CVE Security Report - SICS Operational Reporting Server
This report is generated on: 26.03.2020, 12:33:01 UTC using dependency-check version: 5.0.0.
The report contains data retrieved from the National Vulnerability Database: https://nvd.nist.gov, NPM Public Advisories: https://www.npmjs.com/advisories, and the RetireJS community.
| Name | Description | CWE | CVSS v2.0 Severity | CVSS v3.0 Severity | Dependency |
|---|---|---|---|---|---|
| Prototype pollution | Prototype pollution | angular.min.js | |||
| CVE-2019-11358 | jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, , …) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype. | CWE-79 | MEDIUM | MEDIUM | jquery.js |
| CVE-2019-11358 | jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, , …) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype. | CWE-79 | MEDIUM | MEDIUM | jquery.min.js |
| CVE-2019-11358 | jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, , …) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype. | CWE-79 | MEDIUM | MEDIUM | jquery.slim.js |
| CVE-2019-11358 | jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, , …) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype. | CWE-79 | MEDIUM | MEDIUM | jquery.slim.min.js |