{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2020-11022", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "dateUpdated": "2024-08-04T11:21:14.453Z", "dateReserved": "2020-03-30T00:00:00.000Z", "datePublished": "2020-04-29T00:00:00.000Z"}, "containers": {"cna": {"title": "Potential XSS vulnerability in jQuery", "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-08-31T02:06:33.630Z"}, "descriptions": [{"lang": "en", "value": "In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0."}], "affected": [{"vendor": "jquery", "product": "jQuery", "versions": [{"version": ">= 1.2, < 3.5.0", "status": "affected"}]}], "references": [{"name": "DSA-4693", "tags": ["vendor-advisory"], "url": "https://www.debian.org/security/2020/dsa-4693"}, {"name": "FEDORA-2020-11be4b36d4", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W/"}, {"name": "FEDORA-2020-36d2db5f51", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/"}, {"url": "https://www.oracle.com/security-alerts/cpujul2020.html"}, {"url": "https://jquery.com/upgrade-guide/3.5/"}, {"url": "https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2"}, {"url": "https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77"}, {"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"}, {"url": "https://security.netapp.com/advisory/ntap-20200511-0006/"}, {"url": "https://www.drupal.org/sa-core-2020-002"}, {"name": "openSUSE-SU-2020:1060", "tags": ["vendor-advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html"}, {"name": "GLSA-202007-03", "tags": ["vendor-advisory"], "url": "https://security.gentoo.org/glsa/202007-03"}, {"name": "openSUSE-SU-2020:1106", "tags": ["vendor-advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html"}, {"name": "[airflow-commits] 20200820 [GitHub] [airflow] breser opened a new issue #10429: jquery dependency needs to be updated to 3.5.0 or newer", "tags": ["mailing-list"], "url": "https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133%40%3Ccommits.airflow.apache.org%3E"}, {"name": "FEDORA-2020-fbb94073a1", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/"}, {"name": "FEDORA-2020-0b32a59b54", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/"}, {"name": "FEDORA-2020-fe94df8c34", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/"}, {"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"}, {"name": "[flink-issues] 20201105 [jira] [Created] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": ["mailing-list"], "url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E"}, {"name": "[flink-dev] 20201105 [jira] [Created] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": ["mailing-list"], "url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E"}, {"name": "openSUSE-SU-2020:1888", "tags": ["vendor-advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html"}, {"name": "[flink-issues] 20201129 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": ["mailing-list"], "url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E"}, {"url": "https://www.oracle.com/security-alerts/cpujan2021.html"}, {"url": "https://www.tenable.com/security/tns-2020-11"}, {"url": "https://www.tenable.com/security/tns-2020-10"}, {"name": "[flink-issues] 20210209 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": ["mailing-list"], "url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E"}, {"name": "[flink-issues] 20210209 [jira] [Comment Edited] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": ["mailing-list"], "url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E"}, {"name": "[debian-lts-announce] 20210326 [SECURITY] [DLA 2608-1] jquery security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html"}, {"name": "[flink-issues] 20210422 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": ["mailing-list"], "url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E"}, {"name": "[flink-issues] 20210422 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": ["mailing-list"], "url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E"}, {"name": "[flink-issues] 20210429 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": ["mailing-list"], "url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E"}, {"name": "[flink-issues] 20210429 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": ["mailing-list"], "url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E"}, {"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"}, {"url": "https://www.tenable.com/security/tns-2021-10"}, {"url": "https://www.tenable.com/security/tns-2021-02"}, {"url": "http://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html"}, {"url": "https://www.oracle.com//security-alerts/cpujul2021.html"}, {"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"}, {"name": "[flink-issues] 