ID

VAR-201801-0036

CVE

CVE-2015-9251

TITLE

JQuery CVE-2015-9251 Cross Site Scripting Vulnerability

DESCRIPTION

jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. JQuery is prone to a cross-site-scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Versions prior to JQuery 3.0.0 are vulnerable. jQuery is an open source, cross-browser JavaScript library developed by American John Resig programmers. The library simplifies the operation between HTML and JavaScript, and has the characteristics of modularization and plug-in extension. The vulnerability stems from the lack of correct validation of client data in WEB applications. An attacker could exploit this vulnerability to execute client code. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. JIRA issues fixed (https://issues.jboss.org/): JBEAP-23864 - (7.4.z) Upgrade xmlsec from 2.1.7.redhat-00001 to 2.2.3.redhat-00001 JBEAP-23865 - [GSS](7.4.z) Upgrade Apache CXF from 3.3.13.redhat-00001 to 3.4.10.redhat-00001 JBEAP-23866 - (7.4.z) Upgrade wss4j from 2.2.7.redhat-00001 to 2.3.3.redhat-00001 JBEAP-23926 - Tracker bug for the EAP 7.4.9 release for RHEL-7 JBEAP-24055 - (7.4.z) Upgrade HAL from 3.3.15.Final-redhat-00001 to 3.3.16.Final-redhat-00001 JBEAP-24081 - (7.4.z) Upgrade Elytron from 1.15.14.Final-redhat-00001 to 1.15.15.Final-redhat-00001 JBEAP-24095 - (7.4.z) Upgrade elytron-web from 1.9.2.Final-redhat-00001 to 1.9.3.Final-redhat-00001 JBEAP-24100 - [GSS](7.4.z) Upgrade Undertow from 2.2.20.SP1-redhat-00001 to 2.2.22.SP3-redhat-00001 JBEAP-24127 - (7.4.z) UNDERTOW-2123 - Update AsyncContextImpl.dispatch to use proper value JBEAP-24128 - (7.4.z) Upgrade Hibernate Search from 5.10.7.Final-redhat-00001 to 5.10.13.Final-redhat-00001 JBEAP-24132 - [GSS](7.4.z) Upgrade Ironjacamar from 1.5.3.SP2-redhat-00001 to 1.5.10.Final-redhat-00001 JBEAP-24147 - (7.4.z) Upgrade jboss-ejb-client from 4.0.45.Final-redhat-00001 to 4.0.49.Final-redhat-00001 JBEAP-24167 - (7.4.z) Upgrade WildFly Core from 15.0.19.Final-redhat-00001 to 15.0.21.Final-redhat-00002 JBEAP-24191 - [GSS](7.4.z) Upgrade remoting from 5.0.26.SP1-redhat-00001 to 5.0.27.Final-redhat-00001 JBEAP-24195 - [GSS](7.4.z) Upgrade JSF API from 3.0.0.SP06-redhat-00001 to 3.0.0.SP07-redhat-00001 JBEAP-24207 - (7.4.z) Upgrade Soteria from 1.0.1.redhat-00002 to 1.0.1.redhat-00003 JBEAP-24248 - (7.4.z) ELY-2492 - Upgrade sshd-common in Elytron from 2.7.0 to 2.9.2 JBEAP-24426 - (7.4.z) Upgrade Elytron from 1.15.15.Final-redhat-00001 to 1.15.16.Final-redhat-00001 JBEAP-24427 - (7.4.z) Upgrade WildFly Core from 15.0.21.Final-redhat-00002 to 15.0.22.Final-redhat-00001 7. Description: Red Hat Fuse provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat A-MQ is a standards compliant messaging system that is tailored for use in mission critical applications. It includes bug fixes, which are documented in the patch notes accompanying the package on the download page. See the download link given in the references section below. Solution: Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on. Installation instructions are located in the download section of the customer portal. The References section of this erratum contains a download link (you must log in to download the update). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update Advisory ID: RHSA-2020:4670-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:4670 Issue date: 2020-11-03 CVE Names: CVE-2015-9251 CVE-2016-10735 CVE-2018-14040 CVE-2018-14042 CVE-2018-20676 CVE-2018-20677 CVE-2019-8331 CVE-2019-11358 CVE-2020-1722 CVE-2020-11022 ==================================================================== 1. Summary: An update for the idm:DL1 and idm:client modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. The following packages have been upgraded to a later upstream version: ipa (4.8.7), softhsm (2.6.0), opendnssec (2.1.6). (BZ#1759888, BZ#1818765, BZ#1818877) Security Fix(es): * js-jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251) * bootstrap: XSS in the data-target attribute (CVE-2016-10735) * bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040) * bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042) * bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676) * bootstrap: XSS in the affix configuration target property (CVE-2018-20677) * bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331) * js-jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358) * jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022) * ipa: No password length restriction leads to denial of service (CVE-2020-1722) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1399546 - CVE-2015-9251 jquery: Cross-site scripting via cross-domain ajax requests 1430365 - [RFE] Host-group names command rename 1488732 - fake_mname in named.conf is no longer effective 1585020 - Enable compat tree to provide information about AD users and groups on trust agents 1601614 - CVE-2018-14040 bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute 1601617 - CVE-2018-14042 bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip 1651577 - [WebUI] IPA Error 3007: RequirmentError" while adding members in "User ID overrides" tab 1668082 - CVE-2018-20676 bootstrap: XSS in the tooltip data-viewport attribute 1668089 - CVE-2018-20677 bootstrap: XSS in the affix configuration target property 1668097 - CVE-2016-10735 bootstrap: XSS in the data-target attribute 1686454 - CVE-2019-8331 bootstrap: XSS in the tooltip or popover data-template attribute 1701233 - [RFE] support setting supported signature methods on the token 1701972 - CVE-2019-11358 jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection 1746830 - Memory leak during search of idview overrides 1750893 - Memory leak when slapi-nis return entries retrieved from nsswitch 1751295 - When sync-repl is enabled, slapi-nis can deadlock during retrochanglog trimming 1757045 - IDM Web GUI / IPA web UI: the ID override operation doesn't work in GUI (it works only from CLI) 1759888 - Rebase OpenDNSSEC to 2.1 1768156 - ERR - schemacompat - map rdlock: old way MAP_MONITOR_DISABLED 1777806 - When Service weight is set as 0 for server in IPA location "IPA Error 903: InternalError" is displayed 1793071 - CVE-2020-1722 ipa: No password length restriction leads to denial of service 1801698 - [RFE] Changing default hostgroup is too easy 1802471 - SELinux policy for ipa-custodia 1809835 - RFE: ipa group-add-member: number of failed should also be emphasized 1810154 - RFE: ipa-backup should compare locally and globally installed server roles 1810179 - ipa-client-install should name authselect backups and restore to that at uninstall time 1813330 - ipa-restore does not restart httpd 1816784 - KRA install fails if all KRA members are Hidden Replicas 1818765 - [Rebase] Rebase ipa to 4.8.6+ 1818877 - [Rebase] Rebase to softhsm 2.6.0+ 1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method 1831732 - AVC avc: denied { dac_override } for comm="ods-enforcerd 1831935 - AD authentication with IdM against SQL Server 1832331 - [abrt] [faf] 389-ds-base: unknown function(): /usr/sbin/ns-slapd killed by 11 1833266 - [dirsrv] set 'nsslapd-enable-upgrade-hash: off' as this raises warnings 1834264 - BIND rebase: rebuild against new so version 1834909 - softhsm use-after-free on process exit 1845211 - Rebase bind-dyndb-ldap to 11.3 1845537 - IPA bind configuration issue 1845596 - ipa trust-add fails with 'Fetching domains from trusted forest failed' 1846352 - cannot issue certs with multiple IP addresses corresponding to different hosts 1846434 - Remove ipa-idoverride-memberof as superceded by ipa-server 4.8.7 1847999 - EPN does not ship its default configuration ( /etc/ipa/epn.conf ) in freeipa-client-epn 1849914 - FreeIPA - Utilize 256-bit AJP connector passwords 1851411 - ipa: typo issue in ipanthomedirectoryrive deffinition 1852244 - ipa-healthcheck inadvertently obsoleted in RHEL 8.2 1853263 - ipa-selinux package missing 1857157 - replica install failing with avc denial for custodia component 1858318 - AttributeError: module 'ssl' has no attribute 'SSLCertVerificationError' when upgrading ca-less ipa master 1859213 - AVC denial during ipa-adtrust-install --add-agents 1863079 - ipa-epn command displays 'exception: ConnectionRefusedError: [Errno 111] Connection refused' 1863616 - CA-less install does not set required permissions on KDC certificate 1866291 - EPN: enhance input validation 1866938 - ipa-epn fails to retrieve user data if some user attributes are not present 1868432 - Unhandled Python exception in '/usr/libexec/ipa/ipa-pki-retrieve-key' 1869311 - ipa trust-add fails with 'Fetching domains from trusted forest failed' 1870202 - File permissions of /etc/ipa/ca.crt differ between CA-ful and CA-less 1874015 - ipa hbacrule-add-service --hbacsvcs=sshd is not applied successfully for subdomain 1875348 - Valgrind reports a memory leak in the Schema Compatibility plugin. 1879604 - pkispawn logs files are empty 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm aarch64: bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm noarch: custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm ppc64le: bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm s390x: bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm x86_64: bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-9251 https://access.redhat.com/security/cve/CVE-2016-10735 https://access.redhat.com/security/cve/CVE-2018-14040 https://access.redhat.com/security/cve/CVE-2018-14042 https://access.redhat.com/security/cve/CVE-2018-20676 https://access.redhat.com/security/cve/CVE-2018-20677 https://access.redhat.com/security/cve/CVE-2019-8331 https://access.redhat.com/security/cve/CVE-2019-11358 https://access.redhat.com/security/cve/CVE-2020-1722 https://access.redhat.com/security/cve/CVE-2020-11022 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/ 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX6I0xtzjgjWX9erEAQioFw/+IiVoE8tPMkiNgSNrk05OezzG/Cev8wXY mTJ+clSxujruzDZ1GyYz5Ua5v4+fwEHbTKVHiite3HKbYGgV9E5H9Y/JVR75rbPN mIfAOLmvYDp3JeHT3RBqRrtviz2UaWRTmE8E30EoC0C912w0NHpwS3fhuRmJov1X lflTtWlQCuPE/7yFQEZqYYjmKMqAVeDk4K6smM/aTzMyM+uFgaksiSTrLzU0mcHJ AAn9h59qlwUXNGRbyBCoLMJrKq5Sw1+xz518XIIjJOQDJbSqu8syzKgi/qSFuLRp 2c/OSKJ98CVoiCcyhsBW/c3B6eoDmSfeKqt6JwVH/Sva+d7Oj5vpWTB5GW4hDFFh t3cuhvyavPnyAzxRnYw5syn/RTyjaOK1U6+6SbEtJVnlx9+FW0lKs/Pcx2ocYmfO UCDXHgxmEP8DTKwJZyIZtybVkpqbXh6jf69NLROTTZMtEwJzE1NGG4ulcl6tutTq S0gchuiUuxItZlD3a9ISBXXxV0iqqd7I5p78maohzIwfyZR13S++rFt7JnoVb7SO DECfEs6VinGH0Z0YInceF6Y9N+SURBrcQpQK12/wtGSChFFU83FII2sxy6iG7pTF HPTzByu+aYgFpuEF4EKSrDlZCVJ8Es5lyp+cF401o3oGJuNo9WYScKjb51a0+SLJ zbmM3GoiGZI=QyyK -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Hello, I identified several vulnerabilities in dotCMS v5.1.1 due to vulnerable open source dependencies. Full security write up: http://secureli.com/dotcms-v5-1-1-vulnerable-open-source-dependencies/ The details: ---- /ROOT/html/js/scriptaculous/prototype.js ↳ prototypejs 1.5.0 prototypejs 1.5.0 has known vulnerabilities: severity: high; CVE: CVE-2008-7220; http://www.cvedetails.com/cve/CVE-2008-7220/ http://prototypejs.org/2008/01/25/prototype-1-6-0-2-bug-fixes-performance-improvements-and-security/ ROOT/assets/3/6/36c22c5d-c813-4869-a4b7-fcc10a74e8b6/fileAsset/jquery.min.js ↳ jquery 1.9.1 jquery 1.9.1 has known vulnerabilities: severity: medium; issue: 2432, summary: 3rd party CORS request may execute, CVE: CVE-2015-9251; https://github.com/jquery/jquery/issues/2432 http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/ https://nvd.nist.gov/vuln/detail/CVE-2015-9251 http://research.insecurelabs.org/jquery/test/ severity: medium; CVE: CVE-2015-9251, issue: 11974, summary: parseHTML() executes scripts in event handlers; https://bugs.jquery.com/ticket/11974 https://nvd.nist.gov/vuln/detail/CVE-2015-9251 http://research.insecurelabs.org/jquery/test/ severity: low; CVE: CVE-2019-11358, summary: jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution; https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/ https://nvd.nist.gov/vuln/detail/CVE-2019-11358 https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b ROOT/assets/5/1/515cba4e-ac64-4523-b683-8e38329e7f46/fileAsset/bootstrap.min.js ↳ bootstrap 3.2.0 bootstrap 3.2.0 has known vulnerabilities: severity: high; issue: 28236, summary: XSS in data-template, data-content and data-title properties of tooltip/popover, CVE: CVE-2019-8331; https://github.com/twbs/bootstrap/issues/28236 severity: medium; issue: 20184, summary: XSS in data-target property of scrollspy, CVE: CVE-2018-14041; https://github.com/twbs/bootstrap/issues/20184 severity: medium; issue: 20184, summary: XSS in collapse data-parent attribute, CVE: CVE-2018-14040; https://github.com/twbs/bootstrap/issues/20184 severity: medium; issue: 20184, summary: XSS in data-container property of tooltip, CVE: CVE-2018-14042; https://github.com/twbs/bootstrap/issues/20184 ROOT/assets/9/9/99c7ffe7-e1c2-407f-85b7-ec483dbcf6f1/fileAsset/jquery.min.js ↳ jquery 3.3.1 jquery 3.3.1 has known vulnerabilities: severity: low; CVE: CVE-2019-11358, summary: jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution; https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/ https://nvd.nist.gov/vuln/detail/CVE-2019-11358 https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b ROOT/assets/f/6/f6fa6b13-3a96-4cbf-9a75-19a40137f05a/fileAsset/jquery.min.js ↳ jquery 1.9.1 jquery 1.9.1 has known vulnerabilities: severity: medium; issue: 2432, summary: 3rd party CORS request may execute, CVE: CVE-2015-9251; https://github.com/jquery/jquery/issues/2432 http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/ https://nvd.nist.gov/vuln/detail/CVE-2015-9251 http://research.insecurelabs.org/jquery/test/ severity: medium; CVE: CVE-2015-9251, issue: 11974, summary: parseHTML() executes scripts in event handlers; https://bugs.jquery.com/ticket/11974 https://nvd.nist.gov/vuln/detail/CVE-2015-9251 http://research.insecurelabs.org/jquery/test/ severity: low; CVE: CVE-2019-11358, summary: jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution; https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/ https://nvd.nist.gov/vuln/detail/CVE-2019-11358 https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b ROOT/assets/4/a/4a5a727f-369b-49e0-bff5-42d9efb4ba90/fileAsset/jquery-2.1.1.min.js ↳ jquery 2.1.1.min jquery 2.1.1.min has known vulnerabilities: severity: medium; issue: 2432, summary: 3rd party CORS request may execute, CVE: CVE-2015-9251; https://github.com/jquery/jquery/issues/2432 http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/ https://nvd.nist.gov/vuln/detail/CVE-2015-9251 http://research.insecurelabs.org/jquery/test/ severity: medium; CVE: CVE-2015-9251, issue: 11974, summary: parseHTML() executes scripts in event handlers; https://bugs.jquery.com/ticket/11974 https://nvd.nist.gov/vuln/detail/CVE-2015-9251 http://research.insecurelabs.org/jquery/test/ severity: low; CVE: CVE-2019-11358, summary: jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution; https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/ https://nvd.nist.gov/vuln/detail/CVE-2019-11358 https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b ROOT/html/js/dojo/custom-build/dojo/dojo.js ↳ dojo 1.8.6 dojo 1.8.6 has known vulnerabilities: severity: medium; PR: 307; https://github.com/dojo/dojo/pull/307 https://dojotoolkit.org/blog/dojo-1-14-released ROOT/html/js/tinymce/js/tinymce/tinymce.min.js ↳ tinyMCE 4.1.6 tinyMCE 4.1.6 has known vulnerabilities: severity: medium; summary: xss issues with media plugin not properly filtering out some script attributes.; https://www.tinymce.com/docs/changelog/ severity: medium; summary: FIXED so script elements gets removed by default to prevent possible XSS issues in default config implementations; https://www.tinymce.com/docs/changelog/ severity: medium; summary: FIXED so links with xlink:href attributes are filtered correctly to prevent XSS.; https://www.tinymce.com/docs/changelog/

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

network

TYPE

Input Validation Error

EXTERNAL IDS

REFERENCES

CREDITS

Red Hat

SOURCES

LAST UPDATE DATE

2025-06-26T23:00:44.930000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE