VulnerableCode Package Details - pkg:npm/jQuery@2.1.0-beta2

Search for packages

Package details: pkg:npm/jQuery@2.1.0-beta2

Essentials
History (0)

purl	pkg:npm/jQuery@2.1.0-beta2
Tags	Ghost

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk	10.0

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-bm85-uen1-aaab Aliases: CVE-2019-5428 GHSA-wv67-q8rr-grjp	REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-11358. Reason: This candidate is a duplicate of CVE-2019-11358. Notes: All CVE users should reference CVE-2019-11358 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.	3.4.0 Affected by 0 other vulnerabilities.
VCID-tv97-anfg-aaam Aliases: CVE-2019-11358 GHSA-6c3j-c64m-qhgq	jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.	3.4.0 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version