retire.js
Imagen del logotipo del elemento para retire.js

retire.js

Destacado
4,9(

7 valoraciones

)
Elemento multimedia: captura de pantalla (1)

Descripción general

Scanning website for vulnerable js libraries

Scan a web app for use of vulnerable JavaScript libraries. The goal of retire.js is to help you detect use of version with known vulnerabilities. Retire.js web extension isn't the original RetireJS project but is predominantly based on RetireJS opensource repo available on github - http://retirejs.github.io/retire.js/ ========== Release 1.9.0 - Adjusting severities based on github advisory data Release 1.8.9 - Fixed severity rating Release 1.8.8 - Added tableexport.jquery.plugin vuln Release 1.8.6 - Adding jquery-deparam vuln Release 1.8.5 - Update js repository Release 1.8.4 - Fixed CVE-2019-11358 Release 1.8.3 - Sync of versions with github database Release 1.8.2 - Fixed npm name of jquery.datatables Release 1.8.1 - Improved extractor for jquery.dataTables Release 1.8.0 - Added pendo vuln Release 1.7.9 - Added one more test case Release 1.7.8 - Updating vulnerability repo based on information from OSV Release 1.7.7 - Added test case for ckeditor Release 1.7.6 - Added CKEditor Vulnerable version less than 4.21.0 Release 1.7.5 - Improved Svelte detection Release 1.7.4 - Adding some more stuff and a bit of cleanup Release 1.7.3 - Updated information on known vulnerabilities Release 1.7.2 Added Ember.js prototype pollution vuln Release 1.7.1 - Adjusted the severity, from medium to high, of the vulnerabilities CVE 2022-24785 and CVE-2022-31129 Release 1.7.0 - Fixed underscore.js typo Release 1.6.9 - Fixed moment.js test Release 1.6.8 - Added jquery-ui CVE-2022-31160 Release 1.6.7 - Fixup for tinyMCE which includes dompurify Release 1.6.6 - Added next.js vulnerabilities Release 1.6.5 - Fixed uri jquery.dataTables vuln Release 1.6.4 - Added Svelte vulns Release 1.6.3 - Reported vuln for all versions of AlaSQL library Release 1.6.2 - Fixed axios typo Release 1.6.1 - Axios vulnerabilities added Release 1.6.0 - Adding plupload vulns for 3.1.4, 3.1.5, 2.3.8 and 2.3.9 Release 1.5.8 - Added CVE-2017-18214 in js report Release 1.5.6 - Added missing jquery-ui CVEs Release 1.5.5 - Added XSS vulnerabilities for CKEditor Release 1.5.4 - Added medium vuln for plupload below 2.3.7 and below 3.1.3 Release 1.5.3 - Removed errors in the reports Release 1.5.2 - I updated all of the mismatching severities based on NIST Release 1.5.1 - Additional error handling Release 1.5.0 - Fixed some bugs to recognize vulnerable js libs Release 1.4.9 - Added additional Bootstrap's file content extractor Release 1.4.8 - Fixed incorrect tinyMCE vuln version Release 1.4.7 - Added some missing vulns to json repo Release 1.4.6 - Changed summary for jquery.ui.tooltip related vulnerability Release 1.4.5 - CVE specified for jQuery.htmlPrefilter Release 1.4.0 - Added CVE-2020-7676 for angular < 1.8.0 Release 1.3.8 - Added possibility of showing unknowns Release 1.3.7 - Reports XSS in jQuery < 3.5.0 Release 1.3.6 - changed handlebars.js -> handlebars in jsrepository.json Release 1.3.5 - Fixed bug: Handlebars not detected properly in newer versions Release 1.3.4 - Adds some missing vulns Release 1.3.3 - Added popular bootstrap's uri extractor Release 1.3.2 - Added some vulns Release 1.3.1 - Added jQuery mobile XSS vulnerability Release 1.3.0 - Added jQuery vulnerability as per CVE-2019-11358 Release 1.2.9 - Added two Prototype Pollution vulns in Handlebars Release 1.2.8 - Added more descriptive link for angularjs vulnerability Release 1.2.7 - Added CVE identifiers about bootstrap release below 4.3.1 and below 3.4.1 Release 1.2.6 - Fixing regex for knockout Release 1.2.5 - Updated report about bootstrap vulnerabilities Release 1.2.4 - Fixed CkEditor vuln Release 1.2.3 - Added regex for handlebars hashbang comment Release 1.2.2 - Bootstrap: clarified vulnerabilities, added CVE's (#257) Release 1.2.1. - Replaced regex to match older versions of tinyMCE (#256) Release 1.2.0 - Fixed wrong react versioning for bug Release 1.1.9 - Added ExtJS vulns Release 1.1.8 - Added vue.js vulns Release 1.1.7 - Fixed typo in repo Release 1.1.6 - Add summary for CVE-2011-4969 and link to jQuery ticket (#228) Release 1.1.5 - CkEditor xss vulnerability reported ==========

