[Pkg-javascript-devel] Bug#927385: jquery: Prototype Pollution vulnerability
Salvatore Bonaccorso
carnil at debian.org
Thu Apr 18 20:47:04 BST 2019
Source: jquery
Version: 3.3.1~dfsg-1
Severity: grave
Tags: patch security upstream fixed-upstream
Justification: user security hole
Control: found -1 3.1.1-2
Hi
A prototype pollution vulnerability (so far no CVE) has been fixed in
jQuery 3.4.0:
https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/
Patches: https://github.com/DanielRuf/snyk-js-jquery-174006?files=1
https://snyk.io/vuln/SNYK-JS-JQUERY-174006
Regards,
Salvatore
More information about the Pkg-javascript-devel
mailing list