20211031 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": ["mailing-list"], "url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E"}, {"url": "https://www.oracle.com/security-alerts/cpujan2022.html"}, {"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"}, {"url": "https://www.oracle.com/security-alerts/cpujul2022.html"}, {"name": "[debian-lts-announce] 20230831 [SECURITY] [DLA 3551-1] otrs2 security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 6.9, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "cweId": "CWE-79"}]}], "source": {"advisory": "GHSA-gxr4-xjj5-5px2", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T11:21:14.453Z"}, "title": "CVE Program Container", "references": [{"name": "DSA-4693", "tags": ["vendor-advisory", "x_transferred"], "url": "https://www.debian.org/security/2020/dsa-4693"}, {"name": "FEDORA-2020-11be4b36d4", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W/"}, {"name": "FEDORA-2020-36d2db5f51", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/"}, {"url": "https://www.oracle.com/security-alerts/cpujul2020.html", "tags": ["x_transferred"]}, {"url": "https://jquery.com/upgrade-guide/3.5/", "tags": ["x_transferred"]}, {"url": "https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2", "tags": ["x_transferred"]}, {"url": "https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77", "tags": ["x_transferred"]}, {"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20200511-0006/", "tags": ["x_transferred"]}, {"url": "https://www.drupal.org/sa-core-2020-002", "tags": ["x_transferred"]}, {"name": "openSUSE-SU-2020:1060", "tags": ["vendor-advisory", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html"}, {"name": "GLSA-202007-03", "tags": ["vendor-advisory", "x_transferred"], "url": "https://security.gentoo.org/glsa/202007-03"}, {"name": "openSUSE-SU-2020:1106", "tags": ["vendor-advisory", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html"}, {"name": "[airflow-commits] 20200820 [GitHub] [airflow] breser opened a new issue #10429: jquery dependency needs to be updated to 3.5.0 or newer", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133%40%3Ccommits.airflow.apache.org%3E"}, {"name": "FEDORA-2020-fbb94073a1", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/"}, {"name": "FEDORA-2020-0b32a59b54", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/"}, {"name": "FEDORA-2020-fe94df8c34", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/"}, {"url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "tags": ["x_transferred"]}, {"name": "[flink-issues] 20201105 [jira] [Created] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E"}, {"name": "[flink-dev] 20201105 [jira] [Created] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E"}, {"name": "openSUSE-SU-2020:1888", "tags": ["vendor-advisory", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html"}, {"name": "[flink-issues] 20201129 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E"}, {"url": "https://www.oracle.com/security-alerts/cpujan2021.html", "tags": ["x_transferred"]}, {"url": "https://www.tenable.com/security/tns-2020-11", "tags": ["x_transferred"]}, {"url": "https://www.tenable.com/security/tns-2020-10", "tags": ["x_transferred"]}, {"name": "[flink-issues] 20210209 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E"}, {"name": "[flink-issues] 20210209 [jira] [Comment Edited] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E"}, {"name": "[debian-lts-announce] 20210326 [SECURITY] [DLA 2608-1] jquery security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html"}, {"name": "[flink-issues] 20210422 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E"}, {"name": "[flink-issues] 20210422 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E"}, {"name": "[flink-issues] 20210429 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E"}, {"name": "[flink-issues] 20210429 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E"}, {"url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "tags": ["x_transferred"]}, {"url": "https://www.tenable.com/security/tns-2021-10", "tags": ["x_transferred"]}, {"url": "https://www.tenable.com/security/tns-2021-02", "tags": ["x_transferred"]}, {"url": "http://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html", "tags": ["x_transferred"]}, {"url": "https://www.oracle.com//security-alerts/cpujul2021.html", "tags": ["x_transferred"]}, {"url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "tags": ["x_transferred"]}, {"name": "[flink-issues] 20211031 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E"}, {"url": "https://www.oracle.com/security-alerts/cpujan2022.html", "tags": ["x_transferred"]}, {"url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "tags": ["x_transferred"]}, {"url": "https://www.oracle.com/security-alerts/cpujul2022.html", "tags": ["x_transferred"]}, {"name": "[debian-lts-announce] 20230831 [SECURITY] [DLA 3551-1] otrs2 security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*", "matchCriteriaId": "B5CFA4CA-5296-4B78-8D65-34FC63A09DEF", "versionEndExcluding": "3.5.0", "versionStartIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", "matchCriteriaId": "70C672EE-2027-4A29-8C14-3450DEF1462A", "versionEndExcluding": "7.70", "versionStartIncluding": "7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", "matchCriteriaId": "BBFE42E2-6583-4EBE-B320-B8CF9CA0C3BC", "versionEndExcluding": "8.7.14", "versionStartIncluding": "8.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", "matchCriteriaId": "7BA49DB0-ECC3-4155-B76C-0CA292600DE6", "versionEndExcluding": "8.8.6", "versionStartIncluding": "8.8.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "A079FD6E-3BB0-4997-9A8E-6F8FEC89887A", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A125E817-F974-4509-872C-B71933F42AD1", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:*", "matchCriteriaId": "BBE7BF09-B89C-4590-821E-6C0587E096B5", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:*", "matchCriteriaId": "ADAE8A71-0BCD-42D5-B38C-9B2A27CC1E6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*", "matchCriteriaId": "E7231D2D-4092-44F3-B60A-D7C9ED78AFDF", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*", "matchCriteriaId": "F7BDFC10-45A0-46D8-AB92-4A5E2C1C76ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*", "matchCriteriaId": "18127694-109C-4E7E-AE79-0BA351849291", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:*", "matchCriteriaId": "33F68878-BC19-4DB8-8A72-BD9FE3D0ACEC", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*", "matchCriteriaId": "D0DBC938-A782-433F-8BF1-CA250C332AA7", "versionEndExcluding": "21.1.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:*", "matchCriteriaId": "B796AC70-A220-48D8-B8CD-97CF57227962", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*", "matchCriteriaId": "790A89FD-6B86-49AE-9B4F-AE7262915E13", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "E39D442D-1997-49AF-8B02-5640BE2A26CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\\::*:*:*:*:*:*:*:*", "matchCriteriaId": "FAFED7F5-03FA-43B5-AD13-1130F0324448", "versionEndIncluding": "8.2.2", "versionStartIncluding": "8.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:*", "matchCriteriaId": "1A0E3537-CB5A-40BF-B42C-CED9211B8892", "versionEndIncluding": "16.4.0", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "062E4E7C-55BB-46F3-8B61-5A663B565891", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "726DB59B-00C7-444E-83F7-CB31032482AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B095CC03-7077-4A58-AB25-CC5380CDCE5A", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*", "matchCriteriaId": "7015A8CB-8FA6-423E-8307-BD903244F517", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*", "matchCriteriaId": "F2BB6A71-6AF6-4C0B-9304-4111E32108D4", "versionEndIncluding": "8.1.0.0.0", "versionStartIncluding": "8.0.6.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD080793-FC45-4260-8E45-40E228F432FC", "versionEndIncluding": "8.0.8", "versionStartIncluding": "8.0.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "2ACA29E6-F393-46E5-B2B3-9158077819A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "FCD1EC13-CC2F-4668-90D2-D8609066F2DF", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "4D614F76-0AA1-4EA8-A24A-38EFC90EF5DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "39B8DFFF-B037-4F29-8C8E-F4BBC3435199", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "4D0D0EAC-300D-44B1-AD4A-93A368D5DBA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:*:*:*:*:*:*:*:*", "matchCriteriaId": "C5E0646D-4866-41FB-AE2E-5307B6F4004A", "versionEndIncluding": "8.0.8", "versionStartIncluding": "8.0.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A566893-8DCF-49E4-93D0-0ACCEFD70D3D", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:*:*:*:*:*:*:*:*", "matchCriteriaId": "B37FC113-4F40-4D29-8712-7AD250373008", "versionEndIncluding": "8.0.8", "versionStartIncluding": "8.0.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "00E5D719-249D-48B8-BAFC-1E14D250B3F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_data_foundation:*:*:*:*:*:*:*:*", "matchCriteriaId": "712577A9-04D6-4579-A82B-72200E467399", "versionEndIncluding": "8.1.0", "versionStartIncluding": "8.0.