See on RubyGems

jquery-rails 4.3.1

4 security vulnerabilities found in version 4.3.1

Potential XSS vulnerability in jQuery

high severity CVE-2020-11023
high severity CVE-2020-11023
Patched versions: >= 4.4.0

Impact

Passing HTML containing <option> elements from untrusted sources - even after sanitizing them - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code.

Workarounds

To workaround this issue without upgrading, use DOMPurify with its SAFE_FOR_JQUERY option to sanitize the HTML string before passing it to a jQuery method.

jQuery Cross Site Scripting vulnerability

medium severity CVE-2020-23064
medium severity CVE-2020-23064
Patched versions: >= 4.4.0
Unaffected versions: < 4.1.0

Cross Site Scripting vulnerability in jQuery v.2.2.0 until v.3.5.0 allows a remote attacker to execute arbitrary code via the <options> element.

Potential XSS vulnerability in jQuery

medium severity CVE-2020-11022
medium severity CVE-2020-11022
Affected versions: < 4.4.0

Impact

Passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code.

Patches

This problem is patched in jQuery 3.5.0.

Workarounds

To workaround the issue without upgrading, adding the following to your code:

jQuery.htmlPrefilter = function( html ) {
	return html;
};

You need to use at least jQuery 1.12/2.2 or newer to be able to apply this workaround.

References

https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/ https://jquery.com/upgrade-guide/3.5/

For more information

If you have any questions or comments about this advisory, search for a relevant issue in the jQuery repo. If you don't find an answer, open a new issue.

Prototype pollution attack through jQuery $.extend

medium severity CVE-2019-11358
medium severity CVE-2019-11358
Patched versions: >= 4.3.4

jQuery before 3.4.0 mishandles jQuery.extend(true, {}, ...) because of bject.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype.

No officially reported memory leakage issues detected.

This gem version does not have any officially reported memory leaked issues.

No license issues detected.

This gem version has a license in the gemspec.

This gem version is available.

This gem version has not been yanked and is still available for usage.