Search for packages
Package details: pkg:gem/jquery-rails@4.3.5
purl pkg:gem/jquery-rails@4.3.5
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 10.0
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-54hw-cf5y-aaaj
Aliases:
CVE-2020-23064
GHSA-257q-pv89-v3xv
Cross Site Scripting vulnerability in jQuery 2.2.0 through 3.x before 3.5.0 allows a remote attacker to execute arbitrary code via the <options> element.
4.4.0
Affected by 1 other vulnerability.
VCID-fhgh-jkwa-aaah
Aliases:
CVE-2020-11023
GHSA-jpcq-cgw6-v4j6
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
4.4.0
Affected by 1 other vulnerability.
VCID-kkd1-e4k1-aaam
Aliases:
CVE-2020-11022
GHSA-gxr4-xjj5-5px2
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
4.4.0
Affected by 1 other vulnerability.
VCID-q1qe-zr6p-aaap
Aliases:
CVE-2012-6708
GHSA-2pqj-h3vj-pqgw
jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common. There are no reported fixed by versions.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T16:35:49.908605+00:00 GitLab Importer Affected by VCID-54hw-cf5y-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-23064.yml 36.1.3
2025-06-20T16:35:48.951890+00:00 GitLab Importer Affected by VCID-54hw-cf5y-aaaj None 36.1.3
2025-06-20T14:37:33.511694+00:00 GitLab Importer Affected by VCID-fhgh-jkwa-aaah None 36.1.3
2025-06-20T14:37:29.340908+00:00 GitLab Importer Affected by VCID-kkd1-e4k1-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-11022.yml 36.1.3
2025-06-20T14:37:26.602195+00:00 GitLab Importer Affected by VCID-fhgh-jkwa-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-11023.yml 36.1.3
2025-06-03T23:14:34.324910+00:00 GitLab Importer Affected by VCID-54hw-cf5y-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-23064.yml 36.1.0
2025-06-03T23:14:33.183431+00:00 GitLab Importer Affected by VCID-54hw-cf5y-aaaj None 36.1.0
2025-06-03T21:21:24.513423+00:00 GitLab Importer Affected by VCID-fhgh-jkwa-aaah None 36.1.0
2025-06-03T21:21:20.217719+00:00 GitLab Importer Affected by VCID-kkd1-e4k1-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-11022.yml 36.1.0
2025-06-03T21:21:17.526810+00:00 GitLab Importer Affected by VCID-fhgh-jkwa-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-11023.yml 36.1.0
2025-06-02T23:11:37.190302+00:00 GitLab Importer Affected by VCID-54hw-cf5y-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-23064.yml 36.1.2
2025-06-02T23:11:36.040505+00:00 GitLab Importer Affected by VCID-54hw-cf5y-aaaj None 36.1.2
2025-06-02T21:03:02.358670+00:00 GitLab Importer Affected by VCID-fhgh-jkwa-aaah None 36.1.2
2025-06-02T21:02:57.856449+00:00 GitLab Importer Affected by VCID-kkd1-e4k1-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-11022.yml 36.1.2
2025-06-02T21:02:54.436922+00:00 GitLab Importer Affected by VCID-fhgh-jkwa-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-11023.yml 36.1.2
2025-04-03T21:20:55.404296+00:00 GitLab Importer Affected by VCID-54hw-cf5y-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-23064.yml 36.0.0
2025-04-03T21:20:53.587205+00:00 GitLab Importer Affected by VCID-54hw-cf5y-aaaj None 36.0.0
2025-04-03T17:36:42.425314+00:00 GitLab Importer Affected by VCID-fhgh-jkwa-aaah None 36.0.0
2025-04-03T17:36:34.065764+00:00 GitLab Importer Affected by VCID-kkd1-e4k1-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-11022.yml 36.0.0
2025-04-03T17:36:28.427754+00:00 GitLab Importer Affected by VCID-fhgh-jkwa-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-11023.yml 36.0.0
2025-02-18T04:28:01.500018+00:00 GitLab Importer Affected by VCID-54hw-cf5y-aaaj None 35.1.0
