---
gem: jquery-rails
framework: rails
cve: 2019-11358
date: 2019-04-19
url: https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/
title: Prototype pollution attack through jQuery $.extend
description: |
  jQuery before 3.4.0 mishandles jQuery.extend(true, {}, ...) because of
  bject.prototype pollution. If an unsanitized source object contained an
  enumerable __proto__ property, it could extend the native Object.prototype.

cvss_v2: 4.3
cvss_v3: 6.1

patched_versions:
  - ">= 4.3.4"

related:
  url:
    - https://hackerone.com/reports/454365
    - https://github.com/jquery/jquery/pull/4333
    - https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b
    - https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#434