ELSA-2022-9177

Опубликовано: 01 мар. 2022

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2022-9177: jquery-ui security update (IMPORTANT)

[1.10.4.custom-4.0.1]

Backport jQuery CVE-2020-11022 and CVE-2020-11023 fixes to bundled jQuery v1.10.2 [Orabug: 33869588]

[1.10.4.custom-4]

removed %%defattr from specfile
removed Group from specfile
removed BuildRoot from specfiles

Tue May 10 2016 Grant Gainey 1.10.4.custom-3

jquery-ui: build on openSUSE

[1.10.4.custom-2]

fix jquery-ui source url

[1.10.4.custom-1]

initial jquery-ui build

Обновленные пакеты

Oracle Linux 7

Oracle Linux x86_64

jquery-ui

1.10.4.custom-4.0.1.el7

Связанные CVE

CVE-2020-11023

CVE-2020-11022

Ссылки на источники

Связанные уязвимости

openSUSE-SU-2020:1888-1

suse-cvrf

больше 4 лет назад

Security update for otrs

openSUSE-SU-2020:1060-1

suse-cvrf

почти 5 лет назад

Security update for cacti, cacti-spine

ELSA-2020-4847

oracle-oval

больше 4 лет назад

ELSA-2020-4847: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (MODERATE)

CVE-2020-11022

CVSS3: 6.9

ubuntu

около 5 лет назад

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

CVE-2020-11022

CVSS3: 6.1

redhat

около 5 лет назад