VulnerableCode Package Details - pkg:composer/maximebf/debugbar@1.19.0

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-kkd1-e4k1-aaam	In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.	CVE-2020-11022 GHSA-gxr4-xjj5-5px2
VCID-tv97-anfg-aaam	jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.	CVE-2019-11358 GHSA-6c3j-c64m-qhgq

Vulnerability

Summary

Aliases

VCID-kkd1-e4k1-aaam

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

CVE-2020-11022
GHSA-gxr4-xjj5-5px2

VCID-tv97-anfg-aaam

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.

CVE-2019-11358
GHSA-6c3j-c64m-qhgq

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-04-04T11:33:43.976645+00:00	GithubOSV Importer	Fixing	VCID-kkd1-e4k1-aaam	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/04/GHSA-gxr4-xjj5-5px2/GHSA-gxr4-xjj5-5px2.json	36.0.0
2024-11-19T19:09:57.907921+00:00	GHSA Importer	Fixing	VCID-kkd1-e4k1-aaam	https://github.com/advisories/GHSA-gxr4-xjj5-5px2	34.3.2
2024-11-19T19:09:42.476476+00:00	GHSA Importer	Fixing	VCID-tv97-anfg-aaam	https://github.com/advisories/GHSA-6c3j-c64m-qhgq	34.3.2
2024-11-19T15:48:04.043132+00:00	GitLab Importer	Fixing	VCID-kkd1-e4k1-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/maximebf/debugbar/CVE-2020-11022.yml	34.3.2
2024-11-19T15:48:02.410276+00:00	GitLab Importer	Fixing	VCID-tv97-anfg-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/maximebf/debugbar/CVE-2019-11358.yml	34.3.2
2024-11-19T00:51:39.825343+00:00	GithubOSV Importer	Fixing	VCID-kkd1-e4k1-aaam	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/04/GHSA-gxr4-xjj5-5px2/GHSA-gxr4-xjj5-5px2.json	34.3.2
2024-11-19T00:37:54.087080+00:00	GithubOSV Importer	Fixing	VCID-tv97-anfg-aaam	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/04/GHSA-6c3j-c64m-qhgq/GHSA-6c3j-c64m-qhgq.json	34.3.2