Описание
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
A flaw was found in jQuery. HTML containing <option> elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.
Отчет
Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the pcs component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.
Multiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The 'gcc' and 'tbb' packages were potentially vulnerable via this method.
OpenShift Container Platform 4 is not affected because even though it uses the 'gcc' component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.
Меры по смягчению последствий
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| CloudForms Management Engine 5 | cfme-gemset | Out of support scope | ||
| Red Hat 3scale API Management Platform 2 | jquery | Not affected | ||
| Red Hat build of Apache Camel for Spring Boot 4 | org.webjars/jquery | Not affected | ||
| Red Hat build of Apache Camel - HawtIO 4 | io.hawt-project | Not affected | ||
| Red Hat Build of Keycloak | org.keycloak-keycloak-parent | Not affected | ||
| Red Hat build of OptaPlanner 8 | org.webjars/jquery | Not affected | ||
| Red Hat Ceph Storage 3 | grafana | Out of support scope | ||
| Red Hat Ceph Storage 3 | grafana-container | Out of support scope | ||
| Red Hat Ceph Storage 4 | rhceph/rhceph-4-dashboard-rhel8 | Out of support scope | ||
| Red Hat Certificate System 10 | redhat-pki:10/redhat-pki | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
6.1 Medium
CVSS3
Связанные уязвимости
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, pa ...
EPSS
6.1 Medium
CVSS3