Описание
ELSA-2025-1255: doxygen security update (MODERATE)
[1:1.8.5-4.0.1]
- Fix CVE-2020-11022 and CVE-2022-11023 in vendored jQuery [Orabug: 37577394]
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
doxygen
1.8.5-4.0.1.el7
doxygen-doxywizard
1.8.5-4.0.1.el7
doxygen-latex
1.8.5-4.0.1.el7
Связанные CVE
Связанные уязвимости
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, pa ...
