Skip to content

Scan for vulnerabilities in JavaScript libraries you use (Python port of retirejs)

License

Notifications You must be signed in to change notification settings

FallibleInc/retirejslib

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Python port of RetireJS

PyPI PyPI PyPI

Installation

pip install retirejs

How to use

import retirejs

retirejs.scan_endpoint("http://code.jquery.com/jquery-1.6.min.js")

Sample Output:

[{'detection': 'filecontent', 'vulnerabilities': [{'info': ['http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4969', 'http://research.insecurelabs.org/jquery/test/'], 'identifiers': {'CVE': ['CVE-2011-4969']}, 'severity': 'medium'}, {'info': ['http://bugs.jquery.com/ticket/11290', 'http://research.insecurelabs.org/jquery/test/'], 'identifiers': {'bug': '11290', 'summary': 'Selector interpreted as HTML'}, 'severity': 'medium'}, {'info': ['https://github.com/jquery/jquery/issues/2432', 'http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/'], 'identifiers': {'summary': '3rd party CORS request may execute'}, 'severity': 'medium'}], 'version': '1.6.0', 'component': 'jquery'}]

About

Scan for vulnerabilities in JavaScript libraries you use (Python port of retirejs)

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages