ID JOOMLA-816 Type joomla Reporter Open Source Matters, Inc. Modified 2020-06-02T00:00:00
Description
The jQuery project released version 3.5.0, and as part of that, disclosed two security vulnerabilities that affect all prior versions. As mentioned in the jQuery blog, both are "[...] security issues in jQuery’s DOM manipulation methods, as in .html(), .append(), and the others."
The Drupal project has backported the relevant fixes back to jQuery 1.x and Joomla has adopted that patch.
{"id": "JOOMLA-816", "bulletinFamily": "software", "title": "[20200604] - Core - XSS in jQuery.htmlPrefilter", "description": "The jQuery project released version 3.5.0, and as part of that, disclosed two security vulnerabilities that affect all prior versions. As mentioned in the jQuery blog, both are \"[...] security issues in jQuery\u2019s DOM manipulation methods, as in .html(), .append(), and the others.\"\n\nThe Drupal project has backported the relevant fixes back to jQuery 1.x and Joomla has adopted that patch.\n", "published": "2020-06-02T00:00:00", "modified": "2020-06-02T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "href": "https://developer.joomla.org/security-centre/816-20200604-core-xss-in-jquery-htmlprefilter.html?highlight=WyJleHBsb2l0Il0=", "reporter": "Open Source Matters, Inc.", "references": [], "cvelist": ["CVE-2020-11023", "CVE-2020-11022"], "type": "joomla", "lastseen": "2020-12-24T13:21:26", "edition": 2, "viewCount": 34, "enchantments": {"dependencies": {"references": [{"type": "atlassian", "idList": ["ATLASSIAN:JRASERVER-72052"]}, {"type": "cve", "idList": ["CVE-2020-11023", "CVE-2020-11022"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310143813", "OPENVAS:1361412562310108764", "OPENVAS:1361412562310143812", "OPENVAS:1361412562310144145", "OPENVAS:1361412562310704693", "OPENVAS:1361412562310877975", "OPENVAS:1361412562310877925", "OPENVAS:1361412562310108811", "OPENVAS:1361412562310144144"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_CD2DC126CFE411EA91724C72B94353B5.NASL", "DRUPAL_8_8_6.NASL", "FEDORA_2020-0B32A59B54.NASL", "OPENSUSE-2020-1888.NASL", "FEDORA_2020-36D2DB5F51.NASL", "JQUERY_CVE-2020-11022.NASL", "DEBIAN_DSA-4693.NASL", "FEDORA_2020-FBB94073A1.NASL", "ORACLE_WEBCENTER_SITES_JAN_2021_CPU.NASL", "GENTOO_GLSA-202007-03.NASL"]}, {"type": "fedora", "idList": ["FEDORA:5F36E6079A0D", "FEDORA:77A873096A19", "FEDORA:DC7DF3111B2E", "FEDORA:9BFED31347B3", "FEDORA:3AEB830B2656", "FEDORA:C7AFE309727E", "FEDORA:86D5D3097097"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4693-1:F5786"]}, {"type": "drupal", "idList": ["DRUPAL-SA-CORE-2020-002"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:1060-1", "OPENSUSE-SU-2020:1106-1", "OPENSUSE-SU-2020:1888-1"]}, {"type": "hp", "idList": ["HP:C06911998"]}, {"type": "redhat", "idList": ["RHSA-2020:2813", "RHSA-2020:4211", "RHSA-2020:5412", "RHSA-2020:4847", "RHSA-2020:3247", "RHSA-2020:3807", "RHSA-2020:2412", "RHSA-2020:5249", "RHSA-2020:2362", "RHSA-2020:2217"]}, {"type": "typo3", "idList": ["TYPO3-EXT-SA-2020-015"]}, {"type": "gentoo", "idList": ["GLSA-202007-03"]}, {"type": "freebsd", "idList": ["1FB13175-ED52-11EA-8B93-001B217B3468", "CD2DC126-CFE4-11EA-9172-4C72B94353B5"]}, {"type": "nodejs", "idList": ["NODEJS:1518"]}, {"type": "github", "idList": ["GHSA-GXR4-XJJ5-5PX2", "GHSA-JPCQ-CGW6-V4J6"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-3936"]}, {"type": "centos", "idList": ["CESA-2020:3936"]}, {"type": "amazon", "idList": ["ALAS2-2020-1519"]}, {"type": "oracle", "idList": ["ORACLE:CPUJUL2020", "ORACLE:CPUOCT2020"]}], "modified": "2020-12-24T13:21:26", "rev": 2}, "score": {"value": 5.1, "vector": "NONE", "modified": "2020-12-24T13:21:26", "rev": 2}, "vulnersScore": 5.1}, "affectedSoftware": [{"name": "joomla! cms", "operator": "lt", "version": "3.9.19"}], "scheme": null}
{"atlassian": [{"lastseen": "2021-02-09T05:36:11", "bulletinFamily": "software", "cvelist": ["CVE-2020-11023", "CVE-2020-11022"], "description": "Affected versions of Atlassian Jira Server and Data Center use a version of jQuery that is vulnerable to\u00a0CVE-2020-11022 and CVE-2020-11023. These allow an unauthenticated attacker to inject Javascript into the application via Cross-Site Scripting (XSS) vulnerabilities.\r\n\r\n\u00a0\r\n\r\nThe affected versions are before version 8.15.0.\r\n\r\n\u00a0\r\n\r\n*Affected versions:*\r\n * version < 8.15.0\r\n\r\n*Fixed versions:*\r\n * 8.15.0 \u00a0", "edition": 2, "modified": "2021-02-09T02:09:59", "published": "2021-02-02T09:59:24", "id": "ATLASSIAN:JRASERVER-72052", "href": "https://jira.atlassian.com/browse/JRASERVER-72052", "title": "Update jQuery to avoid CVE-2020-11022 and CVE-2020-11023", "type": "atlassian", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "cve": [{"lastseen": "2021-02-19T14:31:57", "description": "In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.", "edition": 31, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 2.7}, "published": "2020-04-29T22:15:00", "title": "CVE-2020-11022", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11022"], "modified": "2021-02-18T13:44:00", "cpe": ["cpe:/a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0", "cpe:/a:oracle:financial_services_funds_transfer_pricing:8.0.7", "cpe:/a:oracle:retail_back_office:14.0", "cpe:/a:oracle:financial_services_institutional_performance_analytics:8.0.7", "cpe:/a:oracle:communications_diameter_signaling_router_idih\\:8.2.2", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.2.20", "cpe:/a:oracle:insurance_insbridge_rating_and_underwriting:5.6.0.0", "cpe:/a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0", "cpe:/a:oracle:healthcare_foundation:7.1.1", "cpe:/a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0", "cpe:/a:oracle:weblogic_server:10.3.6.0.0", "cpe:/a:oracle:financial_services_market_risk_measurement_and_management:8.0.8", "cpe:/a:oracle:weblogic_server:12.2.1.3.0", "cpe:/a:oracle:financial_services_basel_regulatory_capital_basic:8.0.8", "cpe:/a:oracle:financial_services_data_integration_hub:8.1.0", "cpe:/a:oracle:financial_services_institutional_performance_analytics:8.0.6", "cpe:/a:oracle:hospitality_simphony:18.2", "cpe:/a:oracle:siebel_ui_framework:20.8", "cpe:/o:netapp:h700e_firmware:-", "cpe:/a:oracle:healthcare_foundation:7.3.0", "cpe:/a:oracle:weblogic_server:12.2.1.4.0", "cpe:/a:oracle:financial_services_profitability_management:8.0.6", "cpe:/a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.8", "cpe:/a:oracle:healthcare_foundation:7.2.1", "cpe:/a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:8.1.0", "cpe:/a:oracle:banking_digital_experience:19.1", "cpe:/a:oracle:financial_services_analytical_applications_reconciliation_framework:8.0.8", "cpe:/o:opensuse:leap:15.1", "cpe:/a:oracle:jdeveloper:12.2.1.3.0", "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.58", "cpe:/a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0", "cpe:/a:oracle:financial_services_asset_liability_management:8.0.7", "cpe:/a:oracle:communications_billing_and_revenue_management:12.0.0.3.0", "cpe:/a:oracle:financial_services_data_integration_hub:8.0.6", "cpe:/a:oracle:financial_services_data_governance_for_us_regulatory_reporting:8.0.9", "cpe:/a:oracle:communications_billing_and_revenue_management:7.5.0.23.0", "cpe:/o:netapp:h300s_firmware:-", "cpe:/a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8", "cpe:/a:oracle:financial_services_funds_transfer_pricing:8.0.6", "cpe:/a:netapp:oncommand_insight:-", "cpe:/a:oracle:financial_services_profitability_management:8.1.0", "cpe:/a:oracle:financial_services_market_risk_measurement_and_management:8.0.6", "cpe:/a:oracle:financial_services_funds_transfer_pricing:8.1.0", "cpe:/o:netapp:h410c_firmware:-", "cpe:/o:fedoraproject:fedora:32", "cpe:/a:oracle:financial_services_data_integration_hub:8.0.7", "cpe:/a:netapp:snapcenter:-", "cpe:/a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0", "cpe:/a:oracle:application_testing_suite:13.3.0.1", "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.56", "cpe:/a:oracle:banking_digital_experience:19.2", "cpe:/a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0", "cpe:/a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8", "cpe:/a:oracle:financial_services_liquidity_risk_management:8.0.6", "cpe:/a:oracle:financial_services_asset_liability_management:8.0.6", "cpe:/o:netapp:h500s_firmware:-", "cpe:/a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0", "cpe:/a:oracle:weblogic_server:12.1.3.0.0", "cpe:/a:oracle:banking_digital_experience:20.1", "cpe:/a:oracle:healthcare_foundation:7.2.0", "cpe:/a:oracle:financial_services_analytical_applications_infrastructure:8.1.0.0.0", "cpe:/a:oracle:financial_services_balance_sheet_planning:8.0.8", "cpe:/o:opensuse:leap:15.2", "cpe:/a:oracle:financial_services_price_creation_and_discovery:8.0.6", "cpe:/a:opensuse:backports_sle:15.0", "cpe:/a:oracle:retail_customer_management_and_segmentation_foundation:19.0", "cpe:/a:oracle:financial_services_data_foundation:8.1.0", "cpe:/a:oracle:hospitality_simphony:19.1.2", "cpe:/a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7", "cpe:/o:netapp:h500e_firmware:-", "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.57", "cpe:/a:oracle:hospitality_materials_control:18.1", "cpe:/a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve:8.0.9", "cpe:/a:oracle:enterprise_session_border_controller:8.4", "cpe:/a:oracle:weblogic_server:14.1.1.0.0", "cpe:/a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.8", "cpe:/a:oracle:hospitality_simphony:18.1", "cpe:/a:oracle:agile_product_supplier_collaboration_for_process:6.2.0.0", "cpe:/a:oracle:insurance_accounting_analyzer:8.0.9", "cpe:/a:oracle:banking_digital_experience:18.3", "cpe:/a:oracle:financial_services_profitability_management:8.0.7", "cpe:/a:oracle:financial_services_price_creation_and_discovery:8.0.7", "cpe:/a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.8", "cpe:/o:fedoraproject:fedora:33", "cpe:/a:oracle:financial_services_asset_liability_management:8.1.0", "cpe:/a:oracle:communications_webrtc_session_controller:7.2", "cpe:/a:oracle:banking_digital_experience:18.2", "cpe:/a:oracle:jdeveloper:12.2.1.4.0", "cpe:/a:oracle:jdeveloper:11.1.1.9.0", "cpe:/a:oracle:retail_returns_management:14.0", "cpe:/a:oracle:enterprise_manager_ops_center:12.4.0.0", "cpe:/a:oracle:communications_application_session_controller:3.8m0", "cpe:/a:netapp:snap_creator_framework:-", "cpe:/a:oracle:policy_automation_connector_for_siebel:10.4.6", "cpe:/a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0", "cpe:/a:oracle:financial_services_institutional_performance_analytics:8.1.0", "cpe:/a:oracle:retail_returns_management:14.1", "cpe:/o:fedoraproject:fedora:31", "cpe:/a:oracle:insurance_data_foundation:8.1.0", "cpe:/o:netapp:h300e_firmware:-", "cpe:/o:netapp:h410s_firmware:-", "cpe:/a:oracle:policy_automation:12.2.20", "cpe:/a:oracle:banking_digital_experience:18.1", "cpe:/a:netapp:oncommand_system_manager:3.1.3", "cpe:/a:oracle:retail_back_office:14.1", "cpe:/o:netapp:h700s_firmware:-", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2020-11022", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-11022", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:hospitality_simphony:18.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:healthcare_foundation:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:8.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_returns_management:14.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:siebel_ui_framework:20.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_data_foundation:8.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:hospitality_simphony:19.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_back_office:14.0:*:*:*:*:*:*:*", "cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:8.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:agile_product_supplier_collaboration_for_process:6.2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:healthcare_foundation:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:healthcare_foundation:7.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_data_foundation:8.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\\:8.2.2:*:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_profitability_management:8.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:healthcare_foundation:7.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:oncommand_system_manager:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:hospitality_simphony:18.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve:8.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.20:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.2.20:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.0.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-26T14:24:05", "description": "In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.", "edition": 34, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 2.7}, "published": "2020-04-29T21:15:00", "title": "CVE-2020-11023", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-11023"], "modified": "2021-02-25T15:17:00", "cpe": ["cpe:/a:oracle:primavera_gateway:19.12.4", "cpe:/a:oracle:primavera_gateway:18.8.9", "cpe:/a:oracle:communications_session_report_manager:8.1.1", "cpe:/a:oracle:communications_operations_monitor:4.3", "cpe:/a:oracle:communications_interactive_session_recorder:6.4", "cpe:/a:oracle:weblogic_server:12.2.1.3.0", "cpe:/a:oracle:banking_enterprise_collections:2.8.0", "cpe:/a:oracle:communications_operations_monitor:3.4", "cpe:/o:netapp:h700e_firmware:-", "cpe:/a:oracle:storagetek_tape_analytics_sw_tool:2.3.1", "cpe:/a:oracle:weblogic_server:12.2.1.4.0", "cpe:/a:oracle:rest_data_services:12.1.0.2", "cpe:/a:oracle:communications_session_route_manager:8.2.0", "cpe:/a:oracle:communications_element_manager:8.1.1", "cpe:/a:oracle:healthcare_translational_research:3.3.1", "cpe:/o:opensuse:leap:15.1", "cpe:/a:oracle:hyperion_financial_reporting:11.1.2.4", "cpe:/a:oracle:rest_data_services:11.2.0.4", "cpe:/a:netapp:snapcenter_server:-", "cpe:/a:oracle:rest_data_services:12.2.0.1", "cpe:/a:oracle:financial_services_regulatory_reporting_for_de_nederlandsche_bank:8.0.4", "cpe:/o:netapp:h300s_firmware:-", "cpe:/a:netapp:oncommand_insight:-", "cpe:/o:netapp:h410c_firmware:-", "cpe:/a:oracle:healthcare_translational_research:3.3.2", "cpe:/o:fedoraproject:fedora:32", "cpe:/a:oracle:communications_element_manager:8.2.1", "cpe:/a:oracle:application_testing_suite:13.3.0.1", "cpe:/o:netapp:h500s_firmware:-", "cpe:/a:oracle:communications_session_report_manager:8.2.1", "cpe:/a:oracle:weblogic_server:12.1.3.0.0", "cpe:/a:oracle:communications_element_manager:8.2.0", "cpe:/o:opensuse:leap:15.2", "cpe:/a:oracle:communications_session_report_manager:8.2.0", "cpe:/a:oracle:webcenter_sites:12.2.1.4.0", "cpe:/a:oracle:communications_session_route_manager:8.1.1", "cpe:/a:opensuse:backports_sle:15.0", "cpe:/a:oracle:webcenter_sites:12.2.1.3.0", "cpe:/a:oracle:communications_analytics:12.1.1", "cpe:/a:oracle:healthcare_translational_research:3.2.1", "cpe:/o:netapp:h500e_firmware:-", "cpe:/a:oracle:weblogic_server:14.1.1.0.0", "cpe:/a:oracle:primavera_gateway:16.2.11", "cpe:/a:oracle:primavera_gateway:17.12.7", "cpe:/o:fedoraproject:fedora:33", "cpe:/a:oracle:rest_data_services:19c", "cpe:/a:oracle:peoplesoft_enterprise_human_capital_management_resources:9.2", "cpe:/a:oracle:rest_data_services:18c", "cpe:/a:oracle:siebel_mobile:20.12", "cpe:/a:netapp:snap_creator_framework:-", "cpe:/a:oracle:communications_session_route_manager:8.2.1", "cpe:/a:oracle:banking_platform:2.10.0", "cpe:/a:oracle:healthcare_translational_research:3.4.0", "cpe:/o:fedoraproject:fedora:31", "cpe:/o:netapp:h300e_firmware:-", "cpe:/o:netapp:h410s_firmware:-", "cpe:/a:netapp:oncommand_system_manager:3.1.3", "cpe:/o:netapp:h700s_firmware:-", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2020-11023", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-11023", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:19.12.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:*", "cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:siebel_mobile:20.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:healthcare_translational_research:3.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:healthcare_translational_research:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:*", "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_analytics:12.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*", "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:healthcare_translational_research:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:*", "cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:18.8.9:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:snapcenter_server:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:healthcare_translational_research:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:oncommand_system_manager:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:peoplesoft_enterprise_human_capital_management_resources:9.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:17.12.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:hyperion_financial_reporting:11.1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_de_nederlandsche_bank:8.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:*", "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.10.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_enterprise_collections:2.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:rest_data_services:19c:*:*:*:-:*:*:*", "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:16.2.11:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2020-06-23T17:24:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-11023", "CVE-2020-11022"], "description": "Drupal is prone to multiple cross-site scripting vulnerabilities in jQuery.", "modified": "2020-06-19T00:00:00", "published": "2020-06-19T00:00:00", "id": "OPENVAS:1361412562310144145", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310144145", "type": "openvas", "title": "Drupal 7.x, 8.x jQuery XSS Vulnerabilities (SA-CORE-2020-002) (Windows)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:drupal:drupal\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.144145\");\n script_version(\"2020-06-19T07:08:34+0000\");\n script_tag(name:\"last_modification\", value:\"2020-06-19 07:08:34 +0000 (Fri, 19 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-19 05:30:03 +0000 (Fri, 19 Jun 2020)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Drupal 7.x, 8.x jQuery XSS Vulnerabilities (SA-CORE-2020-002) (Windows)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"drupal_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"drupal/installed\", \"Host/runs_windows\");\n\n script_tag(name:\"summary\", value:\"Drupal is prone to multiple cross-site scripting vulnerabilities in jQuery.