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:*:*:*:*:*:*:*:*", "matchCriteriaId": "672949B4-1989-4AA7-806F-EEC07D07F317", "versionEndIncluding": "8.0.9", "versionStartIncluding": "8.0.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "987A0C35-4C7F-4FFB-B47B-37B69A32F879", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "8B3B6BE3-4C5A-402F-832C-86A0A6234C25", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "9476D1DA-C8A8-40A0-94DD-9B46C05FD461", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "34070F24-2E53-43EC-9117-E1434B2C4C2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "B9B2C2F6-235F-4E78-A299-18C041C05C9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "F727AAC6-6D9F-4B28-B07C-6A93916C43A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:*", "matchCriteriaId": "6662C783-5B5C-4559-89F5-1A681AA46A3E", "versionEndIncluding": "8.0.8", "versionStartIncluding": "8.0.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "51C17460-D326-4525-A7D1-0AED53E75E18", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "37C8EE84-A840-4132-B331-C7D450B1FBBF", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "1D8436A2-9CA3-4C91-B632-9B03368ABC1B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "A00142E6-EEB3-44BD-AB0D-0E5C5640557F", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "6149C89E-0111-4CF9-90CA-0662D2F75E04", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "6CDDF6CA-6441-4606-9D2F-22A67BA46978", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "6FA0B592-A216-4320-A4FE-ABCA6B3E7D7A", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "CEA4D6CF-D54A-40DF-9B70-E13392D0BE19", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:*", "matchCriteriaId": "2A333755-4B6E-4A0F-AC48-4CEA70CD5801", "versionEndIncluding": "8.0.8", "versionStartIncluding": "8.0.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "397B1A24-7C95-4A73-8363-4529A7F6CFCC", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "EF6D5112-4055-4F89-A5B3-0DCB109481B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "D262848E-AA24-4057-A747-6221BA22ADF4", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "4A01F8ED-64DA-43BC-9C02-488010BCD0F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "75638A6A-88B2-4BC7-84EA-1CF5FC30D555", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_profitability_management:8.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "501B9331-6BB7-44BF-A664-180CAFABF88C", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "F2A3AE3C-8E24-4FB6-9954-9B50CBD59B21", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "F8E565DA-91BE-44FC-A28F-579BE8D2281A", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:*:*:*:*:*:*:*:*", "matchCriteriaId": "AED72F90-3B68-45AC-865C-110F7FD30D37", "versionEndIncluding": "8.1.0", "versionStartIncluding": "8.0.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve:*:*:*:*:*:*:*:*", "matchCriteriaId": "4F909C61-1A74-402C-B74F-BAF7297875B0", "versionEndIncluding": "8.0.9", "versionStartIncluding": "8.0.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:healthcare_foundation:7.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "26A1F27B-C3AC-4D13-B9B2-2D6CF65D07BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:healthcare_foundation:7.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "B95E8056-51D8-4390-ADE3-661B7AE1D7CE", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:healthcare_foundation:7.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "609D6EDF-D4D0-4370-9B8B-CA39D41946C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:healthcare_foundation:7.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9059A907-508B-4844-8D7B-0FA68C0DF6A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*", "matchCriteriaId": "2AC63D10-2326-4542-B345-31D45B9A7408", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:hospitality_simphony:*:*:*:*:*:*:*:*", "matchCriteriaId": "7BFD7783-BE15-421C-A550-7FE15AB53ABF", "versionEndIncluding": "19.1.2", "versionStartIncluding": "19.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:hospitality_simphony:18.1:*:*:*:*:*:*:*", "matchCriteriaId": "1F7BF047-03C5-4A60-B718-E222B16DBF41", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:hospitality_simphony:18.2:*:*:*:*:*:*:*", "matchCriteriaId": "E3A73D81-3E1A-42E6-AB96-835CDD5905F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "66136D6D-FC52-40DB-B7B6-BA8B7758CE16", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "06514F46-544B-4404-B45C-C9584EBC3131", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3BD4BF9A-BF38-460D-974D-5B3255AAF946", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:insurance_data_foundation:*:*:*:*:*:*:*:*", "matchCriteriaId": "B7DB4831-F874-4D9D-AB58-BE4A554891EA", "versionEndIncluding": "8.1.0", "versionStartIncluding": "8.0.