2025-02-18T04:27:56.804791+00:00 GitLab Importer Affected by VCID-54hw-cf5y-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-23064.yml 35.1.0
2025-02-18T01:41:51.168284+00:00 GitLab Importer Affected by VCID-fhgh-jkwa-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-11023.yml 35.1.0
2025-02-18T01:41:48.226593+00:00 GitLab Importer Affected by VCID-fhgh-jkwa-aaah None 35.1.0
2025-02-18T01:41:44.417745+00:00 GitLab Importer Affected by VCID-kkd1-e4k1-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-11022.yml 35.1.0
2024-11-21T01:21:54.051347+00:00 GitLab Importer Affected by VCID-54hw-cf5y-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-23064.yml 35.0.0
2024-11-20T23:56:44.472897+00:00 GitLab Importer Affected by VCID-fhgh-jkwa-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-11023.yml 35.0.0
2024-11-20T23:56:41.159099+00:00 GitLab Importer Affected by VCID-kkd1-e4k1-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-11022.yml 35.0.0
2024-11-19T01:08:03.752636+00:00 GitLab Importer Affected by VCID-54hw-cf5y-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-23064.yml 34.3.2
2024-11-18T23:45:12.236600+00:00 GitLab Importer Affected by VCID-fhgh-jkwa-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-11023.yml 34.3.2
2024-10-15T17:32:42.822521+00:00 Ruby Importer Affected by VCID-54hw-cf5y-aaaj https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-23064.yml 34.0.2
2024-10-15T17:32:19.530358+00:00 Ruby Importer Affected by VCID-fhgh-jkwa-aaah https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11023.yml 34.0.2
2024-10-15T17:32:19.079658+00:00 Ruby Importer Affected by VCID-kkd1-e4k1-aaam https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11022.yml 34.0.2
2024-10-15T17:27:21.009445+00:00 Ruby Importer Affected by VCID-q1qe-zr6p-aaap https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2012-6708.yml 34.0.2
2024-10-08T01:43:31.787905+00:00 GitLab Importer Affected by VCID-54hw-cf5y-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-23064.yml 34.0.2
2024-10-08T00:31:10.665338+00:00 GitLab Importer Affected by VCID-fhgh-jkwa-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-11023.yml 34.0.2
2024-10-07T18:30:10.381513+00:00 GHSA Importer Affected by VCID-54hw-cf5y-aaaj https://github.com/advisories/GHSA-257q-pv89-v3xv 34.0.2
2024-10-07T18:16:05.638870+00:00 GHSA Importer Affected by VCID-fhgh-jkwa-aaah https://github.com/advisories/GHSA-jpcq-cgw6-v4j6 34.0.2
2024-10-07T18:16:01.972187+00:00 GHSA Importer Affected by VCID-kkd1-e4k1-aaam https://github.com/advisories/GHSA-gxr4-xjj5-5px2 34.0.2
2024-09-23T01:45:34.809677+00:00 GitLab Importer Affected by VCID-54hw-cf5y-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-23064.yml 34.0.1
2024-09-23T00:43:11.198532+00:00 GitLab Importer Affected by VCID-fhgh-jkwa-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-11023.yml 34.0.1
2024-09-22T19:20:40.228771+00:00 GHSA Importer Affected by VCID-54hw-cf5y-aaaj https://github.com/advisories/GHSA-257q-pv89-v3xv 34.0.1
2024-09-22T18:58:45.110485+00:00 GHSA Importer Affected by VCID-fhgh-jkwa-aaah https://github.com/advisories/GHSA-jpcq-cgw6-v4j6 34.0.1
2024-09-22T18:58:41.658062+00:00 GHSA Importer Affected by VCID-kkd1-e4k1-aaam https://github.com/advisories/GHSA-gxr4-xjj5-5px2 34.0.1
2024-09-21T15:57:49.732363+00:00 Ruby Importer Affected by VCID-54hw-cf5y-aaaj https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-23064.yml 34.0.1
2024-09-21T15:57:26.157561+00:00 Ruby Importer Affected by VCID-fhgh-jkwa-aaah https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11023.yml 34.0.1
2024-09-21T15:57:25.723555+00:00 Ruby Importer Affected by VCID-kkd1-e4k1-aaam https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11022.yml 34.0.1
2024-09-21T15:52:14.486626+00:00 Ruby Importer Affected by VCID-q1qe-zr6p-aaap https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2012-6708.yml 34.0.1
2024-04-24T04:03:08.879042+00:00 GitLab Importer Affected by VCID-54hw-cf5y-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-23064.yml 34.0.0rc4
2024-04-24T04:03:08.402220+00:00 GitLab Importer Affected by VCID-54hw-cf5y-aaaj None 34.0.0rc4
2024-04-24T02:54:48.188947+00:00 GitLab Importer Affected by VCID-fhgh-jkwa-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-11023.yml 34.0.0rc4
2024-04-24T02:54:44.601877+00:00 GitLab Importer Affected by VCID-fhgh-jkwa-aaah None 34.0.0rc4
2024-04-23T20:17:38.824570+00:00 GHSA Importer Affected by VCID-54hw-cf5y-aaaj https://github.com/advisories/GHSA-257q-pv89-v3xv 34.0.0rc4
2024-04-23T20:17:37.052450+00:00 GHSA Importer Affected by VCID-54hw-cf5y-aaaj None 34.0.0rc4
2024-04-23T19:57:17.639559+00:00 GHSA Importer Affected by VCID-fhgh-jkwa-aaah https://github.com/advisories/GHSA-jpcq-cgw6-v4j6 34.0.0rc4
2024-04-23T19:57:15.407853+00:00 GHSA Importer Affected by VCID-fhgh-jkwa-aaah None 34.0.0rc4
2024-04-23T19:57:08.175360+00:00 GHSA Importer Affected by VCID-kkd1-e4k1-aaam None 34.0.0rc4
2024-04-23T19:57:07.180101+00:00 GHSA Importer Affected by VCID-kkd1-e4k1-aaam https://github.com/advisories/GHSA-gxr4-xjj5-5px2 34.0.0rc4
2024-01-10T06:38:44.016469+00:00 GitLab Importer Affected by VCID-54hw-cf5y-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-23064.yml 34.0.0rc2
2024-01-10T06:38:43.531330+00:00 GitLab Importer Affected by VCID-54hw-cf5y-aaaj None 34.0.0rc2
2024-01-10T05:33:45.654693+00:00 GitLab Importer Affected by VCID-fhgh-jkwa-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-11023.yml 34.0.0rc2
2024-01-10T05:33:41.494285+00:00 GitLab Importer Affected by VCID-fhgh-jkwa-aaah None 34.0.0rc2
2024-01-09T22:08:12.825687+00:00 GHSA Importer Affected by VCID-54hw-cf5y-aaaj https://github.com/advisories/GHSA-257q-pv89-v3xv 34.0.0rc2
2024-01-09T22:08:10.535661+00:00 GHSA Importer Affected by VCID-54hw-cf5y-aaaj None 34.0.0rc2
2024-01-09T21:48:13.725086+00:00 GHSA Importer Affected by VCID-fhgh-jkwa-aaah https://github.com/advisories/GHSA-jpcq-cgw6-v4j6 34.0.0rc2
2024-01-09T21:48:11.413580+00:00 GHSA Importer Affected by VCID-fhgh-jkwa-aaah None 34.0.0rc2
2024-01-09T21:48:04.891193+00:00 GHSA Importer Affected by VCID-kkd1-e4k1-aaam None 34.0.0rc2
2024-01-09T21:48:03.883959+00:00 GHSA Importer Affected by VCID-kkd1-e4k1-aaam https://github.com/advisories/GHSA-gxr4-xjj5-5px2 34.0.0rc2
2024-01-03T23:25:18.913988+00:00 GitLab Importer Affected by VCID-54hw-cf5y-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-23064.yml 34.0.0rc1
2024-01-03T23:25:18.442270+00:00 GitLab Importer Affected by VCID-54hw-cf5y-aaaj None 34.0.0rc1
2024-01-03T22:22:28.595140+00:00 GitLab Importer Affected by VCID-fhgh-jkwa-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/jquery-rails/CVE-2020-11023.yml 34.0.0rc1
2024-01-03T22:22:25.223980+00:00 GitLab Importer Affected by VCID-fhgh-jkwa-aaah None 34.0.0rc1
2024-01-03T17:52:40.057963+00:00 GHSA Importer Affected by VCID-54hw-cf5y-aaaj https://github.com/advisories/GHSA-257q-pv89-v3xv 34.0.0rc1
2024-01-03T16:52:34.247084+00:00 GHSA Importer Affected by VCID-54hw-cf5y-aaaj None 34.0.0rc1
2024-01-03T16:35:37.062607+00:00 GHSA Importer Affected by VCID-fhgh-jkwa-aaah None 34.0.0rc1
2024-01-03T16:35:31.412354+00:00 GHSA Importer Affected by VCID-kkd1-e4k1-aaam None 34.0.0rc1