VulnerableCode Package Details - pkg:nuget/jQuery@1.1.4

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:nuget/jQuery@1.1.4

Essentials
History (2)

purl	pkg:nuget/jQuery@1.1.4
Tags	Ghost

Next non-vulnerable version	3.5.0
Latest non-vulnerable version	3.5.0
Risk	10.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-3s9f-prpy-hbcx Aliases: CVE-2019-11358 GHSA-6c3j-c64m-qhgq	Cross-site Scripting The jQuery library, which is included in rdoc, mishandles `jQuery.extend(true, {}, ...)` because of Object.prototype pollution. If an unsanitized source object contained an enumerable `__proto__` property, it could extend the native `Object.prototype.`	3.4.0 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T15:57:27.705142+00:00	GHSA Importer	Affected by	VCID-3s9f-prpy-hbcx	https://github.com/advisories/GHSA-6c3j-c64m-qhgq	38.0.0
2026-04-01T12:48:26.408438+00:00	GitLab Importer	Affected by	VCID-3s9f-prpy-hbcx	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/jQuery/CVE-2019-11358.yml	38.0.0