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The jQuery project released version 3.5.0, and as part of that, disclosed\n two security vulnerabilities that affect all prior versions. These vulnerabilities may be exploitable on some\n Drupal sites.\");\n\n script_tag(name:\"affected\", value:\"Drupal 7.x, 8.7.x and earlier and 8.8.x.\");\n\n script_tag(name:\"solution\", value:\"Update to version 7.70, 8.7.14, 8.8.6 or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.drupal.org/sa-core-2020-002\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif (version_in_range(version: version, test_version: \"7.0\", test_version2: \"7.69\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"7.70\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"8.0\", test_version2: \"8.7.13\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"8.7.14\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"8.8\", test_version2: \"8.8.5\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"8.8.6\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-07-21T20:10:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-11023", "CVE-2020-11022"], "description": "Discourse is prone to multiple vulnerabilities.", "modified": "2020-05-29T00:00:00", "published": "2020-07-02T00:00:00", "id": "OPENVAS:1361412562310108811", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310108811", "type": "openvas", "title": "Discourse < 2.5.0.beta6 Multiple Vulnerabilities", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:discourse:discourse\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.108811\");\n script_version(\"2020-05-29T07:55:07+0000\");\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n script_tag(name:\"last_modification\", value:\"2020-05-29 07:55:07 +0000 (Fri, 29 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-07-02 07:30:26 +0000 (Thu, 02 Jul 2020)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_name(\"Discourse < 2.5.0.beta6 Multiple Vulnerabilities\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_discourse_detect.nasl\");\n script_mandatory_keys(\"discourse/detected\");\n\n script_tag(name:\"summary\", value:\"Discourse is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"insight\", value:\"The following flaws exist / security fixes are included:\n\n - Make find topic by slug adhere to SiteSetting.detailed_404\n\n - Use FinalDestination for topic embeds\n\n - Missing security check prior to redirect\");\n\n script_tag(name:\"affected\", value:\"Discourse up to and including version 2.5.0.beta5.\");\n\n script_tag(name:\"solution\", value:\"Update to version 2.5.0.beta6 or later.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_xref(name:\"URL\", value:\"https://meta.discourse.org/t/discourse-2-5-0-beta6-release-notes/153491\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! port = get_app_port( cpe:CPE ) )\n exit( 0 );\n\nif( ! infos = get_app_version_and_location( cpe:CPE, port:port, exit_no_version:TRUE ) )\n exit( 0 );\n\nvers = infos[\"version\"];\n\nif( version_is_less( version:vers, test_version:\"2.5.0\" ) ||\n version_in_range( version:vers, test_version:\"2.5.0.beta1\", test_version2:\"2.5.0.beta5\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"2.5.0.beta6\", install_path:infos[\"location\"] );\n security_message( port:port, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-06-25T13:47:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-11023", "CVE-2020-11022"], "description": "The remote host is missing an update for the ", "modified": "2020-06-24T00:00:00", "published": "2020-06-23T00:00:00", "id": "OPENVAS:1361412562310877975", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877975", "type": "openvas", "title": "Fedora: Security Advisory for drupal8 (FEDORA-2020-36d2db5f51)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877975\");\n script_version(\"2020-06-24T03:42:18+0000\");\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-06-24 03:42:18 +0000 (Wed, 24 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-23 03:19:42 +0000 (Tue, 23 Jun 2020)\");\n script_name(\"Fedora: Security Advisory for drupal8 (FEDORA-2020-36d2db5f51)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC32\");\n\n script_xref(name:\"FEDORA\", value:\"2020-36d2db5f51\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal8'\n package(s) announced via the FEDORA-2020-36d2db5f51 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Drupal is an open source content management platform powering millions of\nwebsites and applications. Its built, used, and supported by an active and\ndiverse community of people around the world.\");\n\n script_tag(name:\"affected\", value:\"'drupal8' package(s) on Fedora 32.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC32\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"drupal8\", rpm:\"drupal8~8.9.0~1.fc32\", rls:\"FC32\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-06-23T17:24:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-11023", "CVE-2020-11022"], "description": "Drupal is prone to multiple cross-site scripting vulnerabilities in jQuery.", "modified": "2020-06-19T00:00:00", "published": "2020-06-19T00:00:00", "id": "OPENVAS:1361412562310144144", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310144144", "type": "openvas", "title": "Drupal 7.x, 8.x jQuery XSS Vulnerabilities (SA-CORE-2020-002) (Linux)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:drupal:drupal\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.144144\");\n script_version(\"2020-06-19T07:08:34+0000\");\n script_tag(name:\"last_modification\", value:\"2020-06-19 07:08:34 +0000 (Fri, 19 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-19 04:59:39 +0000 (Fri, 19 Jun 2020)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Drupal 7.x, 8.x jQuery XSS Vulnerabilities (SA-CORE-2020-002) (Linux)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"drupal_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"drupal/installed\", \"Host/runs_unixoide\");\n\n script_tag(name:\"summary\", value:\"Drupal is prone to multiple cross-site scripting vulnerabilities in jQuery.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The jQuery project released version 3.5.0, and as part of that, disclosed\n two security vulnerabilities that affect all prior versions. These vulnerabilities may be exploitable on some\n Drupal sites.\");\n\n script_tag(name:\"affected\", value:\"Drupal 7.x, 8.7.x and earlier and 8.8.x.\");\n\n script_tag(name:\"solution\", value:\"Update to version 7.70, 8.7.14, 8.8.6 or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.drupal.org/sa-core-2020-002\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif (version_in_range(version: version, test_version: \"7.0\", test_version2: \"7.69\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"7.70\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"8.0\", test_version2: \"8.7.13\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"8.7.14\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"8.8\", test_version2: \"8.8.5\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"8.8.6\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-06-03T15:55:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-11023", "CVE-2020-11022"], "description": "Discourse is prone to multiple vulnerabilities.", "modified": "2020-05-29T00:00:00", "published": "2020-05-28T00:00:00", "id": "OPENVAS:1361412562310108764", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310108764", "type": "openvas", "title": "Discourse < 2.5.0.beta5 Multiple Vulnerabilities", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:discourse:discourse\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.108764\");\n script_version(\"2020-05-29T07:55:07+0000\");\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n script_tag(name:\"last_modification\", value:\"2020-05-29 07:55:07 +0000 (Fri, 29 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-28 11:42:13 +0000 (Thu, 28 May 2020)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_name(\"Discourse < 2.5.0.beta5 Multiple Vulnerabilities\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_discourse_detect.nasl\");\n script_mandatory_keys(\"discourse/detected\");\n\n script_tag(name:\"summary\", value:\"Discourse is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"insight\", value:\"The following flaws exist / security fixes are included:\n\n - Re-adds accidentally reverted commit: Ensure embed_url contains valid http(s) uri\n\n - ERB execution in custom Email Style\n\n - Updates jQuery to 3.5.0 (from 3.4.1)\");\n\n script_tag(name:\"affected\", value:\"Discourse up to and including version 2.5.0.beta4.\");\n\n script_tag(name:\"solution\", value:\"Update to version 2.5.0.beta5 or later.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_xref(name:\"URL\", value:\"https://meta.discourse.org/t/discourse-2-5-0-beta5-release-notes/152760\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! port = get_app_port( cpe:CPE ) )\n exit( 0 );\n\nif( ! infos = get_app_version_and_location( cpe:CPE, port:port, exit_no_version:TRUE ) )\n exit( 0 );\n\nvers = infos[\"version\"];\n\nif( version_is_less( version:vers, test_version:\"2.5.0\" ) ||\n version_in_range( version:vers, test_version:\"2.5.0.beta1\", test_version2:\"2.5.0.beta4\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"2.5.0.beta5\", install_path:infos[\"location\"] );\n security_message( port:port, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-05-28T13:54:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-11023", "CVE-2020-11022"], "description": "The remote host is missing an update for the ", "modified": "2020-05-28T00:00:00", "published": "2020-05-28T00:00:00", "id": "OPENVAS:1361412562310704693", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704693", "type": "openvas", "title": "Debian: Security Advisory for drupal7 (DSA-4693-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704693\");\n script_version(\"2020-05-28T03:00:10+0000\");\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-05-28 03:00:10 +0000 (Thu, 28 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-28 03:00:10 +0000 (Thu, 28 May 2020)\");\n script_name(\"Debian: Security Advisory for drupal7 (DSA-4693-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2020/dsa-4693.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4693-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the DSA-4693-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities were discovered in Drupal, a fully-featured\ncontent management framework, which could result in an open redirect or\ncross-site scripting.\");\n\n script_tag(name:\"affected\", value:\"'drupal7' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the oldstable distribution (stretch), these problems have been fixed\nin version 7.52-2+deb9u10.\n\nWe recommend that you upgrade your drupal7 packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"drupal7\", ver:\"7.52-2+deb9u10\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-05-18T15:42:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-11023"], "description": "jQuery is prone to a cross-site scripting vulnerability when appending HTML\n containing option elements.", "modified": "2020-05-14T00:00:00", "published": "2020-05-05T00:00:00", "id": "OPENVAS:1361412562310143813", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310143813", "type": "openvas", "title": "jQuery 1.0.3 < 3.5.0 XSS Vulnerability", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:jquery:jquery\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.143813\");\n script_version(\"2020-05-14T09:33:44+0000\");\n script_tag(name:\"last_modification\", value:\"2020-05-14 09:33:44 +0000 (Thu, 14 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-05 06:00:22 +0000 (Tue, 05 May 2020)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_cve_id(\"CVE-2020-11023\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"jQuery 1.0.3 < 3.5.0 XSS Vulnerability\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_jquery_detect.nasl\");\n script_mandatory_keys(\"jquery/detected\");\n\n script_tag(name:\"summary\", value:\"jQuery is prone to a cross-site scripting vulnerability when appending HTML\n containing option elements.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Passing HTML containing <option> elements from untrusted sources - even after\n sanitizing them - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute\n untrusted code.\");\n\n script_tag(name:\"affected\", value:\"jQuery versions 1.0.3 and prior to version 3.5.0.\");\n\n script_tag(name:\"solution\", value:\"Update to version 3.5.0 or later.\");\n\n script_xref(name:\"URL\", value:\"https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif (version_is_greater_equal(version: version, test_version: \"1.0.3\") &&\n version_is_less(version: version, test_version: \"3.5.0\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"3.5.0\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-05-12T15:40:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-11022"], "description": "jQuery is prone to a cross-site scripting vulnerability in jQuery.htmlPrefilter\n and related methods.", "modified": "2020-05-11T00:00:00", "published": "2020-05-05T00:00:00", "id": "OPENVAS:1361412562310143812", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310143812", "type": "openvas", "title": "jQuery 1.2 < 3.5.0 XSS Vulnerability", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:jquery:jquery\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.143812\");\n script_version(\"2020-05-11T07:05:27+0000\");\n script_tag(name:\"last_modification\", value:\"2020-05-11 07:05:27 +0000 (Mon, 11 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-05 05:54:06 +0000 (Tue, 05 May 2020)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_cve_id(\"CVE-2020-11022\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"jQuery 1.2 < 3.5.0 XSS Vulnerability\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_jquery_detect.nasl\");\n script_mandatory_keys(\"jquery/detected\");\n\n script_tag(name:\"summary\", value:\"jQuery is prone to a cross-site scripting vulnerability in jQuery.htmlPrefilter\n and related methods.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Passing HTML from untrusted sources - even after sanitizing it - to one of\n jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code.\");\n\n script_tag(name:\"affected\", value:\"jQuery versions 1.2 and prior to version 3.5.0.\");\n\n script_tag(name:\"solution\", value:\"Update to version 3.5.0 or later.\");\n\n script_xref(name:\"URL\", value:\"https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif (version_is_greater_equal(version: version, test_version: \"1.2\") &&\n version_is_less(version: version, test_version: \"3.5.0\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"3.5.0\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-06-10T17:35:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-18405", "CVE-2020-11022"], "description": "The remote host is missing an update for the ", "modified": "2020-06-09T00:00:00", "published": "2020-06-07T00:00:00", "id": "OPENVAS:1361412562310877925", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877925", "type": "openvas", "title": "Fedora: Security Advisory for drupal7 (FEDORA-2020-11be4b36d4)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877925\");\n script_version(\"2020-06-09T07:30:09+0000\");\n script_cve_id(\"CVE-2020-11022\", \"CVE-2018-18405\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 07:30:09 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-07 03:27:54 +0000 (Sun, 07 Jun 2020)\");\n script_name(\"Fedora: Security Advisory for drupal7 (FEDORA-2020-11be4b36d4)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC32\");\n\n script_xref(name:\"FEDORA\", value:\"2020-11be4b36d4\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'drupal7'\n package(s) announced via the FEDORA-2020-11be4b36d4 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Equipped with a powerful blend of features, Drupal is a Content Management\nSystem written in PHP that can support a variety of websites ranging from\npersonal weblogs to large community-driven websites. Drupal is highly\nconfigurable, skinnable, and secure.\");\n\n script_tag(name:\"affected\", value:\"'drupal7' package(s) on Fedora 32.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC32\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"drupal7\", rpm:\"drupal7~7.70~1.fc32\", rls:\"FC32\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2020-11-21T05:01:07", "description": "This update for otrs fixes the following issues :\n\n - otrs was updated to 6.0.30 (OSA-2020-14 boo#1178434)\n\n - CVE-2020-11022, CVE-2020-11023: Vulnerability in\n third-party library - jquery OTRS uses jquery version\n 3.4.1, which is vulnerable to cross-site scripting\n (XSS).", "edition": 3, "cvss3": {"score": 6.1, "vector": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-11-12T00:00:00", "title": "openSUSE Security Update : otrs (openSUSE-2020-1888)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-11023", "CVE-2020-11022"], "modified": "2020-11-12T00:00:00", "cpe": ["cpe:/o:novell:opensuse:15.2", "cpe:/o:novell:opensuse:15.1", "p-cpe:/a:novell:opensuse:otrs-itsm", "p-cpe:/a:novell:opensuse:otrs"], "id": "OPENSUSE-2020-1888.NASL", "href": "https://www.tenable.com/plugins/nessus/142840", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1888.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(142840);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/20\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n\n script_name(english:\"openSUSE Security Update : otrs (openSUSE-2020-1888)\");\n script_summary(english:\"Check for the openSUSE-2020-1888 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for otrs fixes the following issues :\n\n - otrs was updated to 6.0.30 (OSA-2020-14 boo#1178434)\n\n - CVE-2020-11022, CVE-2020-11023: Vulnerability in\n third-party library - jquery OTRS uses jquery version\n 3.4.1, which is vulnerable to cross-site scripting\n (XSS).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1178434\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected otrs packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11023\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:otrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:otrs-itsm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1|SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1 / 15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"otrs-6.0.30-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"otrs-itsm-6.0.30-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"otrs-6.0.30-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"otrs-itsm-6.0.30-lp152.2.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"otrs / otrs-itsm\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-06-24T10:06:14", "description": "- https://www.drupal.org/project/drupal/releases/8.9.0\n\n- https://www.drupal.org/project/drupal/releases/8.8.7\n\n- https://www.drupal.org/project/drupal/releases/8.8.6\n\n -\n [SA-CORE-2020-002](https://www.drupal.org/sa-core-2020-0\n 02) /\n [CVE-2020-11022](https://nvd.nist.gov/vuln/detail/CVE-20\n 20-11022) /\n [CVE-2020-11023](https://nvd.nist.gov/vuln/detail/CVE-20\n 20-11023)\n\n- https://www.drupal.org/project/drupal/releases/8.8.5\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 2, "cvss3": {"score": 6.1, "vector": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-06-17T00:00:00", "title": "Fedora 32 : drupal8 (2020-36d2db5f51)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-11023", "CVE-2020-11022"], "modified": "2020-06-17T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:drupal8", "cpe:/o:fedoraproject:fedora:32"], "id": "FEDORA_2020-36D2DB5F51.NASL", "href": "https://www.tenable.com/plugins/nessus/137423", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-36d2db5f51.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(137423);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/22\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n script_xref(name:\"FEDORA\", value:\"2020-36d2db5f51\");\n\n script_name(english:\"Fedora 32 : drupal8 (2020-36d2db5f51)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"- https://www.drupal.org/project/drupal/releases/8.9.0\n\n- https://www.drupal.org/project/drupal/releases/8.8.7\n\n- https://www.drupal.org/project/drupal/releases/8.8.6\n\n -\n [SA-CORE-2020-002](https://www.drupal.org/sa-core-2020-0\n 02) /\n [CVE-2020-11022](https://nvd.nist.gov/vuln/detail/CVE-20\n 20-11022) /\n [CVE-2020-11023](https://nvd.nist.gov/vuln/detail/CVE-20\n 20-11023)\n\n- https://www.drupal.org/project/drupal/releases/8.8.5\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-36d2db5f51\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://nvd.nist.gov/vuln/detail/CVE-2020-11022\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/project/drupal/releases/8.8.5\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/sa-core-2020-002\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected drupal8 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:drupal8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:32\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^32([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 32\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC32\", reference:\"drupal8-8.9.0-1.fc32\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drupal8\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-09-14T13:53:55", "description": "According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.70,\n7.0.x prior to 7.70, 8.7.x prior to 8.7.14, or 8.8.x prior to 8.8.6. It is, therefore, affected by multiple\nvulnerabilities.\n\n - In jQuery versions greater than or equal to 1.2 and\n before 3.5.0, passing HTML from untrusted sources - even\n after sanitizing it - to one of jQuery's DOM\n manipulation methods (i.e. .html(), .append(), and\n others) may execute untrusted code. This problem is\n patched in jQuery 3.5.0. (CVE-2020-11022)\n\n - In jQuery versions greater than or equal to 1.0.3 and\n before 3.5.0, passing HTML containing elements\n from untrusted sources - even after sanitizing it - to\n one of jQuery's DOM manipulation methods (i.e. .html(),\n .append(), and others) may execute untrusted code. This\n problem is patched in jQuery 3.5.0. (CVE-2020-11023)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "edition": 4, "cvss3": {"score": 6.1, "vector": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-05-21T00:00:00", "title": "Drupal 7.0.x < 7.70 / 7.0.x < 7.70 / 8.7.x < 8.7.14 / 8.8.x < 8.8.6 Multiple Vulnerabilities (drupal-2020-05-20)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-11023", "CVE-2020-11022"], "modified": "2020-05-21T00:00:00", "cpe": ["cpe:/a:drupal:drupal"], "id": "DRUPAL_8_8_6.NASL", "href": "https://www.tenable.com/plugins/nessus/136745", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136745);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/02\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n script_xref(name:\"IAVB\", value:\"2020-B-0030\");\n\n script_name(english:\"Drupal 7.0.x < 7.70 / 7.0.x < 7.70 / 8.7.x < 8.7.14 / 8.8.x < 8.8.6 Multiple Vulnerabilities (drupal-2020-05-20)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PHP application running on the remote web server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.70,\n7.0.x prior to 7.70, 8.7.x prior to 8.7.14, or 8.8.x prior to 8.8.6. It is, therefore, affected by multiple\nvulnerabilities.\n\n - In jQuery versions greater than or equal to 1.2 and\n before 3.5.0, passing HTML from untrusted sources - even\n after sanitizing it - to one of jQuery's DOM\n manipulation methods (i.e. .html(), .append(), and\n others) may execute untrusted code. This problem is\n patched in jQuery 3.5.0. (CVE-2020-11022)\n\n - In jQuery versions greater than or equal to 1.0.3 and\n before 3.5.0, passing HTML containing elements\n from untrusted sources - even after sanitizing it - to\n one of jQuery's DOM manipulation methods (i.e. .html(),\n .append(), and others) may execute untrusted code. This\n problem is patched in jQuery 3.5.0. (CVE-2020-11023)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/sa-core-2020-003\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/drupal/releases/7.70\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/sa-core-2020-002\");\n # https://blog.jquery.com/2020/05/04/jquery-3-5-1-released-fixing-a-regression/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f249edf4\");\n script_set_attribute(attribute:\"see_also\", value:\"https://en.wikipedia.org/wiki/Software_regression\");\n # https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?07eeffa7\");\n # https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?bc025732\");\n script_set_attribute(attribute:\"see_also\", value:\"https://html.spec.whatwg.org/multipage/custom-elements.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://jquery.com/upgrade-guide/3.5/#description-of-the-change\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/drupal/releases/8.7.14\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/drupal/releases/8.8.6\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/issues/drupal\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/project/jquery_update\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.drupal.org/security-team/report-issue\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Drupal version 7.70 / 7.70 / 8.7.14 / 8.8.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11023\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/21\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:drupal:drupal\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"drupal_detect.nasl\");\n script_require_keys(\"installed_sw/Drupal\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 80, 443);\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('http.inc');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nport = get_http_port(default:80, php:TRUE);\n\napp_info = vcf::get_app_info(app:'Drupal', port:port, webapp:TRUE);\n\nvcf::check_granularity(app_info:app_info, sig_segments:2);\n\nconstraints = [\n { 'min_version' : '7.0', 'fixed_version' : '7.70' },\n { 'min_version' : '8.7', 'fixed_version' : '8.7.14' },\n { 'min_version' : '8.8', 'fixed_version' : '8.8.6' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-23T12:44:48", "description": "Oracle WebCenter Sites component of Oracle Fusion Middleware is affected by a vulnerability in the jQuery component.\nPassing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e.\n.html(), .append(), and others) may execute untrusted code.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported \nversion", "edition": 2, "cvss3": {"score": 6.1, "vector": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2021-01-21T00:00:00", "title": "Oracle WebCenter Sites (Jan 2021 CPU)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-11023", "CVE-2020-11022"], "modified": "2021-01-21T00:00:00", "cpe": ["cpe:/a:oracle:webcenter_sites", "cpe:/a:oracle:fusion_middleware"], "id": "ORACLE_WEBCENTER_SITES_JAN_2021_CPU.NASL", "href": "https://www.tenable.com/plugins/nessus/145244", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145244);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/22\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n\n script_name(english:\"Oracle WebCenter Sites (Jan 2021 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application running on the remote host is affected by a vulnerability\");\n script_set_attribute(attribute:\"description\", value:\n\"Oracle WebCenter Sites component of Oracle Fusion Middleware is affected by a vulnerability in the jQuery component.\nPassing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e.\n.html(), .append(), and others) may execute untrusted code.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported \nversion\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/security-alerts/cpujan2021.html#AppendixFMW\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/a/tech/docs/cpujan2021cvrf.xml\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the January 2021 Oracle Critical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11022\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/01/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:webcenter_sites\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_webcenter_sites_installed.nbin\", \"oracle_enum_products_win.nbin\");\n script_require_keys(\"SMB/WebCenter_Sites/Installed\");\n\n exit(0);\n}\ninclude('oracle_rdbms_cpu_func.inc');\n\n# For both versions, the MANIFEST.MF Implementation Version is not updated, so we don't get the info we need from the\n# the detection and we need to look for patches\nfunction check_patches(revision, patch)\n{\n var oracle_homes, ohome, res, testpath, patchesinstalled, patched, item, patch_fix;\n patch_fix = '';\n oracle_homes = query_scratchpad(\"SELECT path FROM oracle_homes\");\n if (!max_index(oracle_homes)) exit(1, 'Failed to get any Oracle homes from the scratchpad.');\n\n ohome = NULL;\n\n # Find the correct ohome\n foreach res (oracle_homes)\n {\n testpath = res['path'];\n if (testpath >< tolower(path))\n {\n ohome = testpath;\n break;\n }\n }\n if (empty_or_null(ohome))\n exit(1, 'Failed to find the proper Oracle home in the scratchpad.');\n\n patchesinstalled = query_scratchpad(\"SELECT patchid FROM oracle_patches WHERE ohome=?;\", ohome);\n\n patched = FALSE;\n\n # Check if patch is in ohome\n if (!empty_or_null(patchesinstalled))\n {\n patched = FALSE;\n foreach item (patchesinstalled)\n {\n if (item['patchid'] == patch)\n patched = TRUE;\n }\n\n }\n\n if(!patched)\n {\n patch_fix = '\\n Fixed revision : ' + revision +\n '\\n Required patch : ' + patch;\n }\n\n return patch_fix;\n}\n\nport = get_kb_item('SMB/transport');\nif (empty_or_null(port))\n port = 445;\n\nget_kb_item_or_exit('SMB/WebCenter_Sites/Installed');\n\nversions = get_kb_list('SMB/WebCenter_Sites/*/Version');\nif (empty_or_null(versions))\n exit(1, 'Unable to obtain a version list for Oracle WebCenter Sites.');\n\nreport = '';\n\npatch_12_2_1_3 = '32292427';\nrevision_12_2_1_3 = 186084;\npatch_12_2_1_4 = '32315127';\nrevision_12_2_1_4 = 186094;\n\nforeach key (keys(versions))\n{\n fix = '';\n\n version = versions[key];\n revision = get_kb_item(key - '/Version' + '/Revision');\n path = get_kb_item(key - '/Version' + '/Path');\n\n if (empty_or_null(version) || empty_or_null(revision))\n continue;\n\n if (version =~ \"^12\\.2\\.1\\.3\\.0$\" && revision < revision_12_2_1_3)\n {\n fix = '\\n Fixed revision : ' + revision_12_2_1_3 +\n '\\n Required patch : ' + patch_12_2_1_3;\n }\n else if (version =~ \"^12\\.2\\.1\\.3\\.0$\" && revision == revision_12_2_1_3)\n fix = check_patches(patch:patch_12_2_1_3, revision:revision_12_2_1_3);\n else if (version =~ \"^12\\.2\\.1\\.4\\.0$\" && revision < revision_12_2_1_4)\n {\n fix = '\\n Fixed revision : ' + revision_12_2_1_4 +\n '\\n Required patch : ' + patch_12_2_1_4;\n }\n else if (version =~ \"^12\\.2\\.1\\.4\\.0$\" && revision == revision_12_2_1_4)\n fix = check_patches(patch:patch_12_2_1_4, revision:revision_12_2_1_4);\n\n if (fix != '')\n {\n if (!empty_or_null(path))\n report += '\\n Path : ' + path;\n\n report += '\\n Version : ' + version +\n '\\n Revision : ' + revision +\n fix + '\\n';\n }\n}\n\nif (empty_or_null(report))\n audit(AUDIT_INST_VER_NOT_VULN, 'Oracle WebCenter Sites');\n\nsecurity_report_v4(port:port, extra:report, severity:SECURITY_WARNING);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-31T11:36:34", "description": "According to the self-reported version in the script, the version of JQuery hosted on the remote web server is greater\nthan or equal to 1.2 and prior to 3.5.0. It is, therefore, affected by multiple cross site scripting vulnerabilities.\n\nNote, the vulnerabilities referenced in this plugin have no security impact on PAN-OS, and/or the scenarios \nrequired for successful exploitation do not exist on devices running a PAN-OS release.", "edition": 6, "cvss3": {"score": 6.1, "vector": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-05-28T00:00:00", "title": "JQuery 1.2 < 3.5.0 Multiple XSS", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-11023", "CVE-2020-11022"], "modified": "2020-05-28T00:00:00", "cpe": [], "id": "JQUERY_CVE-2020-11022.NASL", "href": "https://www.tenable.com/plugins/nessus/136929", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136929);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/30\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\");\n script_xref(name:\"IAVB\", value:\"2020-B-0030\");\n\n script_name(english:\"JQuery 1.2 < 3.5.0 Multiple XSS\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by multiple cross site scripting\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the self-reported version in the script, the version of JQuery hosted on the remote web server is greater\nthan or equal to 1.2 and prior to 3.5.0. It is, therefore, affected by multiple cross site scripting vulnerabilities.\n\nNote, the vulnerabilities referenced in this plugin have no security impact on PAN-OS, and/or the scenarios \nrequired for successful exploitation do not exist on devices running a PAN-OS release.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.paloaltonetworks.com/PAN-SA-2020-0007\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to JQuery version 3.5.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11022\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses : XSS\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"jquery_detect.nasl\", \"palo_alto_version.nbin\", \"cisco_wlc_version.nasl\");\n script_require_keys(\"installed_sw/jquery\");\n script_require_ports(\"Services/www\", 80);\n script_exclude_keys(\"Host/Palo_Alto/Firewall/Version\",\"Host/Cisco/WLC/Version\");\n\n exit(0);\n}\n\ninclude('http.inc');\ninclude('vcf.inc');\n\nif (get_kb_item('Host/Palo_Alto/Firewall/Version'))\n exit(0, 'The remote host is PAN-OS, and therefore not affected.');\n\nif (get_kb_item('Host/Cisco/WLC/Version'))\n exit(0, 'The remote host is a Cisco WLC, and therefore not affected.');\n\nappname = 'jquery';\nget_install_count(app_name:appname, exit_if_zero:TRUE);\nport = get_http_port(default:8081);\napp_info = vcf::get_app_info(app:appname, port:port, webapp:TRUE);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nconstraints = [{'min_version':'1.2','fixed_version':'3.5.0'}];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING,flags:{xss:TRUE});\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-06-06T09:24:59", "description": "Several vulnerabilities were discovered in Drupal, a fully-featured\ncontent management framework, which could result in an open redirect\nor cross-site scripting.", "edition": 3, "cvss3": {"score": 6.1, "vector": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-05-28T00:00:00", "title": "Debian DSA-4693-1 : drupal7 - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-11023", "CVE-2020-11022", "CVE-2020-13662"], "modified": "2020-05-28T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:drupal7", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4693.NASL", "href": "https://www.tenable.com/plugins/nessus/136932", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4693. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136932);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/05\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\", \"CVE-2020-13662\");\n script_xref(name:\"DSA\", value:\"4693\");\n script_xref(name:\"IAVB\", value:\"2020-B-0030\");\n\n script_name(english:\"Debian DSA-4693-1 : drupal7 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Several vulnerabilities were discovered in Drupal, a fully-featured\ncontent management framework, which could result in an open redirect\nor cross-site scripting.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/drupal7\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/drupal7\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2020/dsa-4693\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the drupal7 packages.\n\nFor the oldstable distribution (stretch), these problems have been\nfixed in version 7.52-2+deb9u10.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:drupal7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"drupal7\", reference:\"7.52-2+deb9u10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-07-31T02:29:28", "description": "The remote host is affected by the vulnerability described in GLSA-202007-03\n(Cacti: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Cacti. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n Please review the referenced CVE identifiers for details.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 2, "cvss3": {"score": 7.2, "vector": "AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-07-27T00:00:00", "title": "GLSA-202007-03 : Cacti: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-11023", "CVE-2020-11022", "CVE-2020-14295"], "modified": "2020-07-27T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:cacti", "p-cpe:/a:gentoo:linux:cacti-spine"], "id": "GENTOO_GLSA-202007-03.NASL", "href": "https://www.tenable.com/plugins/nessus/138926", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202007-03.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138926);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/30\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\", \"CVE-2020-14295\");\n script_xref(name:\"GLSA\", value:\"202007-03\");\n\n script_name(english:\"GLSA-202007-03 : Cacti: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-202007-03\n(Cacti: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Cacti. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n Please review the referenced CVE identifiers for details.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/202007-03\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All Cacti users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/cacti-1.2.13'\n All Cacti Spine users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/cacti-spine-1.2.13'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:cacti\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:cacti-spine\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-analyzer/cacti\", unaffected:make_list(\"ge 1.2.13\"), vulnerable:make_list(\"lt 1.2.13\"))) flag++;\nif (qpkg_check(package:\"net-analyzer/cacti-spine\", unaffected:make_list(\"ge 1.2.13\"), vulnerable:make_list(\"lt 1.2.13\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Cacti\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-09-17T06:25:00", "description": "- https://www.drupal.org/project/drupal/releases/7.72\n\n - [Drupal core - Critical - Cross Site Request Forgery -\n SA-CORE-2020-004](https://www.drupal.org/sa-core-2020-00\n 4) / CVE-2020-13663\n\n- https://www.drupal.org/project/drupal/releases/7.71\n\n- https://www.drupal.org/project/drupal/releases/7.70\n\n - [Drupal core - Moderately critical - Cross Site\n Scripting -\n SA-CORE-2020-002](https://www.drupal.org/sa-core-2020-00\n 2) / CVE-2020-11022 / CVE-2020-11023\n\n - [Drupal core - Moderately critical - Open Redirect -\n SA-CORE-2020-003](https://www.drupal.org/sa-core-2020-00\n 3) / CVE-2020-13662\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 2, "cvss3": {"score": 6.1, "vector": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-09-14T00:00:00", "title": "Fedora 31 : drupal7 (2020-fbb94073a1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-11023", "CVE-2020-11022", "CVE-2020-13663", "CVE-2020-13662"], "modified": "2020-09-14T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:drupal7", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2020-FBB94073A1.NASL", "href": "https://www.tenable.com/plugins/nessus/140557", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-fbb94073a1.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(140557);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/16\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\", \"CVE-2020-13662\", \"CVE-2020-13663\");\n script_xref(name:\"FEDORA\", value:\"2020-fbb94073a1\");\n\n script_name(english:\"Fedora 31 : drupal7 (2020-fbb94073a1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"- https://www.drupal.org/project/drupal/releases/7.72\n\n - [Drupal core - Critical - Cross Site Request Forgery -\n SA-CORE-2020-004](https://www.drupal.org/sa-core-2020-00\n 4) / CVE-2020-13663\n\n- https://www.drupal.org/project/drupal/releases/7.71\n\n- https://www.drupal.org/project/drupal/releases/7.70\n\n - [Drupal core - Moderately critical - Cross Site\n Scripting -\n SA-CORE-2020-002](https://www.drupal.org/sa-core-2020-00\n 2) / CVE-2020-11022 / CVE-2020-11023\n\n - [Drupal core - Moderately critical - Open Redirect -\n SA-CORE-2020-003](https://www.drupal.org/sa-core-2020-00\n 3) / CVE-2020-13662\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-fbb94073a1\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/sa-core-2020-002\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/sa-core-2020-003\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.drupal.org/sa-core-2020-004\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected drupal7 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:drupal7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"drupal7-7.72-1.fc31\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"drupal7\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-07-31T03:51:36", "description": "This update for cacti, cacti-spine fixes the following issues :\n\n - cacti 1.2.13 :\n\n - Query XSS vulnerabilities require vendor package update\n (CVE-2020-11022 / CVE-2020-11023)\n\n - Lack of escaping on some pages can lead to XSS exposure\n\n - Update PHPMailer to 6.1.6 (CVE-2020-13625)\n\n - SQL Injection vulnerability due to input validation\n failure when editing colors (CVE-2020-14295,\n boo#1173090)\n\n - Lack of escaping on template import can lead to XSS\n exposure\n\n - switch from cron to systemd timers (boo#1115436) :\n\n + cacti-cron.timer\n\n + cacti-cron.service\n\n - avoid potential root escalation on systems with\n fs.protected_hardlinks=0 (boo#1154087): handle directory\n permissions in file section instead of using chown\n during post installation\n\n - rewrote apache configuration to get rid of .htaccess\n files and explicitely disable directory permissions per\n default (only allow a limited, well-known set of\n directories)", "edition": 2, "cvss3": {"score": 7.2, "vector": "AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-07-27T00:00:00", "title": "openSUSE Security Update : cacti / cacti-spine (openSUSE-2020-1060)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-11023", "CVE-2020-11022", "CVE-2020-13625", "CVE-2020-14295"], "modified": "2020-07-27T00:00:00", "cpe": ["cpe:/o:novell:opensuse:15.2", "cpe:/o:novell:opensuse:15.1", "p-cpe:/a:novell:opensuse:cacti-spine", "p-cpe:/a:novell:opensuse:cacti-spine-debugsource", "p-cpe:/a:novell:opensuse:cacti", "p-cpe:/a:novell:opensuse:cacti-spine-debuginfo"], "id": "OPENSUSE-2020-1060.NASL", "href": "https://www.tenable.com/plugins/nessus/138985", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1060.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138985);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/30\");\n\n script_cve_id(\"CVE-2020-11022\", \"CVE-2020-11023\", \"CVE-2020-13625\", \"CVE-2020-14295\");\n\n script_name(english:\"openSUSE Security Update : cacti / cacti-spine (openSUSE-2020-1060)\");\n script_summary(english:\"Check for the openSUSE-2020-1060 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for cacti, cacti-spine fixes the following issues :\n\n - cacti 1.2.13 :\n\n - Query XSS vulnerabilities require vendor package update\n (CVE-2020-11022 / CVE-2020-11023)\n\n - Lack of escaping on some pages can lead to XSS exposure\n\n - Update PHPMailer to 6.1.6 (CVE-2020-13625)\n\n - SQL Injection vulnerability due to input validation\n failure when editing colors (CVE-2020-14295,\n boo#1173090)\n\n - Lack of escaping on template import can lead to XSS\n exposure\n\n - switch from cron to systemd timers (boo#1115436) :\n\n + cacti-cron.timer\n\n + cacti-cron.service\n\n - avoid potential root escalation on systems with\n fs.protected_hardlinks=0 (boo#1154087): handle directory\n permissions in file section instead of using chown\n during post installation\n\n - rewrote apache configuration to get rid of .htaccess\n files and explicitely disable directory permissions per\n default (only allow a limited, well-known set of\n directories)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1115436\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154087\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173090\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected cacti / cacti-spine packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14295\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cacti\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cacti-spine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cacti-spine-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cacti-spine-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1|SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1 / 15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"cacti-1.2.13-lp151.3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"cacti-spine-1.2.13-lp151.3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"cacti-spine-debuginfo-1.2.13-lp151.3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"cacti-spine-debugsource-1.2.13-lp151.3.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"cacti-1.2.13-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"cacti-spine-1.2.13-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"cacti-spine-debuginfo-1.2.13-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"cacti-spine-debugsource-1.2.13-lp152.2.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cacti-spine / cacti-spine-debuginfo / cacti-spine-debugsource / etc\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-09-26T10:27:54", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:3807 advisory.\n\n - jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n - jQuery: passing HTML containing elements to manipulation methods could result in untrusted code\n execution (CVE-2020-11023)\n\n - ovirt-engine: Reflected cross site scripting vulnerability (CVE-2020-14333)\n\n - nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "edition": 2, "cvss3": {"score": 7.4, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2020-09-23T00:00:00", "title": "RHEL 8 : Red Hat Virtualization (RHSA-2020:3807)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-11023", "CVE-2020-14333", "CVE-2020-11022", "CVE-2020-8203"], "modified": "2020-09-23T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-base", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine-common", "p-cpe:/a:redhat:enterprise_linux:python3-ovirt-engine-lib", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-ui-extensions", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-vmconsole-proxy-helper", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine", "p-cpe:/a:redhat:enterprise_linux:ovirt-web-ui", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools-backup", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-vmconsole-proxy-helper", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-websocket-proxy", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-websocket-proxy", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-imageio", "cpe:/a:redhat:rhev_manager:4.4:el8", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-cinderlib", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-webadmin-portal", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dbscripts", "p-cpe:/a:redhat:enterprise_linux:rhvm", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-health-check-bundler", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-backend", "cpe:/a:redhat:rhev_manager:4.4", "cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-restapi"], "id": "REDHAT-RHSA-2020-3807.NASL", "href": "https://www.tenable.com/plugins/nessus/140750", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:3807. The text\n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140750);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/25\");\n\n script_cve_id(\n \"CVE-2020-8203\",\n \"CVE-2020-11022\",\n \"CVE-2020-11023\",\n \"CVE-2020-14333\"\n );\n script_xref(name:\"RHSA\", value:\"2020:3807\");\n\n script_name(english:\"RHEL 8 : Red Hat Virtualization (RHSA-2020:3807)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:3807 advisory.\n\n - jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n - jQuery: passing HTML containing elements to manipulation methods could result in untrusted code\n execution (CVE-2020-11023)\n\n - ovirt-engine: Reflected cross site scripting vulnerability (CVE-2020-14333)\n\n - nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/79.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-8203\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-11022\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-11023\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14333\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:3807\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1828406\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1850004\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857412\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1858184\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-8203\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(20, 79);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:rhev_manager:4.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:rhev_manager:4.4:el8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-backend\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dbscripts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-health-check-bundler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-restapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-cinderlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-imageio\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-vmconsole-proxy-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-websocket-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools-backup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-ui-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-vmconsole-proxy-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-webadmin-portal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-websocket-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-web-ui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-ovirt-engine-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhvm\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\npkgs = [\n {'reference':'ovirt-engine-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ovirt-engine-backend-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ovirt-engine-dbscripts-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ovirt-engine-health-check-bundler-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ovirt-engine-restapi-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ovirt-engine-setup-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ovirt-engine-setup-base-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ovirt-engine-setup-plugin-cinderlib-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ovirt-engine-setup-plugin-imageio-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ovirt-engine-setup-plugin-ovirt-engine-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ovirt-engine-setup-plugin-ovirt-engine-common-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ovirt-engine-setup-plugin-vmconsole-proxy-helper-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ovirt-engine-setup-plugin-websocket-proxy-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ovirt-engine-tools-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ovirt-engine-tools-backup-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ovirt-engine-ui-extensions-1.2.3-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ovirt-engine-vmconsole-proxy-helper-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ovirt-engine-webadmin-portal-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ovirt-engine-websocket-proxy-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ovirt-web-ui-1.6.4-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-ovirt-engine-lib-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rhvm-4.4.2.3-0.6.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ovirt-engine / ovirt-engine-backend / ovirt-engine-dbscripts / etc');\n}", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "debian": [{"lastseen": "2020-05-27T01:00:49", "bulletinFamily": "unix", "cvelist": ["CVE-2020-11023", "CVE-2020-11022"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4693-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nMay 26, 2020 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : drupal7\nCVE ID : CVE-2020-11022 CVE-2020-11023 SA-CORE-2020-003\n\nSeveral vulnerabilities were discovered in Drupal, a fully-featured\ncontent management framework, which could result in an open redirect or\ncross-site scripting.\n\nFor the oldstable distribution (stretch), these problems have been fixed\nin version 7.52-2+deb9u10.\n\nWe recommend that you upgrade your drupal7 packages.\n\nFor the detailed security status of drupal7 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/drupal7\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 1, "modified": "2020-05-26T21:08:38", "published": "2020-05-26T21:08:38", "id": "DEBIAN:DSA-4693-1:F5786", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2020/msg00097.html", "title": "[SECURITY] [DSA 4693-1] drupal7 security update", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "drupal": [{"lastseen": "2020-12-31T21:47:39", "bulletinFamily": "software", "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "description": "Project: \n\nDrupal core\n\nDate: \n\n2020-May-20\n\nSecurity risk: \n\n**Moderately critical** 10\u221525 AC:Complex/A:Admin/CI:Some/II:Some/E:Theoretical/TD:Uncommon\n\nVulnerability: \n\nCross Site Scripting\n\nDescription: \n\nThe jQuery project released version 3.5.0, and as part of that, disclosed two security vulnerabilities that affect all prior versions. As mentioned in the [jQuery blog](<https://blog.jquery.com/2020/05/04/jquery-3-5-1-released-fixing-a-regression/>), both are \n\n> [...] security issues in jQuery\u2019s DOM manipulation methods, as in `.html()`, `.append()`, and the others. Security advisories for both of these issues have been published on GitHub.\n\nThose advisories are:\n\n * [CVE-2020-11022](<https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2>)\n * [CVE-2020-11023](<https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6>)\n\nThese vulnerabilities may be exploitable on some Drupal sites. This Drupal security release backports the fixes to the relevant jQuery functions, without making any other changes to the jQuery version that is included in Drupal core or running on the site via some other module such as [jQuery Update](<https://www.drupal.org/project/jquery_update>). It is not necessary to update jquery_update on Drupal 7 sites that have the module installed.\n\nBackwards-compatibility code has also been added to minimize regressions to Drupal sites that might rely on jQuery's prior behavior. With jQuery 3.5, incorrect self-closing HTML tags in JavaScript for elements where end tags are normally required will encounter [a change in what jQuery returns or inserts](<https://jquery.com/upgrade-guide/3.5/#description-of-the-change>). To minimize that disruption in 8.8.x and earlier, this security release retains jQuery's prior behavior for most safe tags. There may still be regressions for edge cases, including invalidly self-closed [custom elements](<https://html.spec.whatwg.org/multipage/custom-elements.html>) on Internet Explorer.\n\n(Note: the backwards compatibility layer will not be included in the upcoming Drupal 8.9 and 9.0 releases, so Drupal 8 and 9 modules, themes, and sites should correct tags in JavaScript to properly use closing tags.)\n\nIf you find a [regression](<https://en.wikipedia.org/wiki/Software_regression>) caused by the jQuery changes, please report it in [Drupal core's issue queue](<https://www.drupal.org/project/issues/drupal>) (or that of the relevant contrib project). However, if you believe you have found a security issue, please [report it privately to the Drupal Security Team](<https://www.drupal.org/security-team/report-issue>).\n\nSolution: \n\nInstall the latest version:\n\n * If you are using Drupal 8.8, upgrade to [Drupal 8.8.6](<https://www.drupal.org/project/drupal/releases/8.8.6>).