CVE-2019-11358 @ Npm-jquery-3.2.1

**Checkmarx \(SCA\):** Vulnerable Package
**Vulnerability:** [Read More ](https://devhub.checkmarx.com/cve-details/CVE-2019-11358) about CVE-2019-11358
**Checkmarx Project:** [AsafOrgTesting/Sast\-Sca\-Test\-Repo](https://ast-master-components.dev.cxast.net/projects/237241c8-680c-410c-b221-6975903ae1a1/overview?branch=master)
**Repository URL:** [https://github.com/AsafOrgTesting/Sast\-Sca\-Test\-Repo](https://github.com/AsafOrgTesting/Sast-Sca-Test-Repo)
**Branch:** master
**Scan ID:** [381445f1\-c79b\-4b6f\-9733\-56cc146401f9](https://ast-master-components.dev.cxast.net/projects/237241c8-680c-410c-b221-6975903ae1a1/scans?id=381445f1-c79b-4b6f-9733-56cc146401f9&branch=master)


----
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.





----
**Additional Info**
**Attack vector:** NETWORK
**Attack complexity:** LOW
**Confidentiality impact:** LOW
**Availability impact:** NONE
**Remediation Upgrade Recommendation:** 3.5.0


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE-2019-11358 @ Npm-jquery-3.2.1 #15990

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

CVE-2019-11358 @ Npm-jquery-3.2.1 #15990

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions