Download
| Alert*
|
oval:org.secpod.oval:def:504689
The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System. Security Fix: * jquery: Cross-site scripting via cross-domain ajax requests * bootstrap: XSS in the data-target attribute * bootstrap: Cross-site Scripting in the collapse data-parent attribu ... oval:org.secpod.oval:def:2500205 The Public Key Infrastructure Core contains fundamental packages required by AlmaLinux Certificate System. oval:org.secpod.oval:def:68019 The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System. Security Fix: * jquery: Cross-site scripting via cross-domain ajax requests * bootstrap: XSS in the data-target attribute * bootstrap: Cross-site Scripting in the collapse data-parent attribu ... oval:org.secpod.oval:def:603941 Multiple security vulnerabilities have been discovered in MediaWiki, a website engine for collaborative work, which may result in authentication bypass, denial of service, cross-site scripting, information disclosure and bypass of anti-spam measures. oval:org.secpod.oval:def:1505191 bind-dyndb-ldap [11.3-1] - New upstream release - Resolves: rhbz#1845211 ipa [4.8.7-12.0.1] - Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674] [4.8.7-12] - Require selinux sub package in the proper version Related: RHBZ#1868432 - SELinux: do not double-define node_t and pki_tomcat_ ... oval:org.secpod.oval:def:1504088 [4.6.8-5.0.1] - Blank out header-logo.png product-name.png - Replace login-screen-logo.png [Orabug: 20362818] [4.6.8-5.el7] - Resolves: #1826659 IPA: Ldap authentication failure due to Kerberos principal expiration UTC timestamp - ipa-pwd-extop: use timegm instead of mktime to preserve timezone offs ... oval:org.secpod.oval:def:504711 Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. The following packages have been upgraded to a later upstream version: ipa , softhsm , opendnssec . Security Fix: * js-jquery: ... oval:org.secpod.oval:def:1506126 [0.9.169-3.0.1] - replace logo pcsd/public/favicon.ico in tarball - remove Source1 HAM-logo.png [0.9.169-3.el7_3.2] - Update rubygem rack - Upgrade jquery in web-ui - Resolves: rhbz#2099578 rhbz#2093232 [0.9.169-3.el7_3.1] - Explicitly close libcurl connections to prevent stalled TCP connections in ... oval:org.secpod.oval:def:1701103 A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with var ... oval:org.secpod.oval:def:2105209 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. oval:org.secpod.oval:def:1700459 jQuery before 3.0.0 is vulnerable to Cross-site Scripting attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute ... oval:org.secpod.oval:def:1801478 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype. Fixed In Version:¶ drupal 7.66 oval:org.secpod.oval:def:2500214 AlmaLinux Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. oval:org.secpod.oval:def:68021 Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. The following packages have been upgraded to a later upstream version: ipa , softhsm , opendnssec . Security Fix: * js-jquery: ... oval:org.secpod.oval:def:54508 A cross-site scripting vulnerability has been found in Drupal, a fully-featured content management framework. For additional information, please refer to the upstream advisory at https://www.drupal.org/sa-core-2019-006 . oval:org.secpod.oval:def:603852 A cross-site scripting vulnerability has been found in Drupal, a fully-featured content management framework. For additional information, please refer to the upstream advisory at https://www.drupal.org/sa-core-2019-006 . oval:org.secpod.oval:def:504340 Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. The following packages have been upgraded to a later upstream version: ipa . Security Fix: * js-jquery: Cross-site scripting vi ... oval:org.secpod.oval:def:4501230 The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. The following packages have been upgraded to a later upstream version: pcs . Security Fix: * jquery: Cross-site scripting via HTML tags containing whitespaces * jquery: Untrusted code execution ... oval:org.secpod.oval:def:59298 The host is installed with oracle WebLogic through 10.3.6.0, 12.1.3.0 or 12.2.1.3 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle Console(jQuery) component issue. Successful exploitation could result in unauthorized update, insert or delete a ... oval:org.secpod.oval:def:116573 Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. oval:org.secpod.oval:def:116571 Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. oval:org.secpod.oval:def:116570 Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. oval:org.secpod.oval:def:55509 Multiple security vulnerabilities have been discovered in MediaWiki, a website engine for collaborative work, which may result in authentication bypass, denial of service, cross-site scripting, information disclosure and bypass of anti-spam measures. oval:org.secpod.oval:def:1505309 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:205618 Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. The following packages have been upgraded to a later upstream version: ipa . Security Fix: * js-jquery: Cross-site scripting vi ... |
