VulnerableCode Package Details - pkg:npm/jquery@1.1.4

Search for packages

Package details: pkg:npm/jquery@1.1.4

Essentials
History (6)

purl	pkg:npm/jquery@1.1.4
Tags	Ghost

Next non-vulnerable version	3.5.0
Latest non-vulnerable version	3.5.0
Risk	10.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-tv97-anfg-aaam Aliases: CVE-2019-11358 GHSA-6c3j-c64m-qhgq	jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.	3.4.0 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T20:03:26.567888+00:00	GHSA Importer	Affected by	VCID-tv97-anfg-aaam	None	36.0.0
2024-11-19T19:09:45.021870+00:00	GHSA Importer	Affected by	VCID-tv97-anfg-aaam	https://github.com/advisories/GHSA-6c3j-c64m-qhgq	34.3.2
2024-11-19T15:48:03.231896+00:00	GitLab Importer	Affected by	VCID-tv97-anfg-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/jquery/CVE-2019-11358.yml	34.3.2
2024-09-17T22:18:58.002543+00:00	GHSA Importer	Affected by	VCID-tv97-anfg-aaam	https://github.com/advisories/GHSA-6c3j-c64m-qhgq	34.0.1
2024-04-23T17:41:44.812723+00:00	GHSA Importer	Affected by	VCID-tv97-anfg-aaam	https://github.com/advisories/GHSA-6c3j-c64m-qhgq	34.0.0rc4
2024-01-03T17:48:02.226071+00:00	GHSA Importer	Affected by	VCID-tv97-anfg-aaam	https://github.com/advisories/GHSA-6c3j-c64m-qhgq	34.0.0rc1