In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

This CVE is in the KEV database since Jan. 23, 2025.

Exploitation active

Automatable no

Technical Impact partial

Affected Vendors & Products

Vendors Products
Debian
  • Debian Linux
Drupal
  • Drupal
Fedoraproject
  • Fedora
Jquery
  • Jquery
Netapp
  • Active Iq Unified Manager
  • Cloud Backup
  • Cloud Insights Storage Workload Security Agent
  • H300e
  • H300e Firmware
  • H300s
  • H300s Firmware
  • H410c
  • H410c Firmware
  • H410s
  • H410s Firmware
  • H500e
  • H500e Firmware
  • H500s
  • H500s Firmware
  • H700e
  • H700e Firmware
  • H700s
  • H700s Firmware
  • Hci Baseboard Management Controller
  • Max Data
  • Oncommand Insight
  • Oncommand System Manager
  • Snap Creator Framework
  • Snapcenter Server
Oracle
  • Application Express
  • Application Testing Suite
  • Banking Enterprise Collections
  • Banking Platform
  • Blockchain Platform
  • Business Intelligence
  • Communications Analytics
  • Communications Eagle Application Processor
  • Communications Element Manager
  • Communications Interactive Session Recorder
  • Communications Operations Monitor
  • Communications Services Gatekeeper
  • Communications Session Report Manager
  • Communications Session Route Manager
  • Financial Services Regulatory Reporting For De Nederlandsche Bank
  • Financial Services Revenue Management And Billing Analytics
  • Health Sciences Inform
  • Healthcare Translational Research
  • Hyperion Financial Reporting
  • Jd Edwards Enterpriseone Orchestrator
  • Jd Edwards Enterpriseone Tools
  • Oss Support Tools
  • Peoplesoft Enterprise Human Capital Management Resources
  • Primavera Gateway
  • Rest Data Services
  • Siebel Mobile
  • Storagetek Acsls
  • Storagetek Tape Analytics Sw Tool
  • Webcenter Sites
  • Weblogic Server
Redhat
  • Amq Interconnect
  • Ansible Tower
  • Discovery
  • Enterprise Linux
  • Jboss Enterprise Application Platform
  • Jboss Single Sign On
  • Logging
  • Openshift
  • Openstack
  • Red Hat Single Sign On
  • Rhel Aus
  • Rhel E4s
  • Rhel Els
  • Rhel Eus
  • Rhel Tus
  • Rhev Manager
  • Service Mesh
Tenable
  • Log Correlation Engine

Configuration 1 [-]

cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 3 [-]

OR cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

Configuration 4 [-]

OR cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*

Configuration 5 [-]

OR cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:banking_enterprise_collections:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:business_intelligence:5.9.0.0.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:oracle:communications_analytics:12.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_de_nederlandsche_bank:8.0.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:health_sciences_inform:6.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:healthcare_translational_research:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:healthcare_translational_research:3.3.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:healthcare_translational_research:3.3.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:healthcare_translational_research:3.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:hyperion_financial_reporting:11.1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oss_support_tools:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_human_capital_management_resources:9.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:*
cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:*
cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:*
cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:*
cpe:2.3:a:oracle:rest_data_services:19c:*:*:*:-:*:*:*
cpe:2.3:a:oracle:siebel_mobile:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:storagetek_acsls:8.5.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

Configuration 14 [-]

OR cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vsphere:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:cloud_insights_storage_workload_security_agent:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:max_data:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapcenter_server:-:*:*:*:*:*:*:*

Configuration 15 [-]

cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:*
Package CPE Advisory Released Date
A-MQ Interconnect 1.y for RHEL 6
qpid-dispatch-0:1.13.0-3.el6_10 cpe:/a:redhat:amq_interconnect:1::el6 RHSA-2020:4211 2020-10-08T00:00:00Z
A-MQ Interconnect 1.y for RHEL 7
qpid-dispatch-0:1.13.0-3.el7 cpe:/a:redhat:amq_interconnect:1::el7 RHSA-2020:4211 2020-10-08T00:00:00Z
A-MQ Interconnect 1.y for RHEL 8
qpid-dispatch-0:1.13.0-3.el8 cpe:/a:redhat:amq_interconnect:1::el8 RHSA-2020:4211 2020-10-08T00:00:00Z
Discovery 1 for RHEL 9
discovery/discovery-server-rhel9:1.12.0-1 cpe:/o:redhat:discovery:1.0::el9 RHSA-2025:1249 2025-02-10T00:00:00Z
discovery/discovery-ui-rhel9:1.12.0-1 cpe:/o:redhat:discovery:1.0::el9 RHSA-2025:1249 2025-02-10T00:00:00Z
Openshift Service Mesh 1.1
kiali-0:v1.12.10.redhat2-1.el7 cpe:/a:redhat:service_mesh:1.1::el7 RHSA-2020:3369 2020-08-06T00:00:00Z
OpenShift Service Mesh 1.1
ior-0:1.1.6-1.el8 cpe:/a:redhat:service_mesh:1.1::el8 RHSA-2020:3369 2020-08-06T00:00:00Z
servicemesh-0:1.1.6-1.el8 cpe:/a:redhat:service_mesh:1.1::el8 RHSA-2020:3369 2020-08-06T00:00:00Z
servicemesh-cni-0:1.1.6-1.el8 cpe:/a:redhat:service_mesh:1.1::el8 RHSA-2020:3369 2020-08-06T00:00:00Z
servicemesh-grafana-0:6.4.3-13.el8 cpe:/a:redhat:service_mesh:1.1::el8 RHSA-2020:3369 2020-08-06T00:00:00Z
servicemesh-operator-0:1.1.6-2.el8 cpe:/a:redhat:service_mesh:1.1::el8 RHSA-2020:3369 2020-08-06T00:00:00Z
servicemesh-prometheus-0:2.14.0-14.el8 cpe:/a:redhat:service_mesh:1.1::el8 RHSA-2020:3369 2020-08-06T00:00:00Z
Red Hat Ansible Tower 3.6 for RHEL 7
ansible-tower-36/ansible-tower:3.6.7-1 cpe:/a:redhat:ansible_tower:3.6::el7 RHSA-2021:0778 2021-03-09T00:00:00Z
Red Hat Ansible Tower 3.7 for RHEL 7
ansible-tower-37/ansible-tower-rhel7:3.7.4-1 cpe:/a:redhat:ansible_tower:3.7::el7 RHSA-2020:5249 2020-11-30T00:00:00Z
Red Hat Enterprise Linux 7
pki-core-0:10.5.18-12.el7_9 cpe:/o:redhat:enterprise_linux:7 RHSA-2021:0851 2021-03-16T00:00:00Z
ipa-0:4.6.8-5.el7_9.4 cpe:/o:redhat:enterprise_linux:7 RHSA-2021:0860 2021-03-16T00:00:00Z
pcs-0:0.9.169-3.el7_9.3 cpe:/o:redhat:enterprise_linux:7 RHSA-2022:7343 2022-11-02T00:00:00Z
Red Hat Enterprise Linux 7.7 Advanced Update Support
doxygen-1:1.8.5-3.el7_7.1 cpe:/o:redhat:rhel_aus:7.7 RHSA-2025:1256 2025-02-10T00:00:00Z
ipa-0:4.6.5-11.el7_7.5 cpe:/o:redhat:rhel_aus:7.7 RHSA-2025:1514 2025-02-17T00:00:00Z
gcc-0:4.8.5-40.el7_7 cpe:/o:redhat:rhel_aus:7.7 RHSA-2025:1580 2025-02-17T00:00:00Z
pki-core-0:10.5.16-8.el7_7 cpe:/o:redhat:rhel_aus:7.7 RHSA-2025:2426 2025-03-06T00:00:00Z
Red Hat Enterprise Linux 7 Extended Lifecycle Support
doxygen-1:1.8.5-4.el7_9.1 cpe:/o:redhat:rhel_els:7 RHSA-2025:1255 2025-02-10T00:00:00Z
gcc-0:4.8.5-45.el7_9 cpe:/o:redhat:rhel_els:7 RHSA-2025:1601 2025-02-17T00:00:00Z
Red Hat Enterprise Linux 8
pki-core:10.6-8030020200911215836.5ff1562f cpe:/a:redhat:enterprise_linux:8 RHSA-2020:4847 2020-11-04T00:00:00Z
pki-deps:10.6-8030020200527165326.30b713e6 cpe:/a:redhat:enterprise_linux:8 RHSA-2020:4847 2020-11-04T00:00:00Z
idm:client-8040020210319141812.479738cf cpe:/a:redhat:enterprise_linux:8 RHSA-2021:1846 2021-05-18T00:00:00Z
idm:DL1-8040020210319141752.1f8cbe47 cpe:/a:redhat:enterprise_linux:8 RHSA-2021:1846 2021-05-18T00:00:00Z
tbb-0:2018.2-10.el8_10.1 cpe:/a:redhat:enterprise_linux:8 RHSA-2025:1215 2025-02-10T00:00:00Z
gcc-0:8.5.0-23.el8_10 cpe:/a:redhat:enterprise_linux:8 RHSA-2025:1301 2025-02-11T00:00:00Z
gcc-toolset-13-gcc-0:13.3.1-2.2.el8_10 cpe:/a:redhat:enterprise_linux:8 RHSA-2025:1306 2025-02-11T00:00:00Z
