CVE-2019-11358

MITRE NVD CVE.ORG Print: PDF PDF

Summary

CVECVE-2019-11358
StatePUBLIC
Assigner[email protected]
Source PriorityCVE Program / NVD first with legacy fallback
Published2019-04-20 00:29:00 UTC
Updated2023-11-07 03:02:00 UTC
DescriptionjQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.

Risk And Classification

Problem Types: CWE-1321

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Application Backdropcms Backdrop All All All All
Application Backdropcms Backdrop All All All All
Operating System Debian Debian Linux 8.0 All All All
Operating System Debian Debian Linux 9.0 All All All
Operating System Debian Debian Linux 9.0 All All All
Application Drupal Drupal All All All All
Application Drupal Drupal All All All All
Operating System Fedoraproject Fedora 28 All All All
Operating System Fedoraproject Fedora 29 All All All
Operating System Fedoraproject Fedora 30 All All All
Application Joomla Joomla! All All All All
Application Jquery Jquery All All All All
Application Jquery Jquery All All All All
Operating System Juniper Junos 21.2 - All All
Application Netapp Oncommand System Manager All All All All
Application Netapp Snapcenter - All All All
Application Opensuse Backports Sle 15.0 sp1 All All
Operating System Opensuse Leap 15.1 All All All
Application Oracle Agile Product Lifecycle Management For Process 6.1 All All All
Application Oracle Agile Product Lifecycle Management For Process 6.2.0.0 All All All
Application Oracle Agile Product Lifecycle Management For Process 6.2.1.0 All All All
Application Oracle Agile Product Lifecycle Management For Process 6.2.2.0 All All All
Application Oracle Agile Product Lifecycle Management For Process 6.2.3.0 All All All
Application Oracle Application Express All All All All
Application Oracle Application Service Level Management 13.2.0.0 All All All
Application Oracle Application Service Level Management 13.3.0.0 All All All
Application Oracle Application Testing Suite 12.5.0.3 All All All
Application Oracle Application Testing Suite 13.1.0.1 All All All
Application Oracle Application Testing Suite 13.2 All All All
Application Oracle Application Testing Suite 13.2.0.1 All All All
Application Oracle Application Testing Suite 13.3 All All All
Application Oracle Application Testing Suite 13.3.0.1 All All All
Application Oracle Banking Digital Experience 18.1 All All All
Application Oracle Banking Digital Experience 18.2 All All All
Application Oracle Banking Digital Experience 18.3 All All All
Application Oracle Banking Digital Experience 19.1 All All All
Application Oracle Banking Digital Experience 19.2 All All All
Application Oracle Banking Digital Experience 20.1 All All All
Application Oracle Banking Enterprise Collections All All All All
Application Oracle Banking Platform All All All All
Application Oracle Big Data Discovery 1.6 All All All
Application Oracle Bi Publisher 12.2.1.3.0 All All All
Application Oracle Bi Publisher 12.2.1.4.0 All All All
Application Oracle Bi Publisher 5.5.0.0.0 All All All
Application Oracle Business Process Management Suite 12.2.1.3.0 All All All
Application Oracle Business Process Management Suite 12.2.1.4.0 All All All
Application Oracle Communications Analytics 12.1.1 All All All
Application Oracle Communications Application Session Controller 3.8m0 All All All
Application Oracle Communications Billing And Revenue Management 12.0 All All All
Application Oracle Communications Billing And Revenue Management 12.0.0.3.0 All All All
Application Oracle Communications Billing And Revenue Management 7.5 All All All
Application Oracle Communications Billing And Revenue Management 7.5.0.23.0 All All All
Application Oracle Communications Diameter Signaling Router 8.0.0 All All All
