Search...
Toggle theme

jQuery 2.2.X

Release Notes

2.2.6 - June 11, 2024

Notes

  • This release was the first release in the 2.2.x NES line where the Semantic Versioning was updated.
  • Full Version: 2.2.4-jquery-2.2.6

Bug Fixes

  • Removed doc references to an outdated and now malicious site (BDSA-2021-3651)

2.2.5 - March 7, 2024

Notes

  • This release originates from an open-source jQuery repository forked by HeroDevs. It encompasses modifications and further security updates implemented by HeroDevs to ensure successful building.
  • Full Version: 2.2.5

Bug Fixes

  • Wrap <option> element to prevent executing untrusted code
    • This fixes a Moderate Severity Potential XSS vulnerability (CVE-2020-11023)
  • Remove instances where HTML (from untrusted sources) is passed into a manipulation method
    • This fixes a Moderate Severity Potential XSS vulnerability (CVE-2020-11022)
  • Prevent Object.prototype pollution
    • This fixes a Moderate Severity XSS in jQuery vulnerability (CVE-2019-11358)
  • Prevent auto-execution of scripts when no explicit dataType was provided
    • This fixes a Moderate Severity Cross-Site Scripting (XSS) vulnerability (CVE-2015-9251)
jQuery 1.12.X
Release Notes
Lodash NES
Never-Ending Support for Lodash