Overview
Versions of jquery
prior to 3.4.0 are vulnerable to Prototype Pollution. The extend() method allows an attacker to modify the prototype for Object
causing changes in properties that will exist on all objects.
Remediation
Upgrade to version 3.4.0 or later.
Resources
Have content suggestions? Visit npmjs.com/support.
Advisory timeline
published
Advisory PublishedApr 23rd, 2019reported
Reported by asgerfApr 2nd, 2019