Application Oracle Communications Diameter Signaling Router 8.1 All All All
Application Oracle Communications Diameter Signaling Router 8.2 All All All
Application Oracle Communications Diameter Signaling Router 8.2.1 All All All
Application Oracle Communications Eagle Application Processor All All All All
Application Oracle Communications Element Manager 8.1.1 All All All
Application Oracle Communications Element Manager 8.2.0 All All All
Application Oracle Communications Element Manager 8.2.1 All All All
Application Oracle Communications Interactive Session Recorder All All All All
Application Oracle Communications Operations Monitor 3.4 All All All
Application Oracle Communications Operations Monitor 4.0 All All All
Application Oracle Communications Operations Monitor 4.1.0 All All All
Application Oracle Communications Operations Monitor All All All All
Application Oracle Communications Services Gatekeeper 7.0 All All All
Application Oracle Communications Session Report Manager 8.1.1 All All All
Application Oracle Communications Session Report Manager 8.2.0 All All All
Application Oracle Communications Session Report Manager 8.2.1 All All All
Application Oracle Communications Session Route Manager 8.1.1 All All All
Application Oracle Communications Session Route Manager 8.2.0 All All All
Application Oracle Communications Session Route Manager 8.2.1 All All All
Application Oracle Communications Unified Inventory Management 7.3 All All All
Application Oracle Communications Unified Inventory Management 7.4.0 All All All
Application Oracle Communications Webrtc Session Controller 7.2 All All All
Application Oracle Diagnostic Assistant 2.12.36 All All All
Application Oracle Enterprise Manager Ops Center 12.3.3 All All All
Application Oracle Enterprise Manager Ops Center 12.4.0 All All All
Application Oracle Enterprise Manager Ops Center 12.4.0.0 All All All
Application Oracle Enterprise Session Border Controller 8.4 All All All
Application Oracle Financial Services Analytical Applications Infrastructure All All All All
Application Oracle Financial Services Analytical Applications Infrastructure All All All All
Application Oracle Financial Services Analytical Applications Reconciliation Framework 8.1.0 All All All
Application Oracle Financial Services Analytical Applications Reconciliation Framework All All All All
Application Oracle Financial Services Asset Liability Management 8.1.0 All All All
Application Oracle Financial Services Asset Liability Management All All All All
Application Oracle Financial Services Balance Sheet Planning 8.0.8 All All All
Application Oracle Financial Services Basel Regulatory Capital Basic 8.1.0 All All All
Application Oracle Financial Services Basel Regulatory Capital Basic All All All All
Application Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach 8.1.0 All All All
Application Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach All All All All
Application Oracle Financial Services Data Foundation All All All All
Application Oracle Financial Services Data Governance For Us Regulatory Reporting All All All All
Application Oracle Financial Services Data Integration Hub 8.1.0 All All All
Application Oracle Financial Services Data Integration Hub All All All All
Application Oracle Financial Services Enterprise Financial Performance Analytics 8.0.6 All All All
Application Oracle Financial Services Enterprise Financial Performance Analytics 8.0.7 All All All
Application Oracle Financial Services Funds Transfer Pricing 8.1.0 All All All
Application Oracle Financial Services Funds Transfer Pricing All All All All
Application Oracle Financial Services Hedge Management And Ifrs Valuations 8.1.0 All All All
Application Oracle Financial Services Hedge Management And Ifrs Valuations All All All All
Application Oracle Financial Services Institutional Performance Analytics 8.1.0 All All All
Application Oracle Financial Services Institutional Performance Analytics All All All All
Application Oracle Financial Services Liquidity Risk Management 8.0.0.1.0 All All All
Application Oracle Financial Services Liquidity Risk Management 8.0.2 All All All
Application Oracle Financial Services Liquidity Risk Management 8.0.4.0.0 All All All
Application Oracle Financial Services Liquidity Risk Management 8.0.5.0.0 All All All
Application Oracle Financial Services Liquidity Risk Management 8.0.6 All All All
Application Oracle Financial Services Liquidity Risk Measurement And Management 8.0.7 All All All
Application Oracle Financial Services Liquidity Risk Measurement And Management 8.0.8 All All All
Application Oracle Financial Services Liquidity Risk Measurement And Management 8.1.0 All All All
Application Oracle Financial Services Loan Loss Forecasting And Provisioning 8.1.0 All All All
Application Oracle Financial Services Loan Loss Forecasting And Provisioning All All All All
Application Oracle Financial Services Market Risk Measurement And Management 8.0.5 All All All
Application Oracle Financial Services Market Risk Measurement And Management 8.0.6 All All All
Application Oracle Financial Services Market Risk Measurement And Management 8.0.8 All All All
Application Oracle Financial Services Price Creation And Discovery All All All All
Application Oracle Financial Services Profitability Management 8.1.0 All All All
Application Oracle Financial Services Profitability Management All All All All
Application Oracle Financial Services Regulatory Reporting For De Nederlandsche Bank 8.0.4 All All All
Application Oracle Financial Services Regulatory Reporting For European Banking Authority 8.0.6 All All All
Application Oracle Financial Services Regulatory Reporting For European Banking Authority 8.0.7 All All All
Application Oracle Financial Services Regulatory Reporting For Us Federal Reserve All All All All
Application Oracle Financial Services Retail Customer Analytics All All All All
Application Oracle Financial Services Retail Performance Analytics 8.0.6 All All All
Application Oracle Financial Services Retail Performance Analytics 8.0.7 All All All
Application Oracle Financial Services Revenue Management And Billing 2.4.0.0 All All All
Application Oracle Financial Services Revenue Management And Billing 2.4.0.1 All All All
Application Oracle Fusion Middleware Mapviewer 12.2.1.3.0 All All All
Application Oracle Healthcare Foundation 7.1.1 All All All
Application Oracle Healthcare Foundation 7.2.0 All All All
Application Oracle Healthcare Foundation 7.2.2 All All All
Application Oracle Healthcare Foundation 7.3.0 All All All
Application Oracle Healthcare Translational Research 3.1.0 All All All
Application Oracle Healthcare Translational Research 3.2.1 All All All
Application Oracle Healthcare Translational Research 3.3.1 All All All
Application Oracle Healthcare Translational Research 3.3.2 All All All
Application Oracle Healthcare Translational Research 3.4.0 All All All
Application Oracle Hospitality Guest Access 4.2.0 All All All
Application Oracle Hospitality Guest Access 4.2.1 All All All
Application Oracle Hospitality Materials Control 18.1 All All All
Application Oracle Hospitality Simphony 18.1 All All All
Application Oracle Hospitality Simphony 18.2 All All All
Application Oracle Hospitality Simphony All All All All
Application Oracle Identity Manager 12.2.1.3.0 All All All
Application Oracle Insurance Accounting Analyzer 8.0.9 All All All
Application Oracle Insurance Allocation Manager For Enterprise Profitability 8.0.8 All All All
