logo
DATABASE RESOURCES PRICING ABOUT US

(RHSA-2019:3024) Moderate: ovirt-web-ui security and bug fix update

Description

The ovirt-web-ui package provides the web interface for Red Hat Virtualization. Security Fix(es): * nodejs-lodash: prototype pollution in defaultsDeep function leading to modifying properties (CVE-2019-10744) * bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331) * js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Known moderate severity security vulnerability detected by GitHub on ovirt-web-ui components (BZ#1694032)


Affected Package


OS OS Version Package Name Package Version
RedHat 7 ovirt-web-ui 1.6.0-1.el7ev
RedHat 7 ovirt-web-ui 1.6.0-1.el7ev

Related