CVE-2019-5428 – org.webjars.npm:jquery

Package

Manager: maven
Name: org.webjars.npm:jquery
Vulnerable Version: <0

Severity

Level: Medium

CVSS v3.1: N/A

CVSS v4.0: N/A

EPSS: N/A pctlN/A

Details

Duplicate Advisory: Prototype Pollution in jquery ## Duplicate Advisory This advisory is a duplicate of [GHSA-6c3j-c64m-qhgq](https://github.com/advisories/GHSA-6c3j-c64m-qhgq). This link is maintained to preserve external references. ## Original Description Versions of `jquery` prior to 3.4.0 are vulnerable to Prototype Pollution. The extend() method allows an attacker to modify the prototype for `Object` causing changes in properties that will exist on all objects. ## Recommendation Upgrade to version 3.4.0 or later.

Metadata

Created: 2019-04-23T15:59:10Z
Modified: 2022-10-06T17:19:37Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/04/GHSA-wv67-q8rr-grjp/GHSA-wv67-q8rr-grjp.json
CWE IDs: []
Alternative ID: GHSA-wv67-q8rr-grjp
Finding: N/A
Auto approve: 0