HeroDevs
Visit jQuery NES Home Page

2 versions

Release Notes

Apr 22, 2025
Latest: 1.4.3
2 Patched Vulnerabilities
VEX Statements

April 2025

1.4.3

Released on Apr 22, 2025
CVE-2022-23395
CVE-2019-11358
Full Version: 
1.4.1-jquery-cookie-1.4.3

Notes

  • Full Version: @neverendingsupport/jquery-cookie@1.4.1-jquery-cookie-1.4.3

Bug Fixes

  • Avoid the use of the potentially vulnerable jQuery.extend() helper.
    • This is being done purely out of an abundance of caution in order to address CVE-2022-23395, even though it is actually a false positive. The actual vulnerability lies in certain versions of jQuery (see CVE-2019-11358) and the vulnerable code path was never triggered by the uses in jQuery Cookie anyway.

March 2025

1.4.2

Released on Mar 14, 2025
Full Version: 
1.4.1-jquery-cookie-1.4.2

Notes

  • This release contains no functional change from the OSS jQuery Cookie v1.4.1.
  • This release mainlines OSS v1.4.1 into NES v1.4.2.
  • Full Version: @neverendingsupport/jquery-cookie@1.4.1-jquery-cookie-1.4.2

Stay in the loop

~/herodevs-spring-framework-support

Open Source Support

When official support ends, we're just getting started.