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:*:*:*:*:*:*:*:*", "matchCriteriaId": "B47C73D0-BE89-4D87-8765-12C507F13AFF", "versionEndIncluding": "5.6.0.0", "versionStartIncluding": "5.0.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5B8AA91A-1880-43CD-938D-48EF58ACF2CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "A7506589-9B3B-49BA-B826-774BFDCC45B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "228DA523-4D6D-48C5-BDB0-DB1A60F23F8B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "335AB6A7-3B1F-4FA8-AF08-7D64C16C4B04", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*", "matchCriteriaId": "D0A735B4-4F3C-416B-8C08-9CB21BAD2889", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*", "matchCriteriaId": "7E1E416B-920B-49A0-9523-382898C2979D", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", "matchCriteriaId": "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:*", "matchCriteriaId": "15512D27-7BEB-4DDD-9A1B-447FC7156E3D", "versionEndIncluding": "12.2.20", "versionStartIncluding": "12.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "0DB5E2C7-9C68-4D3B-95AD-9CBF65DE1E94", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:*", "matchCriteriaId": "90F0B2AB-453C-4585-8753-74D17BD20C79", "versionEndIncluding": "12.2.20", "versionStartIncluding": "12.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_back_office:14.0:*:*:*:*:*:*:*", "matchCriteriaId": "31C7EEA3-AA72-48DA-A112-2923DBB37773", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:*", "matchCriteriaId": "F0735989-13BD-40B3-B954-AC0529C5B53D", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*", "matchCriteriaId": "9EFAEA84-E376-40A2-8C9F-3E0676FEC527", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_returns_management:14.0:*:*:*:*:*:*:*", "matchCriteriaId": "959316A8-C3AF-4126-A242-3835ED0AD1E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:*", "matchCriteriaId": "BDB925C6-2CBC-4D88-B9EA-F246F4F7A206", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:siebel_ui_framework:20.8:*:*:*:*:*:*:*", "matchCriteriaId": "98B9198C-11DF-4E80-ACFC-DC719CED8C7E", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:storagetek_acsls:8.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "6953CFDB-33C0-4B8E-BBBD-E460A17E8ED3", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B40B13B7-68B3-4510-968C-6A730EB46462", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "C93CC705-1F8C-4870-99E6-14BF264C3811", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "F14A818F-AA16-4438-A3E4-E64C9287AC66", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "04BCDC24-4A21-473C-8733-0D9CFB38A752", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:max_data:-:*:*:*:*:*:*:*", "matchCriteriaId": "FD1FCB0D-3E19-4461-9330-4D7F02972A35", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "B9273745-6408-4CD3-94E8-9385D4F5FE69", "versionEndIncluding": "3.1.3", "versionStartIncluding": "3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*", "matchCriteriaId": "9F4754FB-E3EB-454A-AB1A-AE3835C5350C", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", "matchCriteriaId": "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", "matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", "matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", "matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "108A2215-50FB-4074-94CF-C130FA14566D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*", "matchCriteriaId": "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "32F0B6C0-F930-480D-962B-3F4EFDCC13C7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*", "matchCriteriaId": "803BC414-B250-4E3A-A478-A3881340D6B8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0FEB3337-BFDE-462A-908B-176F92053CEC", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*", "matchCriteriaId": "736AEAE9-782B-4F71-9893-DED53367E102", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", "matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*", "matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "matchCriteriaId": "B009C22E-30A4-4288-BCF6-C3E81DEAF45A", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:*", "matchCriteriaId": "4ACF85D6-6B45-43DA-9C01-F0208186F014", "versionEndExcluding": "6.0.9", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:agile_product_supplier_collaboration_for_process:6.2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "CA6F2E4C-C935-40CF-972E-8C3D8A912134", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:banking_digital_experience:*:*:*:*:*:*:*:*", "matchCriteriaId": "59830587-A6B0-4642-B566-6FD8792F7716", "versionEndIncluding": "20.1", "versionStartIncluding": "18.