\n * If you are using Drupal 8.7, upgrade to [Drupal 8.7.14](<https://www.drupal.org/project/drupal/releases/8.7.14>).\n * If you are using Drupal 7, upgrade to [Drupal 7.70](<https://www.drupal.org/project/drupal/releases/7.70>).\n\nVersions of Drupal 8 prior to 8.7 are end-of-life and do not receive security coverage. Sites on 8.6 or earlier should update to 8.7.14.\n\nThe pre-release Drupal versions (8.9 and 9.0) have been updated jQuery to version 3.5.1 as of 8.9.0-beta3 and 9.0.0-beta3.\n\nReported By: \n\n * [Drew Webber ](<https://www.drupal.org/user/255969>) of the Drupal Security Team\n * [Emerson Jair Reis Oliveira da Silva ](<https://www.drupal.org/user/3580914>)\n\nFixed By: \n\n * [Drew Webber ](<https://www.drupal.org/user/255969>) of the Drupal Security Team\n * [Sally Young ](<https://www.drupal.org/user/161058>)\n * [cilefen ](<https://www.drupal.org/user/1850070>) of the Drupal Security Team\n * [Jess ](<https://www.drupal.org/user/65776>) of the Drupal Security Team\n * [Emerson Jair Reis Oliveira da Silva ](<https://www.drupal.org/user/3580914>)\n * [Lee Rowlands ](<https://www.drupal.org/user/395439>) of the Drupal Security Team\n * [Alex Bronstein ](<https://www.drupal.org/user/78040>) of the Drupal Security Team\n * [Ben Mullins ](<https://www.drupal.org/user/2369194>)\n * [Lauri Eskola ](<https://www.drupal.org/user/1078742>)\n * [Peter Weber ](<https://www.drupal.org/user/1448368>)\n * [Samuel Mortenson ](<https://www.drupal.org/user/2582268>) of the Drupal Security Team\n", "modified": "2020-05-20T00:00:00", "published": "2020-05-20T00:00:00", "id": "DRUPAL-SA-CORE-2020-002", "href": "https://www.drupal.org/sa-core-2020-002", "type": "drupal", "title": "Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2020-002\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "fedora": [{"lastseen": "2020-12-21T08:17:56", "bulletinFamily": "unix", "cvelist": ["CVE-2020-11022", "CVE-2020-11023"], "description": "Drupal is an open source content management platform powering millions of websites and applications. It=EF=BF=BD=EF=BF=BD=EF=BF=BDs built, used, and supported by an active and diverse community of people around the world. ", "modified": "2020-06-16T01:32:24", "published": "2020-06-16T01:32:24", "id": "FEDORA:9BFED31347B3", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 32 Update: drupal8-8.9.0-1.fc32", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:56", "bulletinFamily": "unix", "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13663"], "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "modified": "2020-09-25T17:15:48", "published": "2020-09-25T17:15:48", "id": "FEDORA:3AEB830B2656", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: drupal7-7.72-1.fc33", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:56", "bulletinFamily": "unix", "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13625", "CVE-2020-14295"], "description": "Cacti is a complete frontend to RRDTool. It stores all of the necessary information to create graphs and populate them with data in a MySQL database. The frontend is completely PHP driven. ", "modified": "2020-07-23T01:06:59", "published": "2020-07-23T01:06:59", "id": "FEDORA:DC7DF3111B2E", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 32 Update: cacti-1.2.13-1.fc32", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:56", "bulletinFamily": "unix", "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13662", "CVE-2020-13663"], "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "modified": "2020-09-13T14:19:12", "published": "2020-09-13T14:19:12", "id": "FEDORA:77A873096A19", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: drupal7-7.72-1.fc31", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:56", "bulletinFamily": "unix", "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13625", "CVE-2020-14295"], "description": "Cacti is a complete frontend to RRDTool. It stores all of the necessary information to create graphs and populate them with data in a MySQL database. The frontend is completely PHP driven. ", "modified": "2020-07-23T01:17:57", "published": "2020-07-23T01:17:57", "id": "FEDORA:86D5D3097097", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: cacti-1.2.13-1.fc31", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:56", "bulletinFamily": "unix", "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13662", "CVE-2020-13663"], "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "modified": "2020-09-13T14:28:32", "published": "2020-09-13T14:28:32", "id": "FEDORA:C7AFE309727E", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 32 Update: drupal7-7.72-1.fc32", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:56", "bulletinFamily": "unix", "cvelist": ["CVE-2018-18405", "CVE-2020-11022"], "description": "Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. ", "modified": "2020-05-31T03:31:15", "published": "2020-05-31T03:31:15", "id": "FEDORA:5F36E6079A0D", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 32 Update: drupal7-7.70-1.fc32", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "suse": [{"lastseen": "2020-11-10T02:25:56", "bulletinFamily": "unix", "cvelist": ["CVE-2020-11023", "CVE-2020-11022"], "description": "This update for otrs fixes the following issues:\n\n - otrs was updated to 6.0.30 (OSA-2020-14 boo#1178434)\n - CVE-2020-11022, CVE-2020-11023: Vulnerability in third-party library -\n jquery OTRS uses jquery version 3.4.1, which is vulnerable to\n cross-site scripting (XSS).\n\n", "edition": 1, "modified": "2020-11-10T00:14:54", "published": "2020-11-10T00:14:54", "id": "OPENSUSE-SU-2020:1888-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html", "title": "Security update for otrs (moderate)", "type": "suse", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-07-26T01:26:32", "bulletinFamily": "unix", "cvelist": ["CVE-2020-11023", "CVE-2020-11022", "CVE-2020-13625", "CVE-2020-14295"], "description": "This update for cacti, cacti-spine fixes the following issues:\n\n - cacti 1.2.13:\n\n * Query XSS vulnerabilities require vendor package update\n (CVE-2020-11022 / CVE-2020-11023)\n * Lack of escaping on some pages can lead to XSS exposure\n * Update PHPMailer to 6.1.6 (CVE-2020-13625)\n * SQL Injection vulnerability due to input validation failure when\n editing colors (CVE-2020-14295, boo#1173090)\n * Lack of escaping on template import can lead to XSS exposure\n\n - switch from cron to systemd timers (boo#1115436):\n + cacti-cron.timer\n + cacti-cron.service\n - avoid potential root escalation on systems with fs.protected_hardlinks=0\n (boo#1154087): handle directory permissions in file section instead\n of using chown during post installation\n - rewrote apache configuration to get rid of .htaccess files and\n explicitely disable directory permissions per default (only allow a\n limited, well-known set of directories)\n\n", "edition": 1, "modified": "2020-07-26T00:14:58", "published": "2020-07-26T00:14:58", "id": "OPENSUSE-SU-2020:1060-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00068.html", "title": "Security update for cacti, cacti-spine (moderate)", "type": "suse", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-07-28T05:26:45", "bulletinFamily": "unix", "cvelist": ["CVE-2020-11023", "CVE-2020-11022", "CVE-2020-13625", "CVE-2020-14295"], "description": "This update for cacti, cacti-spine fixes the following issues:\n\n - cacti 1.2.13:\n\n * Query XSS vulnerabilities require vendor package update\n (CVE-2020-11022 / CVE-2020-11023)\n * Lack of escaping on some pages can lead to XSS exposure\n * Update PHPMailer to 6.1.6 (CVE-2020-13625)\n * SQL Injection vulnerability due to input validation failure when\n editing colors (CVE-2020-14295, boo#1173090)\n * Lack of escaping on template import can lead to XSS exposure\n\n - switch from cron to systemd timers (boo#1115436):\n + cacti-cron.timer\n + cacti-cron.service\n - avoid potential root escalation on systems with fs.protected_hardlinks=0\n (boo#1154087): handle directory permissions in file section instead\n of using chown during post installation\n - rewrote apache configuration to get rid of .htaccess files and\n explicitely disable directory permissions per default (only allow a\n limited, well-known set of directories)\n\n\n This update was imported from the openSUSE:Leap:15.1:Update update project.\n\n", "edition": 1, "modified": "2020-07-28T03:14:04", "published": "2020-07-28T03:14:04", "id": "OPENSUSE-SU-2020:1106-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html", "title": "Security update for cacti, cacti-spine (moderate)", "type": "suse", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "hp": [{"lastseen": "2020-12-24T13:21:55", "bulletinFamily": "software", "cvelist": ["CVE-2020-11023", "CVE-2020-11022"], "description": "## Potential Security Impact\nCross-site Scripting (XSS)\n\n**Source:** HP, HP Product Security Response Team (PSRT) \n\n**Reported by:** The jQuery Foundation \n\n## VULNERABILITY SUMMARY\nA potential security vulnerability has been identified for certain HP printers and MFPs. In jQuery versions before 3.5.0, passing HTML from untrusted sources may execute untrusted code.\n\njQuery is a JavaScript library used to simplify website creation and execution. It is open source software used in many available websites.\n\n## RESOLUTION\nHP has provided firmware updates for potentially impacted printers for the products listed in the table below.\n\nTo obtain the updated firmware, go to the [HP Software site](<https://support.hp.com/drivers/>) and search for your printer model. \n\n> note:\n> \n> For firmware marked with *, please contact HP support to obtain the firmware update.\n\nProduct name\n\n| \n\nModel Numbers\n\n| \n\nFirmware Version \n \n---|---|--- \n \nHP Color LaserJet Enterprise Flow MFP M880z\n\nHP Color LaserJet Managed Flow MFP M880zm\n\n| \n\nD7P70A, A2W75A, A2W76A, D7P70A, D7P71A, L3U51A, L3U52A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Enterprise M552\n\n| \n\nB5L23A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Enterprise M553\n\nHP Color LaserJet Managed M553\n\n| \n\nB5L24A, B5L25A, B5L26A, BL27A, B5L38A, B5L39A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Enterprise M651\n\nHP Color LaserJet Managed M651\n\n| \n\nCZ255A, CZ256A, CZ257A, H0DC9A, L8Z07A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Enterprise M652\n\n| \n\nJ7Z98A, J7Z99A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Enterprise M653\n\n| \n\nJ8A04A, J8A05A, J8A06A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Enterprise M751\n\nHP Color LaserJet Managed E75245\n\n| \n\nT3U43A, T3U44A, T3U64A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Enterprise M855\n\n| \n\nA2W77A, A2W78A, A2W79A, D7P72A, D7P73A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Enterprise M856\n\nHP Color LaserJet Managed E85055\n\n| \n\nT3U51A, T3U52A, T3U66A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Enterprise MFP M577\n\nHP Color LaserJet Enterprise Flow MFP M577\n\n| \n\nB5L46A, B5L47A, B5L48A, B5L54A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Enterprise MFP M680\n\nHP Color LaserJet Enterprise Flow MFP M680\n\n| \n\nCZ248A, CZ249A, CZ250A, CA251A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Enterprise MFP M681\n\nHP Color LaserJet Enterprise Flow MFP M681\n\n| \n\nJ8A10A, J8A11A J8A12A, J8A13A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Enterprise MFP M682\n\nHP Color LaserJet Enterprise flow MFP M682\n\n| \n\nJ8A16A, J8A17A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Enterprise MFP M776\n\nHP Color LaserJet Enterprise Flow MFP M776\n\n| \n\nT3U55A, T3U56A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Managed E55040dw\n\n| \n\n3GX98A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Managed E65050/60\n\n| \n\nL3U55A, L3U56A, L3U57A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Managed Flow MFP E77822/25/30\n\n| \n\nX3A77A, X3A80A, X3A83A, Z8Z01A, Z8Z0A, Z8Z05A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Managed MFP E57540\n\nHP Color LaserJet Managed Flow MFP E57540\n\n| \n\n3GY25A, 3GY26A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Managed MFP E67550/60\n\nHP Color LaserJet Managed Flow MFP E67550/60\n\n| \n\nL3U66A, L3U67A, L3U69A, L3U70A,\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Managed MFP E67650/60\n\n| \n\n3GY31A, 3GY32A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Managed MFP E77422/28\n\n| \n\n5CM75A, 5CM76A, 5CM77A, 5CM78A, 5CM79A, 5RC91A, 5RC92A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Managed MFP E77822/25/30\n\n| \n\nX3A78A, X3A81A, X3A84A, Z8Z00A, Z8Z02A, Z8Z04A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Managed MFP E78223/28\n\n| \n\n8GS12A, 8GS13A, 8GS14A, 8GS15A, 8GS36A, 8GS37A, 8GS43A, 8GS44A, 8GS50A, 17F27AW, 19GSAW,\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Managed MFP E87640/50/60\n\nHP Color LaserJet Managed Flow MFP E87640/50/60\n\n| \n\nX3A86A, X3A87A, X3A89A, X3A90A, X3A92A, X3A93A, Z8Z12A, Z8Z13A, Z8Z14A, Z8Z15A, Z8Z16A, Z8Z17A, 5CM63A, 5CM64A, 5CM65A, 5CM66A, 5RC87A, 5FM80A, 5FM81A, 5FM82A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Managed MFP M577\n\nHP Color LaserJet Managed Flow MFP M577\n\n| \n\nB5L49A, B5L50A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Color LaserJet Managed MFP M680\n\nHP Color LaserJet Managed Flow MFP M680\n\n| \n\nL3U47A, L3U48A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP Digital Sender flow 8500 fn2 Document Capture Workstation\n\n| \n\nL2762A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise 500 Color MFP M575\n\nHP LaserJet Enterprise Color Flow MFP M575\n\n| \n\nCD644A, CD645A, CD646A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise 500 MFP M525f\n\nHP LaserJet Enterprise Flow MFP M525\n\n| \n\nCF116A, CF117A, CF118A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise 700 Color MFP M775\n\nHP Color LaserJet Managed MFP M775\n\n| \n\nCF304A, CC522A, CC523A, CC524A, L3U49A, L3U50A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise Flow MFP M630\n\nHP LaserJet Managed Flow MFP M630\n\n| \n\nB3G86A, P7Z47A, L3U62A, P7Z48A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise Flow MFP M830\n\nHP LaserJet Managed Flow MFP M830\n\n| \n\nCF367A, L3U65A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise M506\n\nHP LaserJet Managed M506\n\n| \n\nF2A68A, F2A69A, F2A70A, F2A71A, F2A66A, F2A67A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise M507\n\nHP LaserJet Managed E50145\n\n| \n\n1PV86A, 1PV87A, 1PV88A, 1PV89A, 1PU51A, 1PU52A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise M604\n\n| \n\nE6B67A, E6B68A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise M605\n\nHP LaserJet Managed M605\n\n| \n\nE6B69A, E6B70A. E6B71A, L3U53A, L3U54A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise M606\n\n| \n\nE6B72A, E6B73A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise M607\n\n| \n\nK0Q14A, K0Q15A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise M608\n\n| \n\nK0Q17A, K0Q18A, K0Q19A, M0P32A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise M609\n\n| \n\nK0Q20A, K0Q21A, K0Q22A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise M610\n\n| \n\n7PS81A, 7PS82A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise M611\n\n| \n\n7PS83A, 7PS84A, 7PS85A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise M612\n\n| \n\n7PS86A, 7PS87A, 7PS88A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise M806\n\n| \n\nCZ244A, CZ245A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise MFP M527\n\nHP LaserJet Enterprise Flow MFP M527z\n\n| \n\nF2A76A, F2A77A, F2A78A, F2A81A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise MFP M528\n\nHP LaserJet Managed MFP E52645\n\n| \n\n1PV49A, 1PS54A, 1PS55A, 1PV64A, 1PV65A, 1PV66A, 1PV67A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise MFP M630\n\nHP LaserJet Managed MFP M630\n\n| \n\nB3G84A, B3G85A, J7X28A, L3U61A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise MFP M631\n\nHP LaserJet Enterprise Flow MFP M631\n\n| \n\nJ8J63A, J8J64A, J8J65A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise MFP M632\n\nHP LaserJet Enterprise Flow MFP M632\n\n| \n\nJ8J70A, J8J71A, J8J72A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise MFP M633\n\nHP LaserJet Enterprise Flow MFP M633\n\n| \n\nJ8J76A, J8J78A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise MFP M634\n\nHP LaserJet Enterprise Flow MFP M634\n\n| \n\n7PS94A, 7PS95A, 7PS96A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise MFP M635\n\nHP LaserJet Enterprise Flow MFP M635\n\n| \n\n7PS97A, 7PS98A, 7PS99A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise MFP M636\n\nHP LaserJet Enterprise Flow MFP M636\n\n| \n\n7PT00A, 7PT01A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Enterprise MFP M725\n\nHP LaserJet Managed MFP M725\n\n| \n\nCF066A, CF067A, CF068A, CF069A, L3U63A, L3U64A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Managed 500 Color MFP M575\n\nHP LaserJet Managed Color Flow MFP M575\n\n| \n\nL3U45a, L3U46A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Managed 500 MFP M525\n\nHP LaserJet Managed Flow MFP M525\n\n| \n\nL3U59A, L3U60A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Managed E50045\n\n| \n\n3GN19A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Managed E60055/65/75\n\n| \n\nM0P33A, M0P35A, M0P36A, M0P39A, M0P40A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Managed MFP E52545\n\nHP LaserJet Managed flow MFP E52545c\n\n| \n\n3GY19A, 3GY20A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Managed MFP E62555/65\n\nHP LaserJet Managed flow MFP E62555/65/75\n\n| \n\nJ8J66A, J8J67A, J8J73A, J8J74A, J8J79A, J8J80A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Managed MFP E62655/65\n\nHP LaserJet Managed Flow MFP E62675\n\n| \n\n3GY14A, 3GY15A, 3GY16A, 3GY17A, 3GY18A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Managed MFP E72425/30\n\n| \n\n5CM68A, 5CM69A, 5CM70A, 5CM71A, 5CM72A, 5RC89A, 5RC90A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Managed MFP E72525/30/35\n\nHP LaserJet Managed Flow MFP E72525/30/35\n\n| \n\nX3A59A, X3A60A, X3A62A, X3A63A, X3A65A, X3A66A, Z8Z06A, Z8Z07A, Z8Z08A, Z8Z09A, Z8Z010A, Z8Z011A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Managed MFP E82540/50/60\n\nHP LaserJet Managed Flow MFP E82540/50/60\n\n| \n\nX3A68A, X3A69A, X3A71A, X3A72A, X3A74A, X3A75A, X3A79A, X3A82A, Z8Z18A, Z8Z19, AZ8Z20A, Z8Z22A, Z8Z23A, 5CM59A, 5RC83A, 5CM58A, 5CM60A, 5RC84A, 5CM61A, 5RC85A, 5FM77A, 5FM78A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP LaserJet Managed MFP M527\n\nHP LaserJet Managed Flow MFP M527z\n\n| \n\nF2A79A, F2A80A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP OfficeJet Enterprise Color MFP X585\n\nHP OfficeJet Managed Color MFP X585\n\n| \n\nB5L04A, B5L05A, L3U40A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP OfficeJet Enterprise Color X555\n\n| \n\nC2S11A, C2S12A, L1H45A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP PageWide Color 755\n\n| \n\n4PZ47A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP PageWide Color MFP 774\n\n| \n\n4PZ43A, 4PA44A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP PageWide Color MFP 779\n\n| \n\n4PZ45A, 4PZ46A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP PageWide Enterprise Color 556\n\n| \n\nG1W46A, G1W46V, G1W47A, G1W47V\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP PageWide Enterprise Color 765\n\n| \n\nJ7Z04A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP PageWide Enterprise Color MFP 586\n\nHP PageWide Enterprise Color Flow MFP 586z\n\n| \n\nG1W39A, G1W40A, G1W41A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP PageWide Managed Color E55650\n\n| \n\nL3U44A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP PageWide Managed Color E75160\n\n| \n\nJ7Z06A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP PageWide Managed Color Flow MFP E77660z\n\n| \n\nZ5G77A, J7Z03A, J7Z07A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP PageWide Managed Color MFP E58650dn\n\nHP PageWide Managed Color Flow MFP E58650z\n\n| \n\nL3U42A, L3U43A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP PageWide Managed Color MFP E77650\n\nHP PageWide Managed Color Flow MFP E77650/60z\n\n| \n\nJ7Z13A, Z5G79A, J7Z08A, J7Z14A, J7Z05A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP PageWide Managed Color MFP P77940/50/60\n\n| \n\nY3Z61A, Y3Z62A, Y3Z63A, Y3Z64A, Y3Z65A, Y3Z66A, Y3Z68A, 2GP22A, 2GP23A, 2GP25A, 2GP26A, 5ZN98A, 5ZN99A, 5ZP00A, 5ZP01A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP PageWide Managed Color P75250\n\n| \n\nY3Z49A\n\n| \n\nFS4: 4.11.01 (or higher) \n \nHP ScanJet Enterprise flow N9120 fn2 Document Scanner\n\n| \n\nL2763A\n\n| \n\nFS4: 4.11.01 (or higher)\n", "edition": 2, "modified": "2020-09-17T00:00:00", "published": "2020-09-17T00:00:00", "id": "HP:C06911998", "href": "https://support.hp.com/us-en/document/c06911998", "title": "HPSBPI03688 rev. 1 - Certain HP Printer and MFP products - Cross-Site Scripting (XSS)", "type": "hp", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "redhat": [{"lastseen": "2020-10-08T07:47:06", "bulletinFamily": "unix", "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-7656"], "description": "Red Hat AMQ Interconnect is a component of the AMQ 7 product family. AMQ Interconnect provides flexible routing of messages between AMQP-enabled endpoints, whether they are clients, servers, brokers, or any other entity that can send or receive standard AMQP messages.