Application Oracle Insurance Allocation Manager For Enterprise Profitability 8.1.0 All All All
Application Oracle Insurance Data Foundation All All All All
Application Oracle Insurance Ifrs 17 Analyzer 8.0.6 All All All
Application Oracle Insurance Ifrs 17 Analyzer 8.0.7 All All All
Application Oracle Insurance Insbridge Rating And Underwriting 5.6.1.0 All All All
Application Oracle Insurance Insbridge Rating And Underwriting All All All All
Application Oracle Insurance Performance Insight 8.0.7 All All All
Application Oracle Jdeveloper 11.1.1.9.0 All All All
Application Oracle Jdeveloper 12.2.1.3.0 All All All
Application Oracle Jdeveloper 12.2.1.4.0 All All All
Application Oracle Jdeveloper And Adf 11.1.1.9.0 All All All
Application Oracle Jdeveloper And Adf 12.1.3.0.0 All All All
Application Oracle Jdeveloper And Adf 12.2.1.3.0 All All All
Application Oracle Jd Edwards Enterpriseone Tools 9.2 All All All
Application Oracle Knowledge All All All All
Application Oracle Peoplesoft Enterprise Peopletools 8.55 All All All
Application Oracle Peoplesoft Enterprise Peopletools 8.56 All All All
Application Oracle Peoplesoft Enterprise Peopletools 8.57 All All All
Application Oracle Peoplesoft Enterprise Peopletools 8.58 All All All
Application Oracle Policy Automation 10.4.7 All All All
Application Oracle Policy Automation 12.1.0 All All All
Application Oracle Policy Automation 12.1.1 All All All
Application Oracle Policy Automation All All All All
Application Oracle Policy Automation Connector For Siebel 10.4.6 All All All
Application Oracle Policy Automation For Mobile Devices All All All All
Application Oracle Primavera Gateway 15.2.18 All All All
Application Oracle Primavera Gateway All All All All
Application Oracle Primavera Gateway All All All All
Application Oracle Primavera Gateway All All All All
Application Oracle Primavera Gateway All All All All
Application Oracle Primavera Unifier 16.1 All All All
Application Oracle Primavera Unifier 16.2 All All All
Application Oracle Primavera Unifier 18.8 All All All
Application Oracle Primavera Unifier All All All All
Application Oracle Real-time Scheduler All All All All
Application Oracle Rest Data Services 11.2.0.4 All All All
Application Oracle Rest Data Services 12.1.0.2 All All All
Application Oracle Rest Data Services 12.2.0.1 All All All
Application Oracle Rest Data Services 18c All All All
Application Oracle Rest Data Services 19c All All All
Application Oracle Retail Back Office 14.0 All All All
Application Oracle Retail Back Office 14.1 All All All
Application Oracle Retail Central Office 14.0 All All All
Application Oracle Retail Central Office 14.1 All All All
Application Oracle Retail Customer Insights 15.0 All All All
Application Oracle Retail Customer Insights 16.0 All All All
Application Oracle Retail Customer Management And Segmentation Foundation 18.0 All All All
Application Oracle Retail Customer Management And Segmentation Foundation 19.0 All All All
Application Oracle Retail Point-of-service 14.0 All All All
Application Oracle Retail Point-of-service 14.1 All All All
Application Oracle Retail Returns Management 14.0 All All All
Application Oracle Retail Returns Management 14.1 All All All
Application Oracle Service Bus 11.1.1.9.0 All All All
Application Oracle Service Bus 12.1.3.0.0 All All All
Application Oracle Service Bus 12.2.1.3.0 All All All
Application Oracle Siebel Mobile Applications All All All All
Application Oracle Siebel Ui Framework 20.8 All All All
Application Oracle Storagetek Tape Analytics Sw Tool 2.3.0 All All All
Application Oracle System Utilities 19.1 All All All
Application Oracle Tape Library Acsls 8.5 All All All
Application Oracle Tape Library Acsls 8.5.1 All All All
Application Oracle Transportation Management 1.4.3 All All All
