Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-yjt6-bhfr-u3aj

Summary

Duplicate Advisory: Prototype Pollution in jquery
## Duplicate Advisory
This advisory is a duplicate of [GHSA-6c3j-c64m-qhgq](https://github.com/advisories/GHSA-6c3j-c64m-qhgq). This link is maintained to preserve external references.

## Original Description
Versions of `jquery`  prior to 3.4.0 are vulnerable to Prototype Pollution. The extend() method allows an attacker to modify the prototype for `Object` causing changes in properties that will exist on all objects.

## Recommendation
Upgrade to version 3.4.0 or later.

Aliases

alias	CVE-2019-5428

alias	GHSA-wv67-q8rr-grjp

Fixed_packages

url pkg:maven/org.webjars.npm/jquery@3.4.0

purl pkg:maven/org.webjars.npm/jquery@3.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5618-53yg-8qh4

vulnerability	VCID-8mpx-4ueh-qqfv

vulnerability	VCID-cvxp-ctj9-guej

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.webjars.npm/jquery@3.4.0

url pkg:npm/jquery@3.4.0

purl pkg:npm/jquery@3.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5618-53yg-8qh4

vulnerability	VCID-8mpx-4ueh-qqfv

vulnerability	VCID-cvxp-ctj9-guej

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/jquery@3.4.0

url pkg:nuget/jquery@3.4.0

purl pkg:nuget/jquery@3.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5618-53yg-8qh4

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/jquery@3.4.0

Affected_packages

References

reference_url

https://blog.jquery.com/2019/04/10/jquery-3-4-0-released

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://blog.jquery.com/2019/04/10/jquery-3-4-0-released

reference_url	https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/
reference_id
reference_type
scores
url	https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/