extension ExtPose


Description from extension meta

Scanning website for vulnerable js libraries

Image from store retire.js
Description from store Scan a web app for use of vulnerable JavaScript libraries. The goal of retire.js is to help you detect use of version with known vulnerabilities. Retire.js web extension isn't the original RetireJS project but is predominantly based on RetireJS opensource repo available on github - http://retirejs.github.io/retire.js/ ========== Release 1.3.4 - Adds some missing vulns Release 1.3.3 - Added popular bootstrap's uri extractor Release 1.3.2 - Added some vulns Release 1.3.1 - Added jQuery mobile XSS vulnerability Release 1.3.0 - Added jQuery vulnerability as per CVE-2019-11358 Release 1.2.9 - Added two Prototype Pollution vulns in Handlebars Release 1.2.8 - Added more descriptive link for angularjs vulnerability Release 1.2.7 - Added CVE identifiers about bootstrap release below 4.3.1 and below 3.4.1 Release 1.2.6 - Fixing regex for knockout Release 1.2.5 - Updated report about bootstrap vulnerabilities Release 1.2.4 - Fixed CkEditor vuln Release 1.2.3 - Added regex for handlebars hashbang comment Release 1.2.2 - Bootstrap: clarified vulnerabilities, added CVE's (#257) Release 1.2.1. - Replaced regex to match older versions of tinyMCE (#256) Release 1.2.0 - Fixed wrong react versioning for bug Release 1.1.9 - Added ExtJS vulns Release 1.1.8 - Added vue.js vulns Release 1.1.7 - Fixed typo in repo Release 1.1.6 - Add summary for CVE-2011-4969 and link to jQuery ticket (#228) Release 1.1.5 - CkEditor xss vulnerability reported ==========

Latest reviews

  • (2018-08-09) Lukas Bertoni: Usefull Information Security addon
  • (2018-08-03) Franklin Yu: Note that the distributor is not the original developer. See https://github.com/RetireJS/retire.js/issues/244.
  • (2017-11-28) Rob Schoenaker: Quick overview of known vulnerabilities

Latest issues

  • (2017-06-14, v: Niels Swimberghe: official?
    Is this chrome plugin uploaded by the maintainer of retire.js? I don't find a link from github or website to this plugin.


4.6667 (6 votes)
Last update / version
2020-01-13 / 1.3.4
Listing languages