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:*", "matchCriteriaId": "B796AC70-A220-48D8-B8CD-97CF57227962", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*", "matchCriteriaId": "790A89FD-6B86-49AE-9B4F-AE7262915E13", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "E39D442D-1997-49AF-8B02-5640BE2A26CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\\::*:*:*:*:*:*:*:*", "matchCriteriaId": "FAFED7F5-03FA-43B5-AD13-1130F0324448", "versionEndIncluding": "8.2.2", "versionStartIncluding": "8.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "726DB59B-00C7-444E-83F7-CB31032482AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B095CC03-7077-4A58-AB25-CC5380CDCE5A", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*", "matchCriteriaId": "7015A8CB-8FA6-423E-8307-BD903244F517", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*", "matchCriteriaId": "021014B2-DC51-481C-BCFE-5857EFBDEDDA", "versionEndIncluding": "8.1.0", "versionStartIncluding": "8.0.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD080793-FC45-4260-8E45-40E228F432FC", "versionEndIncluding": "8.0.8", "versionStartIncluding": "8.0.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "2ACA29E6-F393-46E5-B2B3-9158077819A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "FCD1EC13-CC2F-4668-90D2-D8609066F2DF", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "4D614F76-0AA1-4EA8-A24A-38EFC90EF5DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "39B8DFFF-B037-4F29-8C8E-F4BBC3435199", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "4D0D0EAC-300D-44B1-AD4A-93A368D5DBA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:*:*:*:*:*:*:*:*", "matchCriteriaId": "C5E0646D-4866-41FB-AE2E-5307B6F4004A", "versionEndIncluding": "8.0.8", "versionStartIncluding": "8.0.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A566893-8DCF-49E4-93D0-0ACCEFD70D3D", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:*:*:*:*:*:*:*:*", "matchCriteriaId": "B37FC113-4F40-4D29-8712-7AD250373008", "versionEndIncluding": "8.0.8", "versionStartIncluding": "8.0.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "00E5D719-249D-48B8-BAFC-1E14D250B3F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_data_foundation:*:*:*:*:*:*:*:*", "matchCriteriaId": "712577A9-04D6-4579-A82B-72200E467399", "versionEndIncluding": "8.1.0", "versionStartIncluding": "8.0.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:*:*:*:*:*:*:*:*", "matchCriteriaId": "672949B4-1989-4AA7-806F-EEC07D07F317", "versionEndIncluding": "8.0.9", "versionStartIncluding": "8.0.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "987A0C35-4C7F-4FFB-B47B-37B69A32F879", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "8B3B6BE3-4C5A-402F-832C-86A0A6234C25", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "9476D1DA-C8A8-40A0-94DD-9B46C05FD461", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "34070F24-2E53-43EC-9117-E1434B2C4C2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "B9B2C2F6-235F-4E78-A299-18C041C05C9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "F727AAC6-6D9F-4B28-B07C-6A93916C43A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:*", "matchCriteriaId": "6662C783-5B5C-4559-89F5-1A681AA46A3E", "versionEndIncluding": "8.0.8", "versionStartIncluding": "8.0.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "51C17460-D326-4525-A7D1-0AED53E75E18", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "37C8EE84-A840-4132-B331-C7D450B1FBBF", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "1D8436A2-9CA3-4C91-B632-9B03368ABC1B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "A00142E6-EEB3-44BD-AB0D-0E5C5640557F", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "6149C89E-0111-4CF9-90CA-0662D2F75E04", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "6CDDF6CA-6441-4606-9D2F-22A67BA46978", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "6FA0B592-A216-4320-A4FE-ABCA6B3E7D7A", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "CEA4D6CF-D54A-40DF-9B70-E13392D0BE19", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:*", "matchCriteriaId": "2A333755-4B6E-4A0F-AC48-4CEA70CD5801", "versionEndIncluding": "8.0.8", "versionStartIncluding": "8.0.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "397B1A24-7C95-4A73-8363-4529A7F6CFCC", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "EF6D5112-4055-4F89-A5B3-0DCB109481B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "D262848E-AA24-4057-A747-6221BA22ADF4", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "4A01F8ED-64DA-43BC-9C02-488010BCD0F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "75638A6A-88B2-4BC7-84EA-1CF5FC30D555", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_profitability_management:8.