jquery package is vulnerable to Prototype Pollution. The
jQuery.fn.extend functions defined in many files allow an untrusted object to extend
NOTE: This vulnerability has been assigned CVE-2019-11358.
Advisory Deviation Notice: The Sonatype security research team discovered that the CVSS score of the vulnerability is 9.8, not 6.1 as the advisory states.