Valine.js - Valine CVE

Filtered by vendor Valine.js Subscribe

Filtered by product Valine

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-34801	1 Valine.js	1 Valine	2022-05-03	5.0 MEDIUM	5.3 MEDIUM
Valine 1.4.14 allows remote attackers to cause a denial of service (application outage) by supplying a ua (aka User-Agent) value that only specifies the product and version.
CVE-2018-19289	1 Valine.js	1 Valine	2020-08-24	4.3 MEDIUM	6.1 MEDIUM
An issue was discovered in Valine v1.3.3. It allows HTML injection, which can be exploited for JavaScript execution via an EMBED element in conjunction with a .pdf file.

Vulnerabilities (CVE)