gcc-toolset-14-gcc-0:14.2.1-7.1.el8_10 cpe:/a:redhat:enterprise_linux:8 RHSA-2025:1338 2025-02-12T00:00:00Z
doxygen-1:1.8.14-13.el8_10 cpe:/a:redhat:enterprise_linux:8::crb RHSA-2025:1314 2025-02-11T00:00:00Z
pcs-0:0.10.10-4.el8 cpe:/a:redhat:enterprise_linux:8::highavailability RHSA-2021:4142 2021-11-09T00:00:00Z
gcc-0:8.5.0-23.el8_10 cpe:/o:redhat:enterprise_linux:8 RHSA-2025:1301 2025-02-11T00:00:00Z
Red Hat Enterprise Linux 8.2 Advanced Update Support
tbb-0:2018.2-9.el8_2.1 cpe:/a:redhat:rhel_aus:8.2 RHSA-2025:1217 2025-02-10T00:00:00Z
gcc-0:8.3.1-8.el8_2 cpe:/a:redhat:rhel_aus:8.2 RHSA-2025:1310 2025-02-11T00:00:00Z
idm:DL1-8020020250212111622.792f4060 cpe:/a:redhat:rhel_aus:8.2 RHSA-2025:1515 2025-02-17T00:00:00Z
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
tbb-0:2018.2-10.el8_4.1 cpe:/a:redhat:rhel_aus:8.4 RHSA-2025:1212 2025-02-10T00:00:00Z
gcc-0:8.4.1-1.4.el8_4 cpe:/a:redhat:rhel_aus:8.4 RHSA-2025:1312 2025-02-11T00:00:00Z
Red Hat Enterprise Linux 8.4 Telecommunications Update Service
tbb-0:2018.2-10.el8_4.1 cpe:/a:redhat:rhel_tus:8.4 RHSA-2025:1212 2025-02-10T00:00:00Z
gcc-0:8.4.1-1.4.el8_4 cpe:/a:redhat:rhel_tus:8.4 RHSA-2025:1312 2025-02-11T00:00:00Z
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
tbb-0:2018.2-10.el8_4.1 cpe:/a:redhat:rhel_e4s:8.4 RHSA-2025:1212 2025-02-10T00:00:00Z
gcc-0:8.4.1-1.4.el8_4 cpe:/a:redhat:rhel_e4s:8.4 RHSA-2025:1312 2025-02-11T00:00:00Z
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
tbb-0:2018.2-10.el8_6.1 cpe:/a:redhat:rhel_aus:8.6 RHSA-2025:1216 2025-02-10T00:00:00Z
gcc-0:8.5.0-10.4.el8_6 cpe:/a:redhat:rhel_aus:8.6 RHSA-2025:1308 2025-02-11T00:00:00Z
Red Hat Enterprise Linux 8.6 Telecommunications Update Service
tbb-0:2018.2-10.el8_6.1 cpe:/a:redhat:rhel_tus:8.6 RHSA-2025:1216 2025-02-10T00:00:00Z
gcc-0:8.5.0-10.4.el8_6 cpe:/a:redhat:rhel_tus:8.6 RHSA-2025:1308 2025-02-11T00:00:00Z
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
tbb-0:2018.2-10.el8_6.1 cpe:/a:redhat:rhel_e4s:8.6 RHSA-2025:1216 2025-02-10T00:00:00Z
gcc-0:8.5.0-10.4.el8_6 cpe:/a:redhat:rhel_e4s:8.6 RHSA-2025:1308 2025-02-11T00:00:00Z
Red Hat Enterprise Linux 8.8 Extended Update Support
tbb-0:2018.2-10.el8_8.1 cpe:/a:redhat:rhel_eus:8.8 RHSA-2025:1214 2025-02-10T00:00:00Z
gcc-0:8.5.0-18.3.el8_8 cpe:/a:redhat:rhel_eus:8.8 RHSA-2025:1311 2025-02-11T00:00:00Z
doxygen-1:1.8.14-13.el8_8 cpe:/a:redhat:rhel_eus:8.8::crb RHSA-2025:1247 2025-02-10T00:00:00Z
Red Hat Enterprise Linux 9
tbb-0:2020.3-8.el9_5.1 cpe:/a:redhat:enterprise_linux:9 RHSA-2025:1210 2025-02-10T00:00:00Z
gcc-toolset-14-gcc-0:14.2.1-1.3.el9_5 cpe:/a:redhat:enterprise_linux:9 RHSA-2025:1300 2025-02-11T00:00:00Z
gcc-toolset-13-gcc-0:13.3.1-2.2.el9_5 cpe:/a:redhat:enterprise_linux:9 RHSA-2025:1309 2025-02-11T00:00:00Z
gcc-0:11.5.0-5.el9_5 cpe:/a:redhat:enterprise_linux:9 RHSA-2025:1346 2025-02-12T00:00:00Z
doxygen-1:1.9.1-12.el9_5 cpe:/a:redhat:enterprise_linux:9::crb RHSA-2025:1329 2025-02-11T00:00:00Z
gcc-0:11.5.0-5.el9_5 cpe:/o:redhat:enterprise_linux:9 RHSA-2025:1346 2025-02-12T00:00:00Z
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
tbb-0:2020.3-8.el9_0.1 cpe:/a:redhat:rhel_e4s:9.0 RHSA-2025:1213 2025-02-10T00:00:00Z
gcc-0:11.2.1-9.5.el9_0 cpe:/a:redhat:rhel_e4s:9.0 RHSA-2025:1305 2025-02-11T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support
tbb-0:2020.3-8.el9_2.1 cpe:/a:redhat:rhel_eus:9.2 RHSA-2025:1209 2025-02-10T00:00:00Z
gcc-0:11.3.1-4.4.el9_2 cpe:/a:redhat:rhel_eus:9.2 RHSA-2025:1303 2025-02-11T00:00:00Z
doxygen-1:1.9.1-12.el9_2 cpe:/a:redhat:rhel_eus:9.2::crb RHSA-2025:1185 2025-02-10T00:00:00Z
Red Hat Enterprise Linux 9.4 Extended Update Support
tbb-0:2020.3-8.el9_4.1 cpe:/a:redhat:rhel_eus:9.4 RHSA-2025:1211 2025-02-10T00:00:00Z
gcc-0:11.4.1-4.el9_4 cpe:/a:redhat:rhel_eus:9.4 RHSA-2025:1304 2025-02-11T00:00:00Z
gcc-toolset-13-gcc-0:13.3.1-2.2.el9_4 cpe:/a:redhat:rhel_eus:9.4 RHSA-2025:1342 2025-02-12T00:00:00Z
doxygen-1:1.9.1-12.el9_4 cpe:/a:redhat:rhel_eus:9.4::crb RHSA-2025:1315 2025-02-11T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7
jquery cpe:/a:redhat:jboss_enterprise_application_platform:7.4 RHSA-2023:0556 2023-01-31T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8
eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8 RHSA-2023:0553 2023-01-31T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9
eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9 RHSA-2023:0554 2023-01-31T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7
eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7 RHSA-2023:0552 2023-01-31T00:00:00Z
Red Hat OpenShift Container Platform 4.5
openshift4/ose-console:v4.5.0-202007012112.p0 cpe:/a:redhat:openshift:4.5::el7 RHSA-2020:2412 2020-07-13T00:00:00Z
Red Hat OpenShift Container Platform 4.6
openshift4/ose-grafana:v4.6.0-202010061132.p0 cpe:/a:redhat:openshift:4.6::el8 RHSA-2020:4298 2020-10-27T00:00:00Z
openshift4/ose-prometheus:v4.6.0-202009290409.p0 cpe:/a:redhat:openshift:4.6::el8 RHSA-2020:4298 2020-10-27T00:00:00Z
Red Hat OpenStack Platform 16.1
python-XStatic-jQuery224-0:2.2.4.1-3.el8ost cpe:/a:redhat:openstack:16.1::el8 RHSA-2020:5412 2020-12-15T00:00:00Z
Red Hat OpenStack Platform 16.2
python-django20-0:2.0.13-19.el8ost cpe:/a:redhat:openstack:16.2::el8 RHSA-2025:1070 2025-02-05T00:00:00Z
Red Hat Single Sign-On 7.0
keycloak-idp-jquery cpe:/a:redhat:red_hat_single_sign_on:7.6 RHSA-2023:1049 2023-03-01T00:00:00Z
Red Hat Single Sign-On 7.4.1
js-jquery cpe:/a:redhat:jboss_single_sign_on:7.4 RHSA-2020:2813 2020-07-02T00:00:00Z
Red Hat Single Sign-On 7.6 for RHEL 7
rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso cpe:/a:redhat:red_hat_single_sign_on:7.6::el7 RHSA-2023:1043 2023-03-01T00:00:00Z
Red Hat Single Sign-On 7.6 for RHEL 8
rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso cpe:/a:redhat:red_hat_single_sign_on:7.6::el8 RHSA-2023:1044 2023-03-01T00:00:00Z
Red Hat Single Sign-On 7.6 for RHEL 9
rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso cpe:/a:redhat:red_hat_single_sign_on:7.6::el9 RHSA-2023:1045 2023-03-01T00:00:00Z
Red Hat Virtualization Engine 4.4
ovirt-engine-ui-extensions-0:1.2.2-1.el8ev cpe:/a:redhat:rhev_manager:4.4:el8 RHSA-2020:3247 2020-08-04T00:00:00Z
ovirt-web-ui-0:1.6.4-1.el8ev cpe:/a:redhat:rhev_manager:4.4:el8 RHSA-2020:3807 2020-09-23T00:00:00Z
org.ovirt.engine-root-0:4.5.2.4-1 cpe:/a:redhat:rhev_manager:4.4:el8 RHSA-2022:6393 2022-09-08T00:00:00Z
RHOL-5.8-RHEL-8
logging-kibana6-container-v6.8.1-479 cpe:/a:redhat:logging:5.8::el8 RHSA-2025:1983 2025-03-05T00:00:00Z
References
Link Providers
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html cve-icon cve-icon
http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html cve-icon cve-icon
https://blog.jquery.com/2020/04/10/jquery-3-5-0-released cve-icon cve-icon
https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/ cve-icon
https://github.com/github/advisory-database/blob/99afa6fdeaf5d1d23e1021ff915a5e5dbc82c1f1/advisories/github-reviewed/2020/04/GHSA-jpcq-cgw6-v4j6/GHSA-jpcq-cgw6-v4j6.json#L20-L37 cve-icon
https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6 cve-icon cve-icon
