Search for packages
Package details: pkg:maven/org.webjars.npm/jquery@1.1.4
purl pkg:maven/org.webjars.npm/jquery@1.1.4
Tags Ghost
Next non-vulnerable version 3.5.0
Latest non-vulnerable version 3.5.0
Risk 10.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-tv97-anfg-aaam
Aliases:
CVE-2019-11358
GHSA-6c3j-c64m-qhgq
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
3.4.0
Affected by 3 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2024-11-19T19:09:43.306164+00:00 GHSA Importer Affected by VCID-tv97-anfg-aaam https://github.com/advisories/GHSA-6c3j-c64m-qhgq 34.3.2
2024-11-19T15:48:02.173193+00:00 GitLab Importer Affected by VCID-tv97-anfg-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.webjars.npm/jquery/CVE-2019-11358.yml 34.3.2
2024-09-17T22:41:05.802154+00:00 GitLab Importer Affected by VCID-tv97-anfg-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.webjars.npm/jquery/CVE-2019-11358.yml 34.0.1
2024-09-17T22:02:43.693617+00:00 GHSA Importer Affected by VCID-tv97-anfg-aaam https://github.com/advisories/GHSA-6c3j-c64m-qhgq 34.0.1
2024-04-23T17:40:28.586459+00:00 GHSA Importer Affected by VCID-tv97-anfg-aaam https://github.com/advisories/GHSA-6c3j-c64m-qhgq 34.0.0rc4
2024-01-03T18:03:27.638381+00:00 GitLab Importer Affected by VCID-tv97-anfg-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.webjars.npm/jquery/CVE-2019-11358.yml 34.0.0rc1
2024-01-03T17:37:32.013219+00:00 GHSA Importer Affected by VCID-tv97-anfg-aaam https://github.com/advisories/GHSA-6c3j-c64m-qhgq 34.0.0rc1