4,9 de 57 valoraciones

Google no verifica las reseñas. Obtén más información sobre los resultados y las reseñas.

Detalles

  • Versión
    1.9.0
  • Actualizado
    21 de septiembre de 2023
  • Ofrecido por
    jadwigaostrowska803
  • Tamaño
    132KiB
  • Idiomas
    English
  • Desarrollador
    Correo electrónico
    jadwigaostrowska803@gmail.com
  • No operador
    Este desarrollador no se ha identificado como operador. Los consumidores residentes en la Unión Europea deben tener en cuenta que los derechos de los consumidores no son aplicables a los contratos que suscriban con este desarrollador.

Privacidad

El desarrollador ha comunicado que no recogerá ni usará tus datos. Para obtener más información, consulta la política de privacidad del desarrollador.

Este desarrollador declara que tus datos:

  • No se venden a terceros, excepto en los casos de uso aprobados
  • No se usan ni se transfieren para fines no relacionados con la función principal del elemento.
  • No se usan ni se transfieren para determinar la situación crediticia ni para ofrecer préstamos.

Relacionados

HackBar

4,2(48)

A browser extension for Penetration Testing

Trufflehog

5,0(5)

Sniffing out credentials

Plugin Vulnerabilities

5,0(1)

Adds warning message to WordPress Plugin Directory pages when plugins are from developer we have released security advisories for.

Hack-Tools

4,7(19)

The all in one Red team extension for web pentester

Vulners Web Scanner

4,5(19)

Tiny vulnerability scanner based on vulners.com vulnerability database. Passively scan websites while you surf internet!

OWASP Penetration Testing Kit

4,9(42)

OWASP Penetration Testing Kit

CounterXSS

5,0(1)

An Extension to counter XSS attack!

Shodan

4,5(132)

The Shodan plugin tells you where the website is hosted (country, city), who owns the IP and what other services/ ports are open.

XSS

5,0(7)

Web Development tool

Cyber Web Tools

1,0(5)

Chrome extension to analysis your website security. It provides various tools to find web security loopholes.

YesWeHack VDP Finder

5,0(2)

This extension tells if visited sites have vulnerability disclosure programs

Untrusted Types for DevTools

5,0(3)

Abusing Trusted Types to discover XSS sinks.

HackBar

4,2(48)

A browser extension for Penetration Testing

Trufflehog

5,0(5)

Sniffing out credentials

Plugin Vulnerabilities

5,0(1)

Adds warning message to WordPress Plugin Directory pages when plugins are from developer we have released security advisories for.

Hack-Tools

4,7(19)

The all in one Red team extension for web pentester

Vulners Web Scanner

4,5(19)

Tiny vulnerability scanner based on vulners.com vulnerability database. Passively scan websites while you surf internet!

OWASP Penetration Testing Kit

4,9(42)

OWASP Penetration Testing Kit

CounterXSS

5,0(1)

An Extension to counter XSS attack!

Shodan

4,5(132)

The Shodan plugin tells you where the website is hosted (country, city), who owns the IP and what other services/ ports are open.

Aplicaciones de Google