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "501B9331-6BB7-44BF-A664-180CAFABF88C", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "F2A3AE3C-8E24-4FB6-9954-9B50CBD59B21", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "F8E565DA-91BE-44FC-A28F-579BE8D2281A", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:*:*:*:*:*:*:*:*", "matchCriteriaId": "AED72F90-3B68-45AC-865C-110F7FD30D37", "versionEndIncluding": "8.1.0", "versionStartIncluding": "8.0.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve:*:*:*:*:*:*:*:*", "matchCriteriaId": "4F909C61-1A74-402C-B74F-BAF7297875B0", "versionEndIncluding": "8.0.9", "versionStartIncluding": "8.0.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:healthcare_foundation:7.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "26A1F27B-C3AC-4D13-B9B2-2D6CF65D07BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:healthcare_foundation:7.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "B95E8056-51D8-4390-ADE3-661B7AE1D7CE", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:healthcare_foundation:7.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "609D6EDF-D4D0-4370-9B8B-CA39D41946C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:healthcare_foundation:7.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9059A907-508B-4844-8D7B-0FA68C0DF6A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*", "matchCriteriaId": "2AC63D10-2326-4542-B345-31D45B9A7408", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:hospitality_simphony:18.1:*:*:*:*:*:*:*", "matchCriteriaId": "1F7BF047-03C5-4A60-B718-E222B16DBF41", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:hospitality_simphony:18.2:*:*:*:*:*:*:*", "matchCriteriaId": "E3A73D81-3E1A-42E6-AB96-835CDD5905F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:hospitality_simphony:19.1.0-19.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "351F9DE9-2FCE-4BCA-A098-CDFB07E6E4B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "66136D6D-FC52-40DB-B7B6-BA8B7758CE16", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "06514F46-544B-4404-B45C-C9584EBC3131", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3BD4BF9A-BF38-460D-974D-5B3255AAF946", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:insurance_data_foundation:8.0.6-8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "D10745C6-2751-4FD0-BDFA-84C7AB8066BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:*:*:*:*:*:*:*:*", "matchCriteriaId": "B47C73D0-BE89-4D87-8765-12C507F13AFF", "versionEndIncluding": "5.6.0.0", "versionStartIncluding": "5.0.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5B8AA91A-1880-43CD-938D-48EF58ACF2CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "A7506589-9B3B-49BA-B826-774BFDCC45B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "228DA523-4D6D-48C5-BDB0-DB1A60F23F8B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "335AB6A7-3B1F-4FA8-AF08-7D64C16C4B04", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*", "matchCriteriaId": "D0A735B4-4F3C-416B-8C08-9CB21BAD2889", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*", "matchCriteriaId": "7E1E416B-920B-49A0-9523-382898C2979D", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", "matchCriteriaId": "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:*", "matchCriteriaId": "15512D27-7BEB-4DDD-9A1B-447FC7156E3D", "versionEndIncluding": "12.2.20", "versionStartIncluding": "12.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "0DB5E2C7-9C68-4D3B-95AD-9CBF65DE1E94", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:*", "matchCriteriaId": "90F0B2AB-453C-4585-8753-74D17BD20C79", "versionEndIncluding": "12.2.20", "versionStartIncluding": "12.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_back_office:14.0:*:*:*:*:*:*:*", "matchCriteriaId": "31C7EEA3-AA72-48DA-A112-2923DBB37773", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:*", "matchCriteriaId": "F0735989-13BD-40B3-B954-AC0529C5B53D", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*", "matchCriteriaId": "9EFAEA84-E376-40A2-8C9F-3E0676FEC527", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_returns_management:14.0:*:*:*:*:*:*:*", "matchCriteriaId": "959316A8-C3AF-4126-A242-3835ED0AD1E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:*", "matchCriteriaId": "BDB925C6-2CBC-4D88-B9EA-F246F4F7A206", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:siebel_ui_framework:20.8:*:*:*:*:*:*:*", "matchCriteriaId": "98B9198C-11DF-4E80-ACFC-DC719CED8C7E", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B40B13B7-68B3-4510-968C-6A730EB46462", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "C93CC705-1F8C-4870-99E6-14BF264C3811", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "F14A818F-AA16-4438-A3E4-E64C9287AC66", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "04BCDC24-4A21-473C-8733-0D9CFB38A752", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0."