https://jquery.com/upgrade-guide/3.5/ cve-icon cve-icon
https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb%40%3Cissues.hive.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6%40%3Cdev.felix.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec%40%3Cissues.hive.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c%40%3Cgitbox.hive.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330%40%3Cdev.felix.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef%40%3Cdev.felix.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5%40%3Cissues.hive.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16%40%3Cdev.felix.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494%40%3Cdev.felix.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1%40%3Cissues.hive.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49%40%3Cissues.hive.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c%40%3Ccommits.felix.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15%40%3Cissues.hive.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e%40%3Cdev.felix.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac%40%3Cgitbox.hive.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72%40%3Cgitbox.hive.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c%40%3Cgitbox.hive.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6%40%3Cissues.hive.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9%40%3Ccommits.hive.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea%40%3Cissues.hive.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61%40%3Cgitbox.hive.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7%40%3Cissues.hive.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9%40%3Cissues.hive.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679%40%3Ccommits.nifi.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817%40%3Cdev.felix.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93%40%3Cgitbox.hive.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248%40%3Cdev.hive.apache.org%3E cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/ cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/ cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/ cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/ cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2020-11023 cve-icon
https://security.gentoo.org/glsa/202007-03 cve-icon cve-icon
https://security.netapp.com/advisory/ntap-20200511-0006/ cve-icon cve-icon
https://www.cisa.gov/known-exploited-vulnerabilities-catalog cve-icon
https://www.cve.org/CVERecord?id=CVE-2020-11023 cve-icon
https://www.debian.org/security/2020/dsa-4693 cve-icon cve-icon
https://www.drupal.org/sa-core-2020-002 cve-icon cve-icon
https://www.oracle.com//security-alerts/cpujul2021.html cve-icon cve-icon
https://www.oracle.com/security-alerts/cpuApr2021.html cve-icon cve-icon
https://www.oracle.com/security-alerts/cpuapr2022.html cve-icon cve-icon
https://www.oracle.com/security-alerts/cpujan2021.html cve-icon cve-icon
https://www.oracle.com/security-alerts/cpujan2022.html cve-icon cve-icon
https://www.oracle.com/security-alerts/cpujul2020.html cve-icon cve-icon
https://www.oracle.com/security-alerts/cpujul2022.html cve-icon cve-icon
https://www.oracle.com/security-alerts/cpuoct2020.html cve-icon cve-icon
https://www.oracle.com/security-alerts/cpuoct2021.html cve-icon cve-icon
https://www.tenable.com/security/tns-2021-02 cve-icon cve-icon
https://www.tenable.com/security/tns-2021-10 cve-icon cve-icon
History

