Description
jQuery from 1.1.4 until 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Recommendation
Update the jquery package to the latest compatible version. Followings are version details:
- Affected version(s): >= 1.1.4, < 3.4.0
- Patched version(s): 3.4.0
References
- GHSA-6c3j-c64m-qhgq
- backdropcms.org
- snyk.io
- www.drupal.org
- access.redhat.com
- lists.apache.org
- lists.debian.org
- www.debian.org
- www.synology.com
- www.tenable.com
- lists.opensuse.org
- packetstormsecurity.com
- www.openwall.com
- kb.pulsesecure.net
- security.snyk.io
- seclists.org
- www.oracle.com
- supportportal.juniper.net
- web.archive.org
- www.securityfocus.com
- blog.jquery.com
- lists.fedoraproject.org
- security.netapp.com
- www.djangoproject.com
- www.privacy-wise.com
- CVE-2019-11358
- CWE-1321
- CWE-79
- CAPEC-310
- OWASP 2021-A3
- OWASP 2021-A6
Related Issues
- Axios is vulnerable to DoS attack through lack of data size check - CVE-2025-58754
- billboard.js allows prototype pollution via the function generate - CVE-2025-49223
- Potential XSS vulnerability in jQuery - CVE-2020-11023
- Potential XSS vulnerability in jQuery (GHSA-gxr4-xjj5-5px2) - CVE-2020-11022
- Tags:
- npm
- jquery
Anything's wrong? Let us know Last updated on November 05, 2024