;SS.Form - 2.0.1-beta;netcore/module-admin - v1.0.0;xwsh/test - no_fix;xwsh/test - v0.9;sagsoz06/mediapress-module - no_fix;sagsoz06/mediapress-module - 1.0.7;sagsoz06/mediapress-module - 2.0.2;dean/login - no_fix;SS.Home - no_fix;emohamed/form-kit - no_fix;emohamed/form-kit - v0.1.0;SS.Hits - 1.0.29;yangtaihua/streams-platform - v1.2.0;yangtaihua/streams-platform - v1.6.1;littlerobinson/querybuilder-php - no_fix;mrcore/bootswatch-theme - 2.0.10;mrcore/bootswatch-theme - dev-vue;mrcore/bootswatch-theme - 5.8.0;mrcore/bootswatch-theme - no_fix;mrcore/bootswatch-theme - 5.8.1;zijinhua/voyager - 1.x-dev;artworx/omegacp - no_fix;SS.GovPublic - no_fix;bravedave/dvc - v22.04.02;bravedave/dvc - v21.12.03;bravedave/dvc - no_fix;bravedave/dvc - v1.0;webgarden/mantisbt-todolists - v2.4.0;webgarden/mantisbt-todolists - no_fix;ninjacn/voyager - 1.x-dev;yanev/laraadmin - no_fix;whb/wxyzadmin - no_fix;doitonlinemedia/admin - no_fix;aniliso/activity-module - no_fix;gilacms/gila - 1.15.0;sagsoz06/video-module - 1.0.0;sagsoz06/video-module - 1.0.9;larashuo/laracrud - v1.0.0;larashuo/laracrud - no_fix;joomlatools/framework - dev-feature/277-range;joomlatools/framework - 3.4.x-dev;joomlatools/framework - dev-feature/274-finder;joomlatools/framework - v3.4.3;zymawy/ironside-core - dev-utils;sagsoz06/location-module - 2.0.0;sagsoz06/location-module - 1.0.0;sagsoz06/location-module - no_fix;SS.Poll - 1.2.0-beta;verbb/patrol - 4.0.0;verbb/patrol - dev-craft-3;vue.js - no_fix;eugenec137/cakephp-utils - no_fix;talvbansal/easel - dev-master;snowdog/module-menu - 2.11.0;joesama/entree - no_fix;joesama/entree - 3.6.x-dev;joesama/entree - dev-nifty;leo-unglaub/contao-vuejs - no_fix;qieangel2013/zys - 0.1.0;qieangel2013/zys - no_fix;baijunyao/laravel-bjyblog - v5.5.6.1;baijunyao/laravel-bjyblog - dev-dependabot/composer/composer/composer-1.10.22;baijunyao/laravel-bjyblog - dev-dependabot/npm_and_yarn/minimist-1.2.6;baijunyao/laravel-bjyblog - v5.5.9.1;baijunyao/laravel-bjyblog - dev-dependabot/npm_and_yarn/dns-packet-1.3.4;ibexa/commerce-skeleton - v3.3.3;kodicms/core - no_fix;kodicms/core - v0.0.1;SS.Reward - 1.1.34-beta;SS.Login - no_fix;baijunyao/laravel-bjyadmin - no_fix;baijunyao/laravel-bjyadmin - v3.0.0;prestashop/blockreassurance - dev-dependabot/npm_and_yarn/dev/webpack-cli-4.3.0;servit/phpserver - no_fix;VueTemplate - no_fix;ecomteck/module-megamenu - 1.0.0;romjkeeeen/fix-cms-core1 - no_fix;Boin.Mvc.Template - no_fix;jianyan74/rageframe - no_fix;Vue.js.Developers.Version - no_fix;vadikvs666/vue - 0.6.0;ibexa/content-skeleton - v3.3.3;davyin/dyniva_ui - 1.x-dev;SS.Shopping - no_fix;themelogy/autorent-theme - 1.0.0;themelogy/autorent-theme - 1.1.4;luna/tjwiringa-theme - no_fix;devisephp/cms - v.2.1.0-beta.4;pyrocms/accelerant-theme - 1.0.x-dev;pyrocms/accelerant-theme - no_fix;ibexa/experience-skeleton - v3.3.3;namespace/voyager_fork - 1.x-dev;excitedcat/netease-im-web - no_fix;pushman/pushman - no_fix;pushman/pushman - 2.0.0-beta2;eugenec138/cakephp-utils - v1.0.3;eugenec138/cakephp-utils - no_fix;leelam/cloudsms - no_fix;leelam/cloudsms - v0.1.5;cbidigital/voyager - 1.x-dev;inkwell/cms - no_fix;zijinghua-dev/voyager - 1.x-dev;zijinghua-dev/voyager - 0.1.x-dev;3xw/cakephp-app - 4.1.0;3xw/cakephp-app - 3.7.0.1;3xw/cakephp-app - 3.7.0.0;magebitcom/snowdog-module-menu - 2.11.0;x-cart-proj/x-cart-proj - no_fix;jasonll/phalcon_wechat - no_fix;wenkechen/voyager - 1.x-dev;SS.GovInteract - 1.0.36-beta;xtoyun/xtophp - 1.0.0;xtoyun/xtophp - no_fix;hasnularief/auditor - no_fix;nerio93/voyager - 1.x-dev;newday-me/think-cms - 0.0.1;newday-me/think-cms - 2.0.0;inhere/gearman - no_fix;wpzoom/social-icons-widget - 4.2.3;wpzoom/social-icons-widget - 