Application Oracle Utilities Mobile Workforce Management All All All All
Application Oracle Webcenter Sites 12.2.1.3.0 All All All
Application Oracle Weblogic Server 10.3.6.0.0 All All All
Application Oracle Weblogic Server 12.1.3.0.0 All All All
Application Oracle Weblogic Server 12.2.1.3.0 All All All
Application Oracle Weblogic Server 12.2.1.4.0 All All All
Application Oracle Weblogic Server 14.1.1.0.0 All All All
Application Redhat Cloudforms 4.7 All All All
Application Redhat Virtualization Manager 4.3 All All All

References

ReferenceSourceLinkTags
Pony Mail! MLIST lists.apache.org Mailing List, Third Party Advisory
[SECURITY] Fedora 30 Update: drupal8-8.6.15-1.fc30 - package-announce - Fedora Mailing-Lists FEDORA lists.fedoraproject.org Third Party Advisory
[SECURITY] Fedora 30 Update: drupal7-7.66-1.fc30 - package-announce - Fedora Mailing-Lists lists.fedoraproject.org
Red Hat Customer Portal REDHAT access.redhat.com Third Party Advisory
[SECURITY] Fedora 30 Update: drupal8-8.6.15-1.fc30 - package-announce - Fedora Mailing-Lists lists.fedoraproject.org
Pony Mail! lists.apache.org
[SECURITY] [DLA 1777-1] jquery security update MLIST lists.debian.org Mailing List, Third Party Advisory
Pony Mail! MLIST lists.apache.org Mailing List, Third Party Advisory
Bugtraq: [SECURITY] [DSA 4460-1] mediawiki security update BUGTRAQ seclists.org Issue Tracking, Mailing List, Third Party Advisory
dotCMS 5.1.1 Vulnerable Dependencies ≈ Packet Storm MISC packetstormsecurity.com Third Party Advisory, VDB Entry
Pony Mail! lists.apache.org
[SECURITY] [DLA 2118-1] otrs2 security update MLIST lists.debian.org Mailing List, Third Party Advisory
Pony Mail! MLIST lists.apache.org Mailing List, Third Party Advisory
Pony Mail! MLIST lists.apache.org Mailing List, Third Party Advisory
Pony Mail! MLIST lists.apache.org Mailing List, Third Party Advisory
Pony Mail! lists.apache.org
Oracle Critical Patch Update Advisory - July 2020 MISC www.oracle.com Third Party Advisory
[SECURITY] Fedora 28 Update: drupal8-8.6.15-1.fc28 - package-announce - Fedora Mailing-Lists FEDORA lists.fedoraproject.org Third Party Advisory
Pony Mail! MLIST lists.apache.org Mailing List, Third Party Advisory
Prototype Pollution in jquery | Snyk MISC snyk.io Patch, Third Party Advisory
Pony Mail! MLIST lists.apache.org Mailing List, Third Party Advisory
Pony Mail! lists.apache.org
oss-security - Django: CVE-2019-12308 AdminURLFieldWidget XSS (plus patched bundled jQuery for CVE-2019-11358) MLIST www.openwall.com Mailing List, Patch, Third Party Advisory
jQuery 3.4.0 Released | Official jQuery Blog MISC blog.jquery.com Vendor Advisory
[SECURITY] Fedora 30 Update: drupal7-7.66-1.fc30 - package-announce - Fedora Mailing-Lists FEDORA lists.fedoraproject.org Third Party Advisory
Pony Mail! lists.apache.org
[security-announce] openSUSE-SU-2019:1839-1: moderate: Security update f SUSE lists.opensuse.org Mailing List, Third Party Advisory
Pony Mail! MLIST lists.apache.org Mailing List, Third Party Advisory
[SECURITY] Fedora 29 Update: drupal7-7.66-1.fc29 - package-announce - Fedora Mailing-Lists lists.fedoraproject.org
[SECURITY] [DLA 1797-1] drupal7 security update MLIST lists.debian.org Mailing List, Third Party Advisory
Pony Mail! MLIST lists.apache.org Mailing List, Third Party Advisory
Core: Prevent Object.prototype pollution for $.extend( true, ... ) by mgol · Pull Request #4333 · jquery/jquery · GitHub MISC github.com Patch, Third Party Advisory
Oracle Critical Patch Update Advisory - October 2020 MISC www.oracle.com Third Party Advisory
Pony Mail! MLIST lists.apache.org Mailing List, Third Party Advisory
Oracle Critical Patch Update Advisory - July 2021 N/A www.oracle.com
Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2019-006 | Drupal.org MISC www.drupal.org Patch, Third Party Advisory
Synology Inc. CONFIRM www.synology.com Third Party Advisory
Full Disclosure: dotCMS v5.1.1 HTML Injection & XSS Vulnerability FULLDISC seclists.org Mailing List, Patch, Third Party Advisory
Pony Mail! MLIST lists.apache.org Mailing List, Third Party Advisory
RetireJS CORS Issue / Script Execution ≈ Packet Storm MISC packetstormsecurity.com Third Party Advisory, VDB Entry
Core: Prevent Object.prototype pollution for $.extend( true, ... ) · jquery/jquery@753d591 · GitHub MISC github.com Patch, Third Party Advisory
Pony Mail! lists.apache.org
Oracle Critical Patch Update Advisory - October 2021 MISC www.oracle.com
JQuery CVE-2019-11358 Cross Site Scripting Vulnerability BID www.securityfocus.com Third Party Advisory, VDB Entry
[R1] Nessus Network Monitor 5.11.0 Fixes Multiple Third-party Vulnerabilities - Security Advisory | Tenable® CONFIRM www.tenable.com Third Party Advisory
Pony Mail! lists.apache.org
OctoberCMS Insecure Dependencies ≈ Packet Storm MISC packetstormsecurity.com Third Party Advisory, VDB Entry
Public KB - SA44601 - 2020-10: Security Bulletin: Multiple Vulnerabilities Resolved in Pulse Connect Secure / Pulse Policy Secure / Pulse Secure Desktop Client 9.1R9 CONFIRM kb.pulsesecure.net Third Party Advisory
[SECURITY] Fedora 28 Update: drupal7-7.66-1.fc28 - package-announce - Fedora Mailing-Lists FEDORA lists.fedoraproject.org Third Party Advisory
Pony Mail! lists.apache.org
Oracle Critical Patch Update Advisory - January 2022 MISC www.oracle.com
Debian -- Security Information -- DSA-4434-1 drupal7 DEBIAN www.debian.org Third Party Advisory
[R1] Tenable.sc 5.14.0 Fixes Multiple Vulnerabilities - Security Advisory | Tenable® CONFIRM www.tenable.com Third Party Advisory
[SECURITY] [DLA 3551-1] otrs2 security update MLIST lists.debian.org
Red Hat Customer Portal REDHAT access.redhat.com Third Party Advisory
[SECURITY] Fedora 29 Update: drupal8-8.6.15-1.fc29 - package-announce - Fedora Mailing-Lists lists.fedoraproject.org
[SECURITY] Fedora 28 Update: drupal8-8.6.15-1.fc28 - package-announce - Fedora Mailing-Lists lists.fedoraproject.org
Pony Mail! lists.apache.org
Full Disclosure: dotCMS v5.1.1 Vulnerabilities FULLDISC seclists.org Mailing List, Third Party Advisory
CEC Juniper Community MISC supportportal.juniper.net
Pony Mail! lists.apache.org
Pony Mail! MLIST lists.apache.org Mailing List, Third Party Advisory
Oracle Critical Patch Update - July 2019 MISC www.oracle.com Third Party Advisory
Full Disclosure: Re: dotCMS v5.1.1 HTML Injection & XSS Vulnerability FULLDISC seclists.org Mailing List, Patch, Third Party Advisory
Red Hat Customer Portal REDHAT access.redhat.com Third Party Advisory
Pony Mail! MLIST lists.apache.org Mailing List, Third Party Advisory
[SECURITY] Fedora 28 Update: drupal7-7.66-1.fc28 - package-announce - Fedora Mailing-Lists lists.fedoraproject.org
Backdrop core - Moderately critical - Cross Site Scripting - SA-CORE-2019-009 | Backdrop CMS MISC backdropcms.org Third Party Advisory
Pony Mail! lists.apache.org
[SECURITY] Fedora 29 Update: drupal8-8.6.15-1.fc29 - package-announce - Fedora Mailing-Lists FEDORA lists.fedoraproject.org Third Party Advisory
Pony Mail! lists.apache.org
Red Hat Customer Portal REDHAT access.redhat.com Third Party Advisory
Pony Mail! MLIST lists.apache.org Mailing List, Third Party Advisory
Bugtraq: [SECURITY] [DSA 4434-1] drupal7 security update BUGTRAQ seclists.org Issue Tracking, Mailing List, Third Party Advisory
Pony Mail! lists.apache.org
Pony Mail! MLIST lists.apache.org Mailing List, Third Party Advisory
Pony Mail! MLIST lists.apache.org Mailing List, Third Party Advisory
Oracle Critical Patch Update - October 2019 MISC www.oracle.com Third Party Advisory
