Search for vulnerabilities
Vulnerability details: VCID-bm85-uen1-aaab
Vulnerability ID VCID-bm85-uen1-aaab
Aliases CVE-2019-5428
GHSA-wv67-q8rr-grjp
Summary ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-11358. Reason: This candidate is a duplicate of CVE-2019-11358. Notes: All CVE users should reference CVE-2019-11358 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Status Invalid
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.00241 https://api.first.org/data/v1/epss?cve=CVE-2019-5428
epss 0.00241 https://api.first.org/data/v1/epss?cve=CVE-2019-5428
epss 0.00241 https://api.first.org/data/v1/epss?cve=CVE-2019-5428
epss 0.00241 https://api.first.org/data/v1/epss?cve=CVE-2019-5428
epss 0.00241 https://api.first.org/data/v1/epss?cve=CVE-2019-5428
epss 0.00241 https://api.first.org/data/v1/epss?cve=CVE-2019-5428
epss 0.00241 https://api.first.org/data/v1/epss?cve=CVE-2019-5428
epss 0.00241 https://api.first.org/data/v1/epss?cve=CVE-2019-5428
epss 0.00241 https://api.first.org/data/v1/epss?cve=CVE-2019-5428
epss 0.00241 https://api.first.org/data/v1/epss?cve=CVE-2019-5428
epss 0.00241 https://api.first.org/data/v1/epss?cve=CVE-2019-5428
epss 0.00241 https://api.first.org/data/v1/epss?cve=CVE-2019-5428
epss 0.00241 https://api.first.org/data/v1/epss?cve=CVE-2019-5428
epss 0.00241 https://api.first.org/data/v1/epss?cve=CVE-2019-5428
epss 0.00241 https://api.first.org/data/v1/epss?cve=CVE-2019-5428
cvssv3.1 6.1 https://blog.jquery.com/2019/04/10/jquery-3-4-0-released
generic_textual MODERATE https://blog.jquery.com/2019/04/10/jquery-3-4-0-released
cvssv3 6.1 https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/
generic_textual Low https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/
cvssv3.1_qr MODERATE https://github.com/advisories/GHSA-wv67-q8rr-grjp
cvssv3.1 6.1 https://github.com/jquery/jquery/pull/4333
generic_textual MODERATE https://github.com/jquery/jquery/pull/4333
cvssv3 5.6 https://github.com/nodejs/security-wg/blob/main/vuln/npm/496.json
cvssv3 5.6 https://hackerone.com/reports/454365
generic_textual MODERATE https://hackerone.com/reports/454365
generic_textual MODERATE https://www.npmjs.com/advisories/796
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2019-5428
https://blog.jquery.com/2019/04/10/jquery-3-4-0-released
https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/
https://github.com/jquery/jquery/pull/4333
https://hackerone.com/reports/454365
https://www.npmjs.com/advisories/796
496 https://github.com/nodejs/security-wg/blob/main/vuln/npm/496.json
CVE-2019-5428 https://nvd.nist.gov/vuln/detail/CVE-2019-5428
GHSA-wv67-q8rr-grjp https://github.com/advisories/GHSA-wv67-q8rr-grjp
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://blog.jquery.com/2019/04/10/jquery-3-4-0-released
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://github.com/jquery/jquery/pull/4333
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.64599
EPSS Score 0.00241
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
2025-04-17T13:10:53.533715+00:00 NVD CVE Status Improver Improve https://cveawg.mitre.org/api/cve/CVE-2019-5428 36.0.0