4.2.0;wpzoom/social-icons-widget - dev-wp58-fixes;wpzoom/social-icons-widget - dev-master;hebrahimzadeh/voyager - 1.x-dev;sky9th/skycms - v2.1;chatfeed/yii2-vue-admin - no_fix;erenkucukersoftware/voyager - 1.x-dev;bottelet/flarepoint - 1.1.4;bottelet/flarepoint - dev-dependabot/npm_and_yarn/path-parse-1.0.7;bottelet/flarepoint - dev-dependabot/npm_and_yarn/eventsource-1.1.1;tobyokeke/voyager - 1.x-dev;themelogy/artevents-theme - 1.1.2;themelogy/artevents-theme - 1.0.0;vue - 2.5.14;vue - 2.2.2;luzucheng59/voyager - 1.x-dev;luzucheng59/voyager - dev-analysis-zdw0Qp;luzucheng59/voyager - v0.11.12;wj008/beacon-standard - no_fix;clumsy/utils - 0.8.0;tasmnaguib/imagemanager - no_fix;yela528/g9zz-voyager - v1.0;itprism/prism-library - dev-release-v2;sagsoz06/hr-module - no_fix;sagsoz06/hr-module - 2.0.3;devuniverse/voyager - 1.x-dev;voyager-admin/voyager - 1.x-dev;friendsofvictoire/markdown-widget - no_fix;Webgamex.Comment - no_fix;redwine/redwine - dev-new-version;donglf681/backend - no_fix;mrpk-dev/voyager - 1.x-dev;webview-sys - 0.1.4;semisalov/fix-cms-core - no_fix;anisimovvb/yupe-vuejs-widget - no_fix;timtoday/voyager-cn - no_fix;themelogy/cubes-theme - no_fix;idci/extra-form-bundle - dev-dependabot/npm_and_yarn/ini-1.3.7;idci/extra-form-bundle - v2.0.5;f24aalam/voyager-material - 1.x-dev;chabibnr/ayom - 2.x-dev;ddphp/webos - no_fix;moxyrus/voyager - 1.x-dev;qsnh/meedu - dev-dependabot/composer/league/flysystem-1.1.4;qsnh/meedu - dev-dependabot/npm_and_yarn/path-parse-1.0.7;qsnh/meedu - v1.2.0;deadem/djem - no_fix;chandan07cse/elham - v1.0.0;zzb.ocean.nuget.libs - no_fix;zhuitech/boot-admin - 1.2.x-dev;quetzalarc/admin-gallery - no_fix;jarves/jarves - dev-angular-es6;jarves/jarves - 0.1.0-alpha;littlerobinson/query-builder-bundle - v1.0;mtg/show-image - no_fix;Indianadavy.VueJsWebAPITemplate.CSharp - 1.0.1;mathsgod/alt - 4.7.9;fiedsch/ligaverwaltung-bundle - 0.3.0;phambinh/phambinhcms - no_fix;digiwise/digirock - no_fix;guolifu/thunder - no_fix;SS.Magazine - no_fix;codebois/qrcodeslibrary - v1.0.0;galloping-vijay/laravel-wjfcms - dev-dependabot/composer/laravel/framework-6.20.14;kayrules/solatjakim-api-site - dev-version-1.0;dwij/laraadmin - 1.0.1;anhnn78/voyager - 1.x-dev;itplato/phpanalysis - v3.0_release;hongyukeji/ebestmall-html - no_fix;hongyukeji/ebestmall-html - ebestmall-html;hamzz/voyager - 1.x-dev;ingwarp/folder - v0.1.1;ingwarp/folder - no_fix;ahmadsyamim/voyager - 1.0.x-dev;hametuha/hashboard - 0.8.x-dev;truongwp/puppyfw - no_fix;ilhanet/erpnet-widget-resource - no_fix;lisandrop05/voyager - 1.x-dev;luna/material-theme - no_fix;azuracast/azuracast - 0.8.0;yhq/laravel - no_fix;krzysiekpiasecki/gentelella - no_fix;vue - 2.6.0;tarosky/restrict-image - no_fix;org.webjars.bower:vue:1.0.8;org.webjars.bower:vue:2.3.4;org.webjars.bower:vue:0.11.7;org.webjars.bower:vue:2.2.6;org.webjars.bower:vue:1.0.15;org.webjars.bower:vue:2.0.3;org.webjars.bower:vue:1.0.17;org.webjars.bower:vue:1.0.12;org.webjars.npm:github-com-schmich-instascan:no_fix;org.webjars.bower:echarts:5.3.3;org.webjars.bower:echarts:3.5.4;org.webjars.bower:echarts:3.7.1;org.webjars.bower:echarts:4.0.4;org.webjars.bowergithub.apache:incubator-echarts:4.2.1;org.webjars.bowergithub.apache:incubator-echarts:no_fix;org.webjars.npm:vue:2.5.22;org.webjars:vue:2.5.16;org.webjars.npm:github-com-mescroll-mescroll:no_fix;org.webjars.bowergithub.vuejs:vue:2.5.20;org.webjars.bowergithub.vuejs:vue:2.3.0;org.webjars.npm:github-com-vuejs-vue:2.6.14

Learn More

CVSS v3.1

Base Score:	3.7
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

WS-2018-0596

Good to know:

Date: February 21, 2018

Language: JS

Severity Score

Related Resources (2)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?