logo
DATABASE RESOURCES PRICING ABOUT US

Scientific Linux Security Update : ipa on SL7.x x86_64 (20201001)

Description

Security Fix(es) : - js-jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251) - bootstrap: XSS in the data-target attribute (CVE-2016-10735) - bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040) - bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip. (CVE-2018-14042) - bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676) - bootstrap: XSS in the affix configuration target property (CVE-2018-20677) - bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331) - js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358) - jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022) - ipa: No password length restriction leads to denial of service (CVE-2020-1722)


Related