Fri, 04 Apr 2025 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Netapp active Iq Unified Manager
Netapp cloud Backup
Netapp cloud Insights Storage Workload Security Agent
Netapp hci Baseboard Management Controller
Oracle blockchain Platform
CPEs cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vsphere:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:cloud_insights_storage_workload_security_agent:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
Vendors & Products Netapp active Iq Unified Manager
Netapp cloud Backup
Netapp cloud Insights Storage Workload Security Agent
Netapp hci Baseboard Management Controller
Oracle blockchain Platform

Thu, 06 Mar 2025 02:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat logging
CPEs cpe:/a:redhat:logging:5.8::el8
Vendors & Products Redhat logging

Thu, 13 Feb 2025 02:45:00 +0000

Type Values Removed Values Added
CPEs cpe:/o:redhat:enterprise_linux:9

Thu, 13 Feb 2025 00:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat discovery
Redhat rhel Aus
Redhat rhel E4s
Redhat rhel Els
Redhat rhel Eus
Redhat rhel Tus
CPEs cpe:/a:redhat:enterprise_linux:8::crb
cpe:/a:redhat:enterprise_linux:9
cpe:/a:redhat:enterprise_linux:9::crb
cpe:/a:redhat:openstack:16.2::el8
cpe:/a:redhat:rhel_aus:8.2
cpe:/a:redhat:rhel_aus:8.4
cpe:/a:redhat:rhel_aus:8.6
cpe:/a:redhat:rhel_e4s:8.4
cpe:/a:redhat:rhel_e4s:8.6
cpe:/a:redhat:rhel_e4s:9.0
cpe:/a:redhat:rhel_eus:8.8
cpe:/a:redhat:rhel_eus:8.8::crb
cpe:/a:redhat:rhel_eus:9.2
cpe:/a:redhat:rhel_eus:9.2::crb
cpe:/a:redhat:rhel_eus:9.4
cpe:/a:redhat:rhel_eus:9.4::crb
cpe:/a:redhat:rhel_tus:8.4
cpe:/a:redhat:rhel_tus:8.6
cpe:/o:redhat:discovery:1.0::el9
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:rhel_aus:7.7
cpe:/o:redhat:rhel_els:7
Vendors & Products Redhat discovery
Redhat rhel Aus
Redhat rhel E4s
Redhat rhel Els
Redhat rhel Eus
Redhat rhel Tus
References

Mon, 10 Feb 2025 19:15:00 +0000

Type Values Removed Values Added
Metrics kev

{'dateAdded': '2025-01-23'}

Thu, 23 Jan 2025 21:30:00 +0000

Type Values Removed Values Added
References

Thu, 23 Jan 2025 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'active', 'Technical Impact': 'partial'}, 'version': '2.0.3'}
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2020-04-29T00:00:00.000Z

Updated: 2025-02-10T18:30:49.172Z

Reserved: 2020-03-30T00:00:00.000Z

Link: CVE-2020-11023

cve-icon Vulnrichment

Updated: 2025-01-23T21:07:47.681Z

cve-icon NVD

Status : Analyzed

Published: 2020-04-29T21:15:11.743

Modified: 2025-04-04T19:53:43.140

Link: CVE-2020-11023

cve-icon Redhat

Severity : Moderate

Publid Date: 2020-04-29T00:00:00Z

Links: CVE-2020-11023 - Bugzilla