[wp-trac] [WordPress Trac] #47020: jQuery Update 3.4.0 vulnerability

WordPress Trac noreply at wordpress.org
Tue Apr 23 20:07:15 UTC 2019

#47020: jQuery Update 3.4.0 vulnerability
 Reporter:  MikeNGarrett  |      Owner:  (none)
     Type:  defect (bug)  |     Status:  new
 Priority:  normal        |  Milestone:  Awaiting Review
Component:  General       |    Version:  5.1.1
 Severity:  normal        |   Keywords:
  Focuses:                |
 jQuery's latest release contains a fix for jQuery.extend which allows for
 unintended behavior which could lead to cross site scripting attacks.

 From [https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/ jQuery's
 3.4.0 release notes]:

  jQuery 3.4.0 includes a fix for some unintended behavior when using
 `jQuery.extend(true, {}, ...)`. If an unsanitized source object contained
 an enumerable `__proto__` property, it could extend the native
 Object.prototype. This fix is included in jQuery 3.4.0, but patch diffs
 exist to patch previous jQuery versions.

 This vulnerability affects all previous version of jQuery. As they mention
 in the release notes, "[https://github.com/DanielRuf/snyk-js-
 jquery-174006?files=1 patch diffs exist] to match previous jQuery

 For reference, [https://www.drupal.org/SA-CORE-2019-006 Drupal released a
 core patch] for 7 and 8 which replaced `jQuery.extend()` completely with
 minor changes compatible with all old versions of jQuery. See
 Drupal's core patch].

Ticket URL: <https://core.trac.wordpress.org/ticket/47020>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list