\n\nThis release of Red Hat AMQ Interconnect 1.9.0 serves as a replacement for Red Hat AMQ Interconnect 1.8.0 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* jQuery: allows XSS via the load method (CVE-2020-7656)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-10-08T10:53:34", "published": "2020-10-08T10:44:00", "id": "RHSA-2020:4211", "href": "https://access.redhat.com/errata/RHSA-2020:4211", "type": "redhat", "title": "(RHSA-2020:4211) Moderate: Red Hat AMQ Interconnect 1.9.0 release and security update", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-09-23T17:42:48", "bulletinFamily": "unix", "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-14333", "CVE-2020-8203"], "description": "The org.ovirt.engine-root is a core component of oVirt.\n\nThe following packages have been upgraded to a later upstream version: ansible-runner-service (1.0.5), org.ovirt.engine-root (4.4.2.3), ovirt-engine-dwh (4.4.2.1), ovirt-engine-extension-aaa-ldap (1.4.1), ovirt-engine-ui-extensions (1.2.3), ovirt-log-collector (4.4.3), ovirt-web-ui (1.6.4), rhvm-branding-rhv (4.4.5), rhvm-dependencies (4.4.1), vdsm-jsonrpc-java (1.5.5). (BZ#1674420, BZ#1866734)\n\nA list of bugs fixed in this update is available in the Technical Notes\nbook:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes\n\nSecurity Fix(es):\n\n* nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\n* ovirt-engine: Reflected cross site scripting vulnerability (CVE-2020-14333)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Cannot assign direct LUN from FC storage - grayed out (BZ#1625499)\n\n* VM portal always asks how to open console.vv even it has been set to default application. (BZ#1638217)\n\n* RESTAPI Not able to remove the QoS from a disk profile (BZ#1643520)\n\n* On OVA import, qemu-img fails to write to NFS storage domain (BZ#1748879)\n\n* Possible missing block path for a SCSI host device needs to be handled in the UI (BZ#1801206)\n\n* Scheduling Memory calculation disregards huge-pages (BZ#1804037)\n\n* Engine does not reduce scheduling memory when a VM with dynamic hugepages runs. (BZ#1804046)\n\n* In Admin Portal, \"Huge Pages (size: amount)\" needs to be clarified (BZ#1806339)\n\n* Refresh LUN is using host from different Data Center to scan the LUN (BZ#1838051)\n\n* Unable to create Windows VM's with Mozilla Firefox version 74.0.1 and greater for RHV-M GUI/Webadmin portal (BZ#1843234)\n\n* [RHV-CNV] - NPE when creating new VM in cnv cluster (BZ#1854488)\n\n* [CNV&RHV] Add-Disk operation failed to complete. (BZ#1855377)\n\n* Cannot create KubeVirt VM as a normal user (BZ#1859460)\n\n* Welcome page - remove Metrics Store links and update \"Insights Guide\" link (BZ#1866466)\n\n* [RHV 4.4] Change in CPU model name after RHVH upgrade (BZ#1869209)\n\n* VM vm-name is down with error. Exit message: unsupported configuration: Can't add USB input device. USB bus is disabled. (BZ#1871235)\n\n* spec_ctrl host feature not detected (BZ#1875609)\n\nEnhancement(s):\n\n* [RFE] API for changed blocks/sectors for a disk for incremental backup usage (BZ#1139877)\n\n* [RFE] Improve workflow for storage migration of VMs with multiple disks (BZ#1749803)\n\n* [RFE] Move the Remove VM button to the drop down menu when viewing details such as snapshots (BZ#1763812)\n\n* [RFE] enhance search filter for Storage Domains with free argument (BZ#1819260)", "modified": "2020-09-23T20:03:00", "published": "2020-09-23T19:54:23", "id": "RHSA-2020:3807", "href": "https://access.redhat.com/errata/RHSA-2020:3807", "type": "redhat", "title": "(RHSA-2020:3807) Moderate: Red Hat Virtualization security, bug fix, and enhancement update", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-11-30T15:32:47", "bulletinFamily": "unix", "cvelist": ["CVE-2019-18874", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-7676", "CVE-2020-7720", "CVE-2020-7743"], "description": "* Fixed two jQuery vulnerabilities (CVE-2020-11022, CVE-2020-11023)\n* Improved Ansible Tower's web service configuration to allow for processing more simultaneous HTTP(s) requests by default\n* Updated several dependencies of Ansible Tower's User Interface to address (CVE-2020-7720, CVE-2020-7743, CVE-2020-7676)\n* Updated to the latest version of python-psutil to address CVE-2019-18874\n* Added several optimizations to improve performance for a variety of high-load simultaneous job launch use cases\n* Fixed workflows to no longer prevent certain users from being able to edit approval nodes\n* Fixed confusing behavior for social auth logins across distinct browser tabs\n* Fixed launching of Job Templates that use prompt-at-launch Ansible Vault credentials", "modified": "2020-11-30T19:01:12", "published": "2020-11-30T19:00:30", "id": "RHSA-2020:5249", "href": "https://access.redhat.com/errata/RHSA-2020:5249", "type": "redhat", "title": "(RHSA-2020:5249) Moderate: security update - Red Hat Ansible Tower 3.7.4-1 - RHEL7 Container", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-15T21:29:39", "bulletinFamily": "unix", "cvelist": ["CVE-2020-11023"], "description": "python-XStatic-jQuery is the jQuery javascript library packaged for Python's setuptools\n\nSecurity Fix(es):\n\n* Passing HTML containing <option> elements to manipulation methods could\nresult in untrusted code execution (CVE-2020-11023)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.", "modified": "2020-12-15T23:21:27", "published": "2020-12-15T22:29:55", "id": "RHSA-2020:5412", "href": "https://access.redhat.com/errata/RHSA-2020:5412", "type": "redhat", "title": "(RHSA-2020:5412) Moderate: python-XStatic-jQuery224 security update", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-05-28T11:52:51", "bulletinFamily": "unix", "cvelist": ["CVE-2020-11022"], "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* jquery: Cross-site scripting was present due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s)\nlisted in the References section.", "modified": "2020-05-28T15:24:06", "published": "2020-05-28T15:08:25", "id": "RHSA-2020:2217", "href": "https://access.redhat.com/errata/RHSA-2020:2217", "type": "redhat", "title": "(RHSA-2020:2217) Moderate: OpenShift Container Platform 3.11 security update", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-07-24T02:02:36", "bulletinFamily": "unix", "cvelist": ["CVE-2019-11252", "CVE-2019-11254", "CVE-2019-11358", "CVE-2020-10749", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-8558", "CVE-2020-9283"], "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allowed for panic (CVE-2020-9283)\n\n* kubernetes: Denial of service in API server via crafted YAML payloads by authorized users (CVE-2019-11254)\n\n* js-jquery: prototype pollution in object's prototype led to denial of service or remote code execution or property injection (CVE-2019-11358)\n\n* kubernetes: node localhost services reachable via martian packets (CVE-2020-8558)\n\n* containernetworking/plugins: IPv6 router advertisements allowed for MitM attacks on IPv4 clusters (CVE-2020-10749)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-07-24T04:24:13", "published": "2020-07-13T21:07:56", "id": "RHSA-2020:2412", "href": "https://access.redhat.com/errata/RHSA-2020:2412", "type": "redhat", "title": "(RHSA-2020:2412) Moderate: OpenShift Container Platform 4.5 container image security update", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-02-19T02:30:16", "bulletinFamily": "unix", "cvelist": ["CVE-2017-18635", "CVE-2019-10086", "CVE-2019-13990", "CVE-2019-17195", "CVE-2019-19336", "CVE-2019-8331", "CVE-2020-10775", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-7598"], "description": "The ovirt-engine package provides the Red Hat Virtualization Manager, a\ncentralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning. \n\nThe Manager is a JBoss Application Server application that provides several interfaces through which the virtual environment can be accessed and interacted with, including an Administration Portal, a VM Portal, and a Representational State Transfer (REST) Application Programming Interface (API).\n\nA list of bugs fixed in this update is available in the Technical Notes\nbook:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes\n\nSecurity Fix(es):\n\n* apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086)\n\n* libquartz: XXE attacks via job description (CVE-2019-13990)\n\n* novnc: XSS vulnerability via the messages propagated to the status field (CVE-2017-18635)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* nimbus-jose-jwt: Uncaught exceptions while parsing a JWT (CVE-2019-17195)\n\n* ovirt-engine: response_type parameter allows reflected XSS (CVE-2019-19336)\n\n* nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload (CVE-2020-7598)\n\n* ovirt-engine: Redirect to arbitrary URL allows for phishing (CVE-2020-10775)\n\n* Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2021-02-19T06:48:36", "published": "2020-08-04T16:44:40", "id": "RHSA-2020:3247", "href": "https://access.redhat.com/errata/RHSA-2020:3247", "type": "redhat", "title": "(RHSA-2020:3247) Important: RHV Manager (ovirt-engine) 4.4 security, bug fix, and enhancement update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-02-17T14:32:06", "bulletinFamily": "unix", "cvelist": ["CVE-2020-10719", "CVE-2020-10748", "CVE-2020-10969", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-1694", "CVE-2020-1697", "CVE-2020-1714", "CVE-2020-8840", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548"], "description": "Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.4.1 serves as a replacement for Red Hat Single Sign-On 7.4.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: verify-token-audience support is missing in the NodeJS adapter (CVE-2020-1694)\n\n* keycloak: Lack of checks in ObjectInputStream leading to Remote Code Execution (CVE-2020-1714)\n\n* js-jquery: jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* js-jquery: jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\n* undertow: invalid HTTP request with large chunk size (CVE-2020-10719)\n\n* keycloak: top-level navigations to data URLs resulting in XSS are possible (incomplete fix of CVE-2020-1697) (CVE-2020-10748)\n\n* jackson-databind: Lacks certain xbean-reflect/JNDI blocking (CVE-2020-8840)\n\n* jackson-databind: Serialization gadgets in shaded-hikari-config (CVE-2020-9546)\n\n* jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547)\n\n* jackson-databind: Serialization gadgets in anteros-core (CVE-2020-9548)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2021-02-17T19:07:55", "published": "2020-07-02T17:17:12", "id": "RHSA-2020:2813", "href": "https://access.redhat.com/errata/RHSA-2020:2813", "type": "redhat", "title": "(RHSA-2020:2813) Important: Red Hat Single Sign-On 7.4.1 security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-15T17:52:22", "bulletinFamily": "unix", "cvelist": ["CVE-2019-10744", "CVE-2020-11022", "CVE-2020-12459", "CVE-2020-7598"], "description": "Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.\n\nSecurity Fix(es):\n\n* nodejs-lodash: prototype pollution in defaultsDeep function leading to modifying properties (CVE-2019-10744)\n\n* nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload (CVE-2020-7598)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* grafana: information disclosure through world-readable grafana configuration files (CVE-2020-12459)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-06-02T19:27:24", "published": "2020-06-02T19:21:32", "id": "RHSA-2020:2362", "href": "https://access.redhat.com/errata/RHSA-2020:2362", "type": "redhat", "title": "(RHSA-2020:2362) Moderate: Red Hat OpenShift Service Mesh security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-10T10:21:15", "bulletinFamily": "unix", "cvelist": ["CVE-2015-9251", "CVE-2016-10735", "CVE-2018-14040", "CVE-2018-14042", "CVE-2019-10146", "CVE-2019-10179", "CVE-2019-10221", "CVE-2019-11358", "CVE-2019-8331", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-15720", "CVE-2020-1721"], "description": "The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.\n\nSecurity Fix(es):\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\n* pki: Dogtag's python client does not validate certificates (CVE-2020-15720)\n\n* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)\n\n* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)\n\n* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)\n\n* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.", "modified": "2020-11-04T05:03:31", "published": "2020-11-03T17:29:58", "id": "RHSA-2020:4847", "href": "https://access.redhat.com/errata/RHSA-2020:4847", "type": "redhat", "title": "(RHSA-2020:4847) Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "typo3": [{"lastseen": "2020-11-12T01:21:08", "bulletinFamily": "software", "cvelist": ["CVE-2020-11022", "CVE-2020-11023", "CVE-2020-16095"], "description": "The extension fails to properly encode user input for output in HTML context. In addition, the extension also includes jQuery 3.4.1 which is known to be vulnerable against Cross Site Scripting.\n", "modified": "2020-07-29T00:00:00", "published": "2020-07-29T00:00:00", "id": "TYPO3-EXT-SA-2020-015", "href": "https://typo3.org/security/advisory/typo3-ext-sa-2020-015", "type": "typo3", "title": "Cross-Site Scripting in extension \"Kitodo.Presentation\" (dlf)", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "gentoo": [{"lastseen": "2020-07-27T03:26:59", "bulletinFamily": "unix", "cvelist": ["CVE-2020-11023", "CVE-2020-11022", "CVE-2020-14295"], "description": "### Background\n\nCacti is a complete frontend to rrdtool.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Cacti. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nPlease review the referenced CVE identifiers for details.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Cacti users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-analyzer/cacti-1.2.13\"\n \n\nAll Cacti Spine users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-analyzer/cacti-spine-1.2.13\"", "edition": 1, "modified": "2020-07-26T00:00:00", "published": "2020-07-26T00:00:00", "id": "GLSA-202007-03", "href": "https://security.gentoo.org/glsa/202007-03", "title": "Cacti: Multiple vulnerabilities", "type": "gentoo", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2020-07-29T23:26:17", "bulletinFamily": "unix", "cvelist": ["CVE-2020-11023", "CVE-2020-11022", "CVE-2020-13625", "CVE-2020-14295"], "description": "\nCacti developers reports:\n\nMultiple fixes for bundled jQuery to prevent\n\t code exec (CVE-2020-11022, CVE-2020-11023).\nPHPMail contains a escaping bug\n\t (CVE-2020-13625).\nSQL Injection via color.php in Cacti\n\t (CVE-2020-14295).\n\n", "edition": 1, "modified": "2020-07-15T00:00:00", "published": "2020-07-15T00:00:00", "id": "CD2DC126-CFE4-11EA-9172-4C72B94353B5", "href": "https://vuxml.freebsd.org/freebsd/cd2dc126-cfe4-11ea-9172-4c72b94353b5.html", "title": "Cacti -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-09-21T14:41:47", "bulletinFamily": "unix", "cvelist": ["CVE-2020-13303", "CVE-2020-13307", "CVE-2020-11022", "CVE-2020-13306", "CVE-2020-13302", "CVE-2020-13300", "CVE-2020-13289", "CVE-2020-13308", "CVE-2020-13311", "CVE-2020-13314", "CVE-2020-13299", "CVE-2020-13287", "CVE-2020-13315", "CVE-2020-13304", "CVE-2020-13317", "CVE-2020-13309", "CVE-2020-13297", "CVE-2020-13284", "CVE-2020-13310", "CVE-2020-13318", "CVE-2020-13298", "CVE-2020-13313", "CVE-2020-13301", "CVE-2020-13305", "CVE-2020-13316"], "description": "\nGitlab reports:\n\nVendor Cross-Account Assume-Role Attack\nStored XSS on the Vulnerability Page\nOutdated Job Token Can Be Reused to Access Unauthorized Resources\nFile Disclosure Via Workhorse File Upload Bypass\nUnauthorized Maintainer Can Edit Group Badge\nDenial of Service Within Wiki Functionality\nSign-in Vulnerable to Brute-force Attacks\nInvalidated Session Allows Account Access With an Old Password\nGitLab Omniauth Endpoint Renders User Controlled Messages\nBlind SSRF Through Repository Mirroring\nInformation Disclosure Through Incorrect Group Permission Verifications\nNo Rate Limit on GitLab Webhook Feature\nGitLab Session Revocation Feature Does Not Invalidate All Sessions\nOAuth Authorization Scope for an External Application Can Be Changed Without User Consent\nUnauthorized Maintainer Can Delete Repository\nImproper Verification of Deploy-Key Leads to Access Restricted Repository\nDisabled Repository Still Accessible With a Deploy-Token\nDuplicated Secret Code Generated by 2 Factor Authentication Mechanism\nLack of Validation Within Project Invitation Flow\nCurrent Sessions Not Invalidated Upon Enabling 2 Factor Authentication\nUsers Without 2 Factor Authentication Can Be Blocked Accessing GitLab\nLack of Upper Bound Check Leading to Possible Denial of Service\n2 Factor Authentication for Groups Was Not Enforced Within API Endpoint\nGitLab Runner Denial of Service via CI Jobs\nUpdate jQuery Dependency\n\n", "edition": 3, "modified": "2020-09-02T00:00:00", "published": "2020-09-02T00:00:00", "id": "1FB13175-ED52-11EA-8B93-001B217B3468", "href": "https://vuxml.freebsd.org/freebsd/1fb13175-ed52-11ea-8b93-001b217b3468.html", "title": "Gitlab -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "github": [{"lastseen": "2021-02-19T22:49:00", "bulletinFamily": "software", "cvelist": ["CVE-2020-11023"], "description": "### Impact\nPassing HTML containing `<option>` elements from untrusted sources - even after sanitizing them - to one of jQuery's DOM manipulation methods (i.e. `.html()`, `.append()`, and others) may execute untrusted code.\n\n### Patches\nThis problem is patched in jQuery 3.5.0.\n\n### Workarounds\nTo workaround this issue without upgrading, use [DOMPurify](https://github.com/cure53/DOMPurify) with its `SAFE_FOR_JQUERY` option to sanitize the HTML string before passing it to a jQuery method.\n\n### References\nhttps://blog.jquery.com/2020/04/10/jquery-3-5-0-released/\n\n### For more information\nIf you have any questions or comments about this advisory, search for a relevant issue in [the jQuery repo](https://github.com/jquery/jquery/issues). If you don't find an answer, open a new issue.", "edition": 9, "modified": "2021-02-19T19:13:52", "published": "2020-04-29T22:19:14", "id": "GHSA-JPCQ-CGW6-V4J6", "href": "https://github.com/advisories/GHSA-jpcq-cgw6-v4j6", "title": "Potential XSS vulnerability in jQuery", "type": "github", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-02-19T22:49:00", "bulletinFamily": "software", "cvelist": ["CVE-2020-11022"], "description": "### Impact\nPassing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. `.html()`, `.append()`, and others) may execute untrusted code.\n\n### Patches\nThis problem is patched in jQuery 3.5.0.\n\n### Workarounds\nTo workaround the issue without upgrading, adding the following to your code:\n\n```js\njQuery.htmlPrefilter = function( html ) {\n\treturn html;\n};\n```\n\nYou need to use at least jQuery 1.12/2.2 or newer to be able to apply this workaround.\n\n### References\nhttps://blog.jquery.com/2020/04/10/jquery-3-5-0-released/\nhttps://jquery.com/upgrade-guide/3.5/\n\n### For more information\nIf you have any questions or comments about this advisory, search for a relevant issue in [the jQuery repo](https://github.com/jquery/jquery/issues). If you don't find an answer, open a new issue.", "edition": 10, "modified": "2021-02-19T19:13:39", "published": "2020-04-29T22:18:55", "id": "GHSA-GXR4-XJJ5-5PX2", "href": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", "title": "Potential XSS vulnerability in jQuery", "type": "github", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "nodejs": [{"lastseen": "2020-09-29T11:10:36", "bulletinFamily": "software", "cvelist": ["CVE-2020-11022"], "description": "## Overview\n\nVersions of `jquery` prior to 3.5.0 are vulnerable to Cross-Site Scripting. Passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute arbitrary JavaScript in a victim's browser.\n\n## Recommendation\n\nUpgrade to version 3.5.0 or later.\n\n## References\n\n- [GitHub Advisory](https://github.com/advisories/GHSA-gxr4-xjj5-5px2)", "modified": "2020-05-13T19:06:57", "published": "2020-04-30T18:19:09", "id": "NODEJS:1518", "href": "https://www.npmjs.com/advisories/1518", "type": "nodejs", "title": "Cross-Site Scripting", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "oraclelinux": [{"lastseen": "2020-10-07T06:51:40", "bulletinFamily": "unix", "cvelist": ["CVE-2015-9251", "CVE-2019-11358", "CVE-2020-11022", "CVE-2019-8331", "CVE-2018-20677", "CVE-2018-14042", "CVE-2020-1722", "CVE-2016-10735", "CVE-2018-14040", "CVE-2018-20676"], "description": "[4.6.8-5.0.1]\n- Blank out header-logo.png product-name.png\n- Replace login-screen-logo.png [Orabug: 20362818]\n[4.6.8-5.el7]\n- Resolves: #1826659 IPA: Ldap authentication failure due to Kerberos principal expiration UTC timestamp\n - ipa-pwd-extop: use timegm() instead of mktime() to preserve timezone offset\n[4.6.8-4.el7]\n- Resolves: #1842950 ipa-adtrust-install fails when replica is offline\n - ipa-adtrust-install: avoid failure when replica is offline\n- Resolves: #1831856 CVE-2020-11022 ipa: jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method\n - WebUI: Apply jQuery patch to fix htmlPrefilter issue\n[4.6.8-3.el7]\n- Resolves: #1834385 Man page syntax issue detected by rpminspect\n - Man pages: fix syntax issues\n- Resolves: #1829787 ipa service-del deletes the required principal when specified in lower/upper case\n - Make check_required_principal() case-insensitive\n- Resolves: #1825829 ipa-advise on a RHEL7 IdM server generate a configuration script for client having hardcoded python3\n - ipa-advise: fallback to /usr/libexec/platform-python if python3 not found\n- Resolves: #1812020 CVE-2015-9251 ipa: js-jquery: Cross-site scripting via cross-domain ajax requests\n - Web UI: Upgrade jQuery version 2.0.3 -> 3.4.1\n- Resolves: #1713487 CVE-2019-11358 ipa: js-jquery: prototype pollution in objects prototype leading to denial of service or remote code execution or property injection\n - Web UI: Upgrade jQuery version 2.0.3 -> 3.4.1\n[4.6.8-2.el7]\n- Resolves: #1802408 CVE-2020-1722 ipa: No password length restriction leads to denial of service\n - Add interactive prompt for the LDAP bind password to ipa-getkeytab\n - CVE-2020-1722: prevent use of too long passwords\n[4.6.8-1.el7]\n- Resolves: #1819725 - Rebase IPA to latest 4.6.x version\n- Resolves: #1817927 - host-add --password logs cleartext userpassword to Apache error log\n- Resolves: #1817923 - IPA upgrade is failing with error 'Failed to get request: bus, object_path and dbus_interface must not be None.'\n- Resolves: #1817922 - covscan memory leaks report\n- Resolves: #1817919 - Enable compat tree to provide information about AD users and groups on trust agents\n- Resolves: #1817918 - Secure tomcat AJP connector\n- Resolves: #1817886 - ipa group-add-member: prevent adding IPA objects as external members\n- Resolves: #1788718 - ipa-server-install incorrectly setting slew mode (-x) when setting up ntpd\n[4.6.6-12.el7]\n- Resolves: #1754902 - Running ipa-server-install fails when RHEL 7.7 packages are installed on RHEL 7.6\n- Resolves: #1404770 - ID Views: do not allow custom Views for the masters\n - idviews: prevent applying to a master\n- Resolves: #1801791 - Compatibility Schema difference in functionality for systems following RHEL 7.5 -> 7.6 upgrade path as opposed to new RHEL 7.6 systems\n - install/updates: move external members past schema compat update\n- Resolves: #1795890 - ipa-pkinit-manage enable fails on replica if it doesnt host the CA\n - pkinit setup: fix regression on master install\n - pkinit enable: use local dogtag only if host has CA\n- Resolves: #1788907 - Renewed certs are not picked up by IPA CAs\n - Allow an empty cookie in dogtag-ipa-ca-renew-agent-submit\n- Resolves: #1780548 - Man page ipa-cacert-manage does not display correctly on RHEL\n - ipa-cacert-manage man page: fix indentation\n- Resolves: #1782587 - add 'systemctl restart sssd' to warning message when adding trust agents to replicas\n - adtrust.py: mention restarting sssd when adding trust agents\n- Resolves: #1771356 - Default client configuration breaks ssh in FIPS mode\n - Use default ssh host key algorithms\n- Resolves: #1755535 - ipa-advise on a RHEL7 IdM server is not able to generate a configuration script for a RHEL8 IdM client\n - smartcard: make the ipa-advise script compatible with authselect/authconfig\n- Resolves: #1758406 - KRA authentication fails when IPA CA has custom Subject DN\n - upgrade: fix ipakra people entry 'description' attribute\n - krainstance: set correct issuer DN in uid=ipakra entry\n- Resolves: #1756568 - ipa-server-certinstall man page does not match built-in help\n - ipa-server-certinstall manpage: add missing options\n- Resolves: #1206690 - UPG not being enforced properly\n - ipa user_add: do not check group if UPG is disabled\n- Resolves: #1811982 - CVE-2018-14042 ipa: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip.\n- Resolves: #1811978 - CVE-2018-14040 ipa: bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute\n- Resolves: #1811972 - CVE-2016-10735 ipa: bootstrap: XSS in the data-target attribute\n- Resolves: #1811969 -CVE-2018-20676 ipa: bootstrap: XSS in the tooltip data-viewport attribute\n- Resolves: #1811966 - CVE-2018-20677 ipa: bootstrap: XSS in the affix configuration target property\n- Resolves: #1811962 - CVE-2019-8331 ipa: bootstrap: XSS in the tooltip or popover data-template attribute\n - Web UI: Upgrade Bootstrap version 3.3.7 -> 3.4.1\n- Resolves: #1769791 - Invisible part of notification area in Web UI intercepts clicks of some page elements\n - WebUI: Fix notification area layout\n- Resolves: #1545755 - ipa-replica-prepare should not update pki admin password\n - Fix indentation levels\n - ipa-pwd-extop: use SLAPI_BIND_TARGET_SDN\n - ipa-pwd-extop: dont check password policy for non-Kerberos account set by DM or a passsync manager\n - Dont save password history on non-Kerberos accounts", "edition": 1, "modified": "2020-10-06T00:00:00", "published": "2020-10-06T00:00:00", "id": "ELSA-2020-3936", "href": "http://linux.oracle.com/errata/ELSA-2020-3936.html", "title": "ipa security, bug fix, and enhancement update", "type": "oraclelinux", "cvss": {"score": 5.4, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:C"}}], "centos": [{"lastseen": "2020-10-20T23:11:17", "bulletinFamily": "unix", "cvelist": ["CVE-2015-9251", "CVE-2019-11358", "CVE-2020-11022", "CVE-2019-8331", "CVE-2018-20677", "CVE-2018-14042", "CVE-2020-1722", "CVE-2016-10735", "CVE-2018-14040", "CVE-2018-20676"], "description": "**CentOS Errata and Security Advisory** CESA-2020:3936\n\n\nRed Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.\n\nThe following packages have been upgraded to a later upstream version: ipa (4.6.8). (BZ#1819725)\n\nSecurity Fix(es):\n\n* js-jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip. (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* ipa: No password length restriction leads to denial of service (CVE-2020-1722)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2020-October/012733.html\n\n**Affected packages:**\nipa-client\nipa-client-common\nipa-common\nipa-python-compat\nipa-server\nipa-server-common\nipa-server-dns\nipa-server-trust-ad\npython2-ipaclient\npython2-ipalib\npython2-ipaserver\n\n**Upstream details at:**\n", "edition": 1, "modified": "2020-10-20T18:15:27", "published": "2020-10-20T18:15:27", "id": "CESA-2020:3936", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2020-October/012733.html", "title": "ipa, python2 security update", "type": "centos", "cvss": {"score": 5.4, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:C"}}], "amazon": [{"lastseen": "2020-11-10T12:36:35", "bulletinFamily": "unix", "cvelist": ["CVE-2015-9251", "CVE-2019-11358", "CVE-2020-11022", "CVE-2019-8331", "CVE-2018-20677", "CVE-2018-14042", "CVE-2018-14041", "CVE-2020-1722", "CVE-2016-10735", "CVE-2018-14040", "CVE-2018-20676"], "description": "**Issue Overview:**\n\njQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. ([CVE-2015-9251 __](<https://access.redhat.com/security/cve/CVE-2015-9251>))\n\nIn Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than [CVE-2018-14041 __](<https://access.redhat.com/security/cve/CVE-2018-14041>). ([CVE-2016-10735 __](<https://access.redhat.com/security/cve/CVE-2016-10735>))\n\nIn Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute. ([CVE-2018-14040 __](<https://access.redhat.com/security/cve/CVE-2018-14040>))\n\nIn Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. ([CVE-2018-14042 __](<https://access.redhat.com/security/cve/CVE-2018-14042>))\n\nIn Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute. ([CVE-2018-20676 __](<https://access.redhat.com/security/cve/CVE-2018-20676>))\n\nIn Bootstrap before 3.4.0, XSS is possible in the affix configuration target property. ([CVE-2018-20677 __](<https://access.redhat.com/security/cve/CVE-2018-20677>))\n\nA Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences. ([CVE-2019-11358 __](<https://access.redhat.com/security/cve/CVE-2019-11358>))\n\nA cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired. ([CVE-2019-8331 __](<https://access.redhat.com/security/cve/CVE-2019-8331>))\n\nA Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the 'HTML' function to inject Javascript into the page where that input is rendered, and have it delivered by the browser. ([CVE-2020-11022 __](<https://access.redhat.com/security/cve/CVE-2020-11022>))\n\nA flaw was found in IPA. When sending a very long password (>= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading to a denial of service and the website becoming unresponsive. The highest threat from this vulnerability is to system availability. ([CVE-2020-1722 __](<https://access.redhat.com/security/cve/CVE-2020-1722>))\n\n \n**Affected Packages:** \n\n\nipa\n\n \n**Issue Correction:** \nRun _yum update ipa_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n ipa-server-4.6.8-5.amzn2.aarch64 \n ipa-server-trust-ad-4.6.8-5.amzn2.aarch64 \n ipa-client-4.6.8-5.amzn2.aarch64 \n ipa-debuginfo-4.6.8-5.amzn2.aarch64 \n \n i686: \n ipa-server-4.6.8-5.amzn2.i686 \n ipa-server-trust-ad-4.6.8-5.amzn2.i686 \n ipa-client-4.6.8-5.amzn2.i686 \n ipa-debuginfo-4.6.8-5.amzn2.i686 \n \n noarch: \n python2-ipaserver-4.6.8-5.amzn2.noarch \n ipa-server-common-4.6.8-5.amzn2.noarch \n ipa-server-dns-4.6.8-5.amzn2.noarch \n python2-ipaclient-4.6.8-5.amzn2.noarch \n ipa-client-common-4.6.8-5.amzn2.noarch \n ipa-python-compat-4.6.8-5.amzn2.noarch \n python2-ipalib-4.6.8-5.amzn2.noarch \n ipa-common-4.6.8-5.amzn2.noarch \n \n src: \n ipa-4.6.8-5.amzn2.src \n \n x86_64: \n ipa-server-4.6.8-5.amzn2.x86_64 \n ipa-server-trust-ad-4.6.8-5.amzn2.x86_64 \n ipa-client-4.6.8-5.amzn2.x86_64 \n ipa-debuginfo-4.6.8-5.amzn2.x86_64 \n \n \n", "edition": 1, "modified": "2020-10-22T17:40:00", "published": "2020-10-22T17:40:00", "id": "ALAS2-2020-1519", "href": "https://alas.aws.amazon.com/AL2/ALAS-2020-1519.html", "title": "Medium: ipa", "type": "amazon", "cvss": {"score": 5.4, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:C"}}], "oracle": [{"lastseen": "2021-02-27T21:41:27", "bulletinFamily": "software", "cvelist": ["CVE-2012-2098", "CVE-2015-4000", "CVE-2015-8965", "CVE-2016-1000031", "CVE-2016-5725", "CVE-2017-12626", "CVE-2017-5611", "CVE-2017-5645", "CVE-2017-8028", "CVE-2018-0732", "CVE-2018-10237", "CVE-2018-11775", "CVE-2018-1258", "CVE-2018-1285", "CVE-2018-15756", "CVE-2018-20781", "CVE-2018-2587", "CVE-2018-7318", "CVE-2018-8032", "CVE-2018-9019", "CVE-2019-0188", "CVE-2019-0227", "CVE-2019-0230", "CVE-2019-0233", "CVE-2019-10086", "CVE-2019-10173", "CVE-2019-10246", "CVE-2019-10247", "CVE-2019-10744", "CVE-2019-11135", "CVE-2019-11269", "CVE-2019-11358", "CVE-2019-12399", "CVE-2019-12402", "CVE-2019-12415", "CVE-2019-13990", "CVE-2019-14862", "CVE-2019-1551", "CVE-2019-1559", "CVE-2019-17091", "CVE-2019-17195", "CVE-2019-17359", "CVE-2019-17563", "CVE-2019-17566", "CVE-2019-17569", "CVE-2019-20892", "CVE-2019-20907", "CVE-2019-2697", "CVE-2019-3773", "CVE-2019-3778", "CVE-2019-5427", "CVE-2019-7164", "CVE-2019-7548", "CVE-2019-9511", "CVE-2019-9513", "CVE-2020-10531", "CVE-2020-10543", "CVE-2020-10650", "CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10683", "CVE-2020-10722", "CVE-2020-10723", "CVE-2020-10724", "CVE-2020-10725", "CVE-2020-10726", "CVE-2020-10878", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-11080", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11612", "CVE-2020-11619", "CVE-2020-11620", "CVE-2020-11655", "CVE-2020-11656", "CVE-2020-11971", "CVE-2020-11972", "CVE-2020-11973", "CVE-2020-11979", "CVE-2020-11984", "CVE-2020-11985", "CVE-2020-11993", "CVE-2020-11994", "CVE-2020-11996", "CVE-2020-11998", "CVE-2020-12723", "CVE-2020-13254", "CVE-2020-13596", "CVE-2020-13871", "CVE-2020-13934", "CVE-2020-13935", "CVE-2020-13954", "CVE-2020-14060", "CVE-2020-14061", "CVE-2020-14062", "CVE-2020-14147", "CVE-2020-14195", "CVE-2020-14422", "CVE-2020-14750", "CVE-2020-14756", "CVE-2020-14803", "CVE-2020-15025", "CVE-2020-15358", "CVE-2020-17498", "CVE-2020-17521", "CVE-2020-17530", "CVE-2020-1935", "CVE-2020-1938", "CVE-2020-1945", "CVE-2020-1967", "CVE-2020-1968", "CVE-2020-1971", "CVE-2020-24583", "CVE-2020-24584", "CVE-2020-24616", "CVE-2020-24750", "CVE-2020-25020", "CVE-2020-2555", "CVE-2020-25862", "CVE-2020-25863", "CVE-2020-25866", "CVE-2020-26575", "CVE-2020-27216", "CVE-2020-35460", "CVE-2020-5398", "CVE-2020-5407", "CVE-2020-5408", "CVE-2020-5421", "CVE-2020-7064", "CVE-2020-8172", "CVE-2020-8174", "CVE-2020-8265", "CVE-2020-8277", "CVE-2020-8287", "CVE-2020-9281", "CVE-2020-9327", "CVE-2020-9484", "CVE-2020-9488", "CVE-2020-9490", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548", "CVE-2021-1993", "CVE-2021-1994", "CVE-2021-1995", "CVE-2021-1996", "CVE-2021-1997", "CVE-2021-1998", "CVE-2021-1999", "CVE-2021-2000", "CVE-2021-2001", "CVE-2021-2002", "CVE-2021-2003", "CVE-2021-2004", "CVE-2021-2005", "CVE-2021-2006", "CVE-2021-2007", "CVE-2021-2009", "CVE-2021-2010", "CVE-2021-2011", "CVE-2021-2012", "CVE-2021-2013", "CVE-2021-2014", "CVE-2021-2015", "CVE-2021-2016", "CVE-2021-2017", "CVE-2021-2018", "CVE-2021-2019", "CVE-2021-2020", "CVE-2021-2021", "CVE-2021-2022", "CVE-2021-2023", "CVE-2021-2024", "CVE-2021-2025", "CVE-2021-2026", "CVE-2021-2027", "CVE-2021-2028", "CVE-2021-2029", "CVE-2021-2030", "CVE-2021-2031", "CVE-2021-2032", "CVE-2021-2033", "CVE-2021-2034", "CVE-2021-2035", "CVE-2021-2036", "CVE-2021-2038", "CVE-2021-2039", "CVE-2021-2040", "CVE-2021-2041", "CVE-2021-2042", "CVE-2021-2043", "CVE-2021-2044", "CVE-2021-2045", "CVE-2021-2046", "CVE-2021-2047", "CVE-2021-2048", "CVE-2021-2049", "CVE-2021-2050", "CVE-2021-2051", "CVE-2021-2052", "CVE-2021-2054", "CVE-2021-2055", "CVE-2021-2056", "CVE-2021-2057", "CVE-2021-2058", "CVE-2021-2059", "CVE-2021-2060", "CVE-2021-2061", "CVE-2021-2062", "CVE-2021-2063", "CVE-2021-2064", "CVE-2021-2065", "CVE-2021-2066", "CVE-2021-2067", "CVE-2021-2068", "CVE-2021-2069", "CVE-2021-2070", "CVE-2021-2071", "CVE-2021-2072", "CVE-2021-2073", "CVE-2021-2074", "CVE-2021-2075", "CVE-2021-2076", "CVE-2021-2077", "CVE-2021-2078", "CVE-2021-2079", "CVE-2021-2080", "CVE-2021-2081", "CVE-2021-2082", "CVE-2021-2083", "CVE-2021-2084", "CVE-2021-2085", "CVE-2021-2086", "CVE-2021-2087", "CVE-2021-2088", "CVE-2021-2089", "CVE-2021-2090", "CVE-2021-2091", "CVE-2021-2092", "CVE-2021-2093", "CVE-2021-2094", "CVE-2021-2096", "CVE-2021-2097", "CVE-2021-2098", "CVE-2021-2099", "CVE-2021-2100", "CVE-2021-2101", "CVE-2021-2102", "CVE-2021-2103", "CVE-2021-2104", "CVE-2021-2105", "CVE-2021-2106", "CVE-2021-2107", "CVE-2021-2108", "CVE-2021-2109", "CVE-2021-2110", "CVE-2021-2111", "CVE-2021-2112", "CVE-2021-2113", "CVE-2021-2114", "CVE-2021-2115", "CVE-2021-2116", "CVE-2021-2117", "CVE-2021-2118", "CVE-2021-2119", "CVE-2021-2120", "CVE-2021-2121", "CVE-2021-2122", "CVE-2021-2123", "CVE-2021-2124", "CVE-2021-2125", "CVE-2021-2126", "CVE-2021-2127", "CVE-2021-2128", "CVE-2021-2129", "CVE-2021-2130", "CVE-2021-2131"], "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third-party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches added since the previous Critical Patch Update Advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security patches. Refer to [\u201cCritical Patch Updates, Security Alerts and Bulletins\u201d](<https://www.oracle.com/security-alerts/>) for information about Oracle Security advisories. \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released security patches. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay.**\n\nThis Critical Patch Update contains 329 new security patches across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ January 2021 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2739494.1>).\n\n**Please note that since the release of the October 2020 Critical Patch Update, Oracle has released a Security Alert for Oracle WebLogic Server: [CVE-2020-14750 (November 1, 2020)](<https://www.oracle.com/security-alerts/alert-cve-2020-14750.html>). Customers are strongly advised to apply this Critical Patch Update, which includes patches for this Alert as well as additional patches.**\n", "modified": "2021-02-22T00:00:00", "published": "2021-01-19T00:00:00", "id": "ORACLE:CPUJAN2021", "href": "", "type": "oracle", "title": "Oracle Critical Patch Update Advisory - January 2021", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T15:41:17", "bulletinFamily": "software", "cvelist": ["CVE-2015-7501", "CVE-2015-8607", "CVE-2015-8608", "CVE-2015-9251", "CVE-2016-0701", "CVE-2016-1000031", "CVE-2016-1181", "CVE-2016-1182", "CVE-2016-1923", "CVE-2016-1924", "CVE-2016-2183", "CVE-2016-2381", "CVE-2016-3183", "CVE-2016-4000", "CVE-2016-4796", "CVE-2016-4797", "CVE-2016-5017", "CVE-2016-5019", "CVE-2016-6306", "CVE-2016-6814", "CVE-2016-8332", "CVE-2016-8610", "CVE-2016-9112", "CVE-2016-9840", "CVE-2016-9841", "CVE-2016-9842", "CVE-2016-9843", "CVE-2017-0861", "CVE-2017-10140", "CVE-2017-12610", "CVE-2017-12626", "CVE-2017-12814", "CVE-2017-12837", "CVE-2017-12883", "CVE-2017-15265", "CVE-2017-15708", "CVE-2017-5637", "CVE-2017-5645", "CVE-2018-1000004", "CVE-2018-1000632", "CVE-2018-10237", "CVE-2018-10675", "CVE-2018-10872", "CVE-2018-10901", "CVE-2018-11039", "CVE-2018-11040", "CVE-2018-11054", "CVE-2018-11055", "CVE-2018-11056", "CVE-2018-11057", "CVE-2018-11058", "CVE-2018-11776", "CVE-2018-1199", "CVE-2018-12015", "CVE-2018-12023", "CVE-2018-12207", "CVE-2018-1257", "CVE-2018-1258", "CVE-2018-1270", "CVE-2018-1271", "CVE-2018-1272", "CVE-2018-1275", "CVE-2018-1288", "CVE-2018-15756", "CVE-2018-15769", "CVE-2018-17190", "CVE-2018-17196", "CVE-2018-18311", "CVE-2018-18312", "CVE-2018-18313", "CVE-2018-18314", "CVE-2018-3620", "CVE-2018-3639", "CVE-2018-3646", "CVE-2018-3665", "CVE-2018-3693", "CVE-2018-5390", "CVE-2018-6616", "CVE-2018-6797", "CVE-2018-6798", "CVE-2018-6913", "CVE-2018-7566", "CVE-2018-8012", "CVE-2018-8013", "CVE-2018-8032", "CVE-2018-8088", "CVE-2019-0188", "CVE-2019-0201", "CVE-2019-0220", "CVE-2019-0222", "CVE-2019-0227", "CVE-2019-10081", "CVE-2019-10082", "CVE-2019-10086", "CVE-2019-10092", "CVE-2019-10097", "CVE-2019-10192", "CVE-2019-10193", "CVE-2019-10246", "CVE-2019-10247", "CVE-2019-11358", "CVE-2019-12086", "CVE-2019-12384", "CVE-2019-12402", "CVE-2019-12415", "CVE-2019-12423", "CVE-2019-12814", "CVE-2019-12973", "CVE-2019-13990", "CVE-2019-14379", "CVE-2019-14439", "CVE-2019-14540", "CVE-2019-14862", "CVE-2019-14893", "CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1551", "CVE-2019-1552", "CVE-2019-1563", "CVE-2019-16056", "CVE-2019-16335", "CVE-2019-16935", "CVE-2019-16942", "CVE-2019-16943", "CVE-2019-17091", "CVE-2019-17267", "CVE-2019-17359", "CVE-2019-17531", "CVE-2019-17560", "CVE-2019-17561", "CVE-2019-17563", "CVE-2019-17569", "CVE-2019-17571", "CVE-2019-17573", "CVE-2019-19956", "CVE-2019-20330", "CVE-2019-20388", "CVE-2019-2094", "CVE-2019-2725", "CVE-2019-2729", "CVE-2019-2904", "CVE-2019-3738", "CVE-2019-3739", "CVE-2019-3740", "CVE-2019-5427", "CVE-2019-5489", "CVE-2019-8457", "CVE-2020-10650", "CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10683", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-11080", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11620", "CVE-2020-11655", "CVE-2020-11656", "CVE-2020-13434", "CVE-2020-13435", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-14527", "CVE-2020-14528", "CVE-2020-14529", "CVE-2020-14530", "CVE-2020-14531", "CVE-2020-14532", "CVE-2020-14533", "CVE-2020-14534", "CVE-2020-14535", "CVE-2020-14536", "CVE-2020-14537", "CVE-2020-14539", "CVE-2020-14540", "CVE-2020-14541", "CVE-2020-14542", "CVE-2020-14543", "CVE-2020-14544", "CVE-2020-14545", "CVE-2020-14546", "CVE-2020-14547", "CVE-2020-14548", "CVE-2020-14549", "CVE-2020-14550", "CVE-2020-14551", "CVE-2020-14552", "CVE-2020-14553", "CVE-2020-14554", "CVE-2020-14555", "CVE-2020-14556", "CVE-2020-14557", "CVE-2020-14558", "CVE-2020-14559", "CVE-2020-14560", "CVE-2020-14561", "CVE-2020-14562", "CVE-2020-14563", "CVE-2020-14564", "CVE-2020-14565", "CVE-2020-14566", "CVE-2020-14567", "CVE-2020-14568", "CVE-2020-14569", "CVE-2020-14570", "CVE-2020-14571", "CVE-2020-14572", "CVE-2020-14573", "CVE-2020-14574", "CVE-2020-14575", "CVE-2020-14576", "CVE-2020-14577", "CVE-2020-14578", "CVE-2020-14579", "CVE-2020-14580", "CVE-2020-14581", "CVE-2020-14582", "CVE-2020-14583", "CVE-2020-14584", "CVE-2020-14585", "CVE-2020-14586", "CVE-2020-14587", "CVE-2020-14588", "CVE-2020-14589", "CVE-2020-14590", "CVE-2020-14591", "CVE-2020-14592", "CVE-2020-14593", "CVE-2020-14594", "CVE-2020-14595", "CVE-2020-14596", "CVE-2020-14597", "CVE-2020-14598", "CVE-2020-14599", "CVE-2020-14600", "CVE-2020-14601", "CVE-2020-14602", "CVE-2020-14603", "CVE-2020-14604", "CVE-2020-14605", "CVE-2020-14606", "CVE-2020-14607", "CVE-2020-14608", "CVE-2020-14609", "CVE-2020-14610", "CVE-2020-14611", "CVE-2020-14612", "CVE-2020-14613", "CVE-2020-14614", "CVE-2020-14615", "CVE-2020-14616", "CVE-2020-14617", "CVE-2020-14618", "CVE-2020-14619", "CVE-2020-14620", "CVE-2020-14621", "CVE-2020-14622", "CVE-2020-14623", "CVE-2020-14624", "CVE-2020-14625", "CVE-2020-14626", "CVE-2020-14627", "CVE-2020-14628", "CVE-2020-14629", "CVE-2020-14630", "CVE-2020-14631", "CVE-2020-14632", "CVE-2020-14633", "CVE-2020-14634", "CVE-2020-14635", "CVE-2020-14636", "CVE-2020-14637", "CVE-2020-14638", "CVE-2020-14639", "CVE-2020-14640", "CVE-2020-14641", "CVE-2020-14642", "CVE-2020-14643", "CVE-2020-14644", "CVE-2020-14645", "CVE-2020-14646", "CVE-2020-14647", "CVE-2020-14648", "CVE-2020-14649", "CVE-2020-14650", "CVE-2020-14651", "CVE-2020-14652", "CVE-2020-14653", "CVE-2020-14654", "CVE-2020-14655", "CVE-2020-14656", "CVE-2020-14657", "CVE-2020-14658", "CVE-2020-14659", "CVE-2020-14660", "CVE-2020-14661", "CVE-2020-14662", "CVE-2020-14663", "CVE-2020-14664", "CVE-2020-14665", "CVE-2020-14666", "CVE-2020-14667", "CVE-2020-14668", "CVE-2020-14669", "CVE-2020-14670", "CVE-2020-14671", "CVE-2020-14673", "CVE-2020-14674", "CVE-2020-14675", "CVE-2020-14676", "CVE-2020-14677", "CVE-2020-14678", "CVE-2020-14679", "CVE-2020-14680", "CVE-2020-14681", "CVE-2020-14682", "CVE-2020-14684", "CVE-2020-14685", "CVE-2020-14686", "CVE-2020-14687", "CVE-2020-14688", "CVE-2020-14690", "CVE-2020-14691", "CVE-2020-14692", "CVE-2020-14693", "CVE-2020-14694", "CVE-2020-14695", "CVE-2020-14696", "CVE-2020-14697", "CVE-2020-14698", "CVE-2020-14699", "CVE-2020-14700", "CVE-2020-14701", "CVE-2020-14702", "CVE-2020-14703", "CVE-2020-14704", "CVE-2020-14705", "CVE-2020-14706", "CVE-2020-14707", "CVE-2020-14708", "CVE-2020-14709", "CVE-2020-14710", "CVE-2020-14711", "CVE-2020-14712", "CVE-2020-14713", "CVE-2020-14714", "CVE-2020-14715", "CVE-2020-14716", "CVE-2020-14717", "CVE-2020-14718", "CVE-2020-14719", "CVE-2020-14720", "CVE-2020-14721", "CVE-2020-14722", "CVE-2020-14723", "CVE-2020-14724", "CVE-2020-14725", "CVE-2020-1927", "CVE-2020-1934", "CVE-2020-1935", "CVE-2020-1938", "CVE-2020-1941", "CVE-2020-1945", "CVE-2020-1950", "CVE-2020-1951", "CVE-2020-1967", "CVE-2020-2513", "CVE-2020-2555", "CVE-2020-2562", "CVE-2020-2966", "CVE-2020-2967", "CVE-2020-2968", "CVE-2020-2969", "CVE-2020-2971", "CVE-2020-2972", "CVE-2020-2973", "CVE-2020-2974", "CVE-2020-2975", "CVE-2020-2976", "CVE-2020-2977", "CVE-2020-2978", "CVE-2020-2981", "CVE-2020-2982", "CVE-2020-2983", "CVE-2020-2984", "CVE-2020-5258", "CVE-2020-5397", "CVE-2020-5398", "CVE-2020-6851", "CVE-2020-7059", "CVE-2020-7060", "CVE-2020-7595", "CVE-2020-8112", "CVE-2020-8172", "CVE-2020-9327", "CVE-2020-9484", "CVE-2020-9488", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548"], "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches are usually cumulative, but each advisory describes only the security patches added since the previous Critical Patch Update Advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security patches. Please refer to:\n\n * [Critical Patch Updates, Security Alerts and Bulletins](<https://www.oracle.com/security-alerts>) for information about Oracle Security advisories.\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released security patches. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay.**\n\nThis Critical Patch Update contains 444 new security patches across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ July 2020 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2684313.1>).\n", "modified": "2020-12-01T00:00:00", "published": "2020-07-14T00:00:00", "id": "ORACLE:CPUJUL2020", "href": "", "type": "oracle", "title": "Oracle Critical Patch Update Advisory - July 2020", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T15:41:14", "bulletinFamily": "software", "cvelist": ["CVE-2013-7285", "CVE-2015-1832", "CVE-2015-9251", "CVE-2016-0701", "CVE-2016-1000031", "CVE-2016-1000338", "CVE-2016-1000339", "CVE-2016-1000340", "CVE-2016-1000341", "CVE-2016-1000342", "CVE-2016-1000343", "CVE-2016-1000344", "CVE-2016-1000345", "CVE-2016-1000346", "CVE-2016-1000352", "CVE-2016-10244", "CVE-2016-10328", "CVE-2016-2167", "CVE-2016-2168", "CVE-2016-2183", "CVE-2016-2510", "CVE-2016-3189", "CVE-2016-4800", "CVE-2016-5000", "CVE-2016-5300", "CVE-2016-5725", "CVE-2016-6153", "CVE-2016-6306", "CVE-2016-8610", "CVE-2016-8734", "CVE-2017-10989", "CVE-2017-12626", "CVE-2017-13098", "CVE-2017-13685", "CVE-2017-13745", "CVE-2017-14232", "CVE-2017-15095", "CVE-2017-15286", "CVE-2017-17485", "CVE-2017-3164", "CVE-2017-5644", "CVE-2017-5645", "CVE-2017-5662", "CVE-2017-7525", "CVE-2017-7656", "CVE-2017-7657", "CVE-2017-7658", "CVE-2017-7857", "CVE-2017-7858", "CVE-2017-7864", "CVE-2017-8105", "CVE-2017-8287", "CVE-2017-9096", "CVE-2017-9735", "CVE-2017-9800", "CVE-2018-1000180", "CVE-2018-1000613", "CVE-2018-1000873", "CVE-2018-11054", "CVE-2018-11055", "CVE-2018-11056", "CVE-2018-11057", "CVE-2018-11058", "CVE-2018-11307", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-12536", "CVE-2018-12538", "CVE-2018-12545", "CVE-2018-14718", "CVE-2018-15769", "CVE-2018-17196", "CVE-2018-18873", "CVE-2018-19139", "CVE-2018-19539", "CVE-2018-19540", "CVE-2018-19541", "CVE-2018-19542", "CVE-2018-19543", "CVE-2018-20346", "CVE-2018-20505", "CVE-2018-20506", "CVE-2018-20570", "CVE-2018-20584", "CVE-2018-20622", "CVE-2018-20843", "CVE-2018-2765", "CVE-2018-3693", "CVE-2018-5382", "CVE-2018-5968", "CVE-2018-6942", "CVE-2018-7489", "CVE-2018-8013", "CVE-2018-8088", "CVE-2018-8740", "CVE-2018-9055", "CVE-2018-9154", "CVE-2018-9252", "CVE-2019-0192", "CVE-2019-0201", "CVE-2019-10072", "CVE-2019-10097", "CVE-2019-1010239", "CVE-2019-10173", "CVE-2019-10241", "CVE-2019-10246", "CVE-2019-10247", "CVE-2019-10744", "CVE-2019-11048", "CVE-2019-11358", "CVE-2019-11477", "CVE-2019-11478", "CVE-2019-11479", "CVE-2019-11834", "CVE-2019-11835", "CVE-2019-11922", "CVE-2019-12086", "CVE-2019-12260", "CVE-2019-12261", "CVE-2019-12384", "CVE-2019-12402", "CVE-2019-12415", "CVE-2019-12419", "CVE-2019-12423", "CVE-2019-12814", "CVE-2019-12900", "CVE-2019-13990", "CVE-2019-14379", "CVE-2019-14540", "CVE-2019-14893", "CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1552", "CVE-2019-1563", "CVE-2019-15903", "CVE-2019-16168", "CVE-2019-16335", "CVE-2019-16942", "CVE-2019-16943", "CVE-2019-17091", "CVE-2019-17267", "CVE-2019-17359", "CVE-2019-17495", "CVE-2019-17531", "CVE-2019-17543", "CVE-2019-17558", "CVE-2019-17569", "CVE-2019-17632", "CVE-2019-17638", "CVE-2019-18348", "CVE-2019-20330", "CVE-2019-2897", "CVE-2019-2904", "CVE-2019-3738", "CVE-2019-3739", "CVE-2019-3740", "CVE-2019-5018", "CVE-2019-5427", "CVE-2019-5435", "CVE-2019-5436", "CVE-2019-5443", "CVE-2019-5481", "CVE-2019-5482", "CVE-2019-8457", "CVE-2019-9511", "CVE-2019-9513", "CVE-2019-9936", "CVE-2019-9937", "CVE-2020-10108", "CVE-2020-10543", "CVE-2020-10650", "CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10683", "CVE-2020-10722", "CVE-2020-10723", "CVE-2020-10724", "CVE-2020-10878", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-11080", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11620", "CVE-2020-11655", "CVE-2020-11656", "CVE-2020-11971", "CVE-2020-11972", "CVE-2020-11973", "CVE-2020-11984", "CVE-2020-11993", "CVE-2020-11996", "CVE-2020-12243", "CVE-2020-12723", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-13920", "CVE-2020-13934", "CVE-2020-13935", "CVE-2020-14060", "CVE-2020-14061", "CVE-2020-14062", "CVE-2020-14195", "CVE-2020-14672", "CVE-2020-14731", "CVE-2020-14732", "CVE-2020-14734", "CVE-2020-14735", "CVE-2020-14736", "CVE-2020-14740", "CVE-2020-14741", "CVE-2020-14742", "CVE-2020-14743", "CVE-2020-14744", "CVE-2020-14745", "CVE-2020-14746", "CVE-2020-14752", "CVE-2020-14753", "CVE-2020-14754", "CVE-2020-14757", "CVE-2020-14758", "CVE-2020-14759", "CVE-2020-14760", "CVE-2020-14761", "CVE-2020-14762", "CVE-2020-14763", "CVE-2020-14764", "CVE-2020-14765", "CVE-2020-14766", "CVE-2020-14767", "CVE-2020-14768", "CVE-2020-14769", "CVE-2020-14770", "CVE-2020-14771", "CVE-2020-14772", "CVE-2020-14773", "CVE-2020-14774", "CVE-2020-14775", "CVE-2020-14776", "CVE-2020-14777", "CVE-2020-14778", "CVE-2020-14779", "CVE-2020-14780", "CVE-2020-14781", "CVE-2020-14782", "CVE-2020-14783", "CVE-2020-14784", "CVE-2020-14785", "CVE-2020-14786", "CVE-2020-14787", "CVE-2020-14788", "CVE-2020-14789", "CVE-2020-14790", "CVE-2020-14791", "CVE-2020-14792", "CVE-2020-14793", "CVE-2020-14794", "CVE-2020-14795", "CVE-2020-14796", "CVE-2020-14797", "CVE-2020-14798", "CVE-2020-14799", "CVE-2020-14800", "CVE-2020-14801", "CVE-2020-14802", "CVE-2020-14803", "CVE-2020-14804", "CVE-2020-14805", "CVE-2020-14806", "CVE-2020-14807", "CVE-2020-14808", "CVE-2020-14809", "CVE-2020-14810", "CVE-2020-14811", "CVE-2020-14812", "CVE-2020-14813", "CVE-2020-14814", "CVE-2020-14815", "CVE-2020-14816", "CVE-2020-14817", "CVE-2020-14818", "CVE-2020-14819", "CVE-2020-14820", "CVE-2020-14821", "CVE-2020-14822", "CVE-2020-14823", "CVE-2020-14824", "CVE-2020-14825", "CVE-2020-14826", "CVE-2020-14827", "CVE-2020-14828", "CVE-2020-14829", "CVE-2020-14830", "CVE-2020-14831", "CVE-2020-14832", "CVE-2020-14833", "CVE-2020-14834", "CVE-2020-14835", "CVE-2020-14836", "CVE-2020-14837", "CVE-2020-14838", "CVE-2020-14839", "CVE-2020-14840", "CVE-2020-14841", "CVE-2020-14842", "CVE-2020-14843", "CVE-2020-14844", "CVE-2020-14845", "CVE-2020-14846", "CVE-2020-14847", "CVE-2020-14848", "CVE-2020-14849", "CVE-2020-14850", "CVE-2020-14851", "CVE-2020-14852", "CVE-2020-14853", "CVE-2020-14854", "CVE-2020-14855", "CVE-2020-14856", "CVE-2020-14857", "CVE-2020-14858", "CVE-2020-14859", "CVE-2020-14860", "CVE-2020-14861", "CVE-2020-14862", "CVE-2020-14863", "CVE-2020-14864", "CVE-2020-14865", "CVE-2020-14866", "CVE-2020-14867", "CVE-2020-14868", "CVE-2020-14869", "CVE-2020-14870", "CVE-2020-14871", "CVE-2020-14872", "CVE-2020-14873", "CVE-2020-14875", "CVE-2020-14876", "CVE-2020-14877", "CVE-2020-14878", "CVE-2020-14879", "CVE-2020-14880", "CVE-2020-14881", "CVE-2020-14882", "CVE-2020-14883", "CVE-2020-14884", "CVE-2020-14885", "CVE-2020-14886", "CVE-2020-14887", "CVE-2020-14888", "CVE-2020-14889", "CVE-2020-14890", "CVE-2020-14891", "CVE-2020-14892", "CVE-2020-14893", "CVE-2020-14894", "CVE-2020-14895", "CVE-2020-14896", "CVE-2020-14897", "CVE-2020-14898", "CVE-2020-14899", "CVE-2020-14900", "CVE-2020-14901", "CVE-2020-15358", "CVE-2020-15389", "CVE-2020-1730", "CVE-2020-1935", "CVE-2020-1938", "CVE-2020-1941", "CVE-2020-1945", "CVE-2020-1950", "CVE-2020-1951", "CVE-2020-1953", "CVE-2020-1954", "CVE-2020-1967", "CVE-2020-2555", "CVE-2020-3235", "CVE-2020-3909", "CVE-2020-4051", "CVE-2020-5397", "CVE-2020-5398", "CVE-2020-5407", "CVE-2020-5408", "CVE-2020-7067", "CVE-2020-8172", "CVE-2020-8174", "CVE-2020-8840", "CVE-2020-9281", "CVE-2020-9327", "CVE-2020-9409", "CVE-2020-9410", "CVE-2020-9484", "CVE-2020-9488", "CVE-2020-9489", "CVE-2020-9490", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548"], "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third-party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches added since the previous Critical Patch Update Advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security patches. Refer to [\u201cCritical Patch Updates, Security Alerts and Bulletins\u201d](<https://www.oracle.com/security-alerts/>) for information about Oracle Security advisories. \n \nStarting with the October 2020 Critical Patch Update, Oracle lists updates that address vulnerabilities in third-party components which are not exploitable in the context of their inclusion in their respective Oracle product beneath the product's risk matrix. Oracle has published two versions of the October 2020 Critical Patch Update Advisory: this version of the advisory implemented the change in how non-exploitable vulnerabilities in third-party components are reported, and the \u201ctraditional\u201d advisory follows the same format as the previous advisories. The \u201ctraditional\u201d advisory is published at <https://www.oracle.com/security-alerts/cpuoct2020traditional.html>. \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released security patches. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay.**\n\nThis Critical Patch Update contains 403 new security patches across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ October 2020 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2712240.1>).\n", "modified": "2020-12-08T00:00:00", "published": "2020-10-20T00:00:00", "id": "ORACLE:CPUOCT2020", "href": "", "type": "oracle", "title": "Oracle Critical Patch Update Advisory - October 2020", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