Oracle Critical Patch Update Advisory - January 2020 MISC www.oracle.com Third Party Advisory
Pony Mail! lists.apache.org
Pony Mail! lists.apache.org
Bugtraq: dotCMS v5.1.1 Vulnerabilities BUGTRAQ seclists.org Issue Tracking, Mailing List, Patch, Third Party Advisory
Pony Mail! lists.apache.org
Pony Mail! MLIST lists.apache.org Mailing List, Third Party Advisory
Pony Mail! lists.apache.org
Oracle Critical Patch Update Advisory - April 2020 N/A www.oracle.com Third Party Advisory
Pony Mail! lists.apache.org
Red Hat Customer Portal REDHAT access.redhat.com Third Party Advisory
Mitigating CVE-2019-11358 in old versions of jQuery – PrivacyWise MISC www.privacy-wise.com Patch, Third Party Advisory
[SECURITY] Fedora 29 Update: drupal7-7.66-1.fc29 - package-announce - Fedora Mailing-Lists FEDORA lists.fedoraproject.org Third Party Advisory
Debian -- Security Information -- DSA-4460-1 mediawiki DEBIAN www.debian.org Third Party Advisory
Pony Mail! MLIST lists.apache.org Mailing List, Third Party Advisory
CVE-2019-11358 jQuery Vulnerability in NetApp Products | NetApp Product Security CONFIRM security.netapp.com Third Party Advisory
Oracle Critical Patch Update Advisory - April 2021 MISC www.oracle.com
[security-announce] openSUSE-SU-2019:1872-1: moderate: Security update f SUSE lists.opensuse.org Mailing List, Third Party Advisory
Pony Mail! MLIST lists.apache.org Mailing List, Third Party Advisory
Oracle Critical Patch Update Advisory - January 2021 MISC www.oracle.com Third Party Advisory
Pony Mail! lists.apache.org
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis

Legacy QID Mappings

  • 159652 Oracle Enterprise Linux Security Update for idm:dl1 and idm:client (ELSA-2020-4670)
  • 159679 Oracle Enterprise Linux Security Update for pki-core:10.6 and pki-deps:10.6 (ELSA-2020-4847)
  • 160196 Oracle Enterprise Linux Security Update for pcs (ELSA-2022-7343)
  • 20288 Oracle Database 19c Critical OJVM Patch Update - October 2020
  • 20297 Oracle Database 18c Critical OJVM Patch Update - October 2020
  • 20313 Oracle Database 12.2.0.1 Critical OJVM Patch Update - October 2020
  • 240808 Red Hat Update for pcs (RHSA-2022:7343)
  • 241153 Red Hat Update for JBoss Enterprise Application Platform 7.4.9 (RHSA-2023:0554)
  • 241154 Red Hat Update for JBoss Enterprise Application Platform 7.4.9 (RHSA-2023:0552)
  • 241155 Red Hat Update for JBoss Enterprise Application Platform 7.4.9 (RHSA-2023:0553)
  • 296073 Oracle Solaris 11.4 Support Repository Update (SRU) 24.75.2 Missing (CPUJUL2020)
  • 354653 Amazon Linux Security Advisory for pcs : ALAS2-2023-1905
  • 375425 Oracle BI Publisher Multiple Vulnerabilities(CPUOCT2020)
  • 377492 Alibaba Cloud Linux Security Update for ipa (ALINUX2-SA-2020:0169)
  • 377817 Alibaba Cloud Linux Security Update for pcs (ALINUX2-SA-2022:0056)
  • 6000085 Debian Security Update for otrs2 (DLA 3551-1)
  • 670245 EulerOS Security Update for pki-core (EulerOS-SA-2021-1831)
  • 670927 EulerOS Security Update for pki-core (EulerOS-SA-2020-2560)
  • 940071 AlmaLinux Security Update for idm:DL1 and idm:client (ALSA-2020:4670)
  • 940348 AlmaLinux Security Update for pki-core:10.6 and pki-deps:10.6 (ALSA-2020:4847)
  • 960340 Rocky Linux Security Update for idm:DL1 and idm:client (RLSA-2020:4670)
  • 960454 Rocky Linux Security Update for pki-core:10.6 and pki-deps:10.6 (RLSA-2020:4847)
  • 960746 Rocky Linux Security Update for pcs (RLSA-2021:4142)
  • 980287 Nodejs (npm) Security Update for jquery (GHSA-6c3j-c64m-qhgq)
  • 995283 Python (Pip) Security Update for django (GHSA-6c3j-c64m-qhgq)
  • 995464 Java (Maven) Security Update for org.webjars.npm:jquery (GHSA-6c3j-c64m-qhgq)
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report