Search for packages
Package details: pkg:maven/org.webjars.npm/jquery@1.2.0
purl pkg:maven/org.webjars.npm/jquery@1.2.0
Tags Ghost
Next non-vulnerable version 3.5.0
Latest non-vulnerable version 3.5.0
Risk 10.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-kkd1-e4k1-aaam
Aliases:
CVE-2020-11022
GHSA-gxr4-xjj5-5px2
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
3.5.0
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2024-11-19T19:09:56.561269+00:00 GHSA Importer Affected by VCID-kkd1-e4k1-aaam https://github.com/advisories/GHSA-gxr4-xjj5-5px2 34.3.2
2024-11-19T15:48:04.152258+00:00 GitLab Importer Affected by VCID-kkd1-e4k1-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.webjars.npm/jquery/CVE-2020-11022.yml 34.3.2
2024-09-17T22:41:05.579266+00:00 GitLab Importer Affected by VCID-kkd1-e4k1-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.webjars.npm/jquery/CVE-2020-11022.yml 34.0.1
2024-09-17T22:02:48.182753+00:00 GHSA Importer Affected by VCID-kkd1-e4k1-aaam https://github.com/advisories/GHSA-gxr4-xjj5-5px2 34.0.1
2024-01-03T18:03:27.381296+00:00 GitLab Importer Affected by VCID-kkd1-e4k1-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.webjars.npm/jquery/CVE-2020-11022.yml 34.0.0rc1
2024-01-03T17:37:36.341561+00:00 GHSA Importer Affected by VCID-kkd1-e4k1-aaam https://github.com/advisories/GHSA-gxr4-xjj5-5px2 34.0.0rc1