}, {"lang": "es", "value": "En las versiones de jQuery mayores o iguales a 1.2 y anteriores a la versi\u00f3n 3.5.0, se puede ejecutar HTML desde fuentes no seguras, incluso despu\u00e9s de desinfectarlo, a uno de los m\u00e9todos de manipulaci\u00f3n DOM de jQuery (es decir .html (), .append () y otros). c\u00f3digo no seguro Este problema est\u00e1 corregido en jQuery 3.5.0."}], "id": "CVE-2020-11022", "lastModified": "2024-11-21T04:56:36.110", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 4.7, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-04-29T22:15:11.903", "references": [{"source": "security-advisories@github.com", "tags": ["Broken Link"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html"}, {"source": "security-advisories@github.com", "tags": ["Broken Link"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html"}, {"source": "security-advisories@github.com", "tags": ["Broken Link"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html"}, {"source": "security-advisories@github.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77"}, {"source": "security-advisories@github.com", "tags": ["Mitigation", "Third Party Advisory"], "url": "https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2"}, {"source": "security-advisories@github.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://jquery.com/upgrade-guide/3.5/"}, {"source": "security-advisories@github.com", "url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E"}, {"source": "security-advisories@github.com", "url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E"}, {"source": "security-advisories@github.com", "url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E"}, {"source": "security-advisories@github.com", "url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E"}, {"source": "security-advisories@github.com", "url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E"}, {"source": "security-advisories@github.com", "url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E"}, {"source": "security-advisories@github.com", "url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E"}, {"source": "security-advisories@github.com", "url": "https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133%40%3Ccommits.airflow.apache.org%3E"}, {"source": "security-advisories@github.com", "url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E"}, {"source": "security-advisories@github.com", "url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E"}, {"source": "security-advisories@github.com", "url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E"}, {"source": "security-advisories@github.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html"}, {"source": "security-advisories@github.com", "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W/"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202007-03"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20200511-0006/"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2020/dsa-4693"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://www.drupal.org/sa-core-2020-002"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com//security-alerts/cpujul2021.html"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpujan2021.html"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpujan2022.html"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpujul2020.html"}, {"source": "security-advisories@github.com", "url": "https://www.oracle.com/security-alerts/cpujul2022.html"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://www.tenable.com/security/tns-2020-10"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://www.tenable.com/security/tns-2020-11"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://www.tenable.com/security/tns-2021-02"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://www.tenable.com/security/tns-2021-10"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mitigation", "Third Party Advisory"], "url": "https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://jquery.com/upgrade-guide/3.5/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133%40%3Ccommits.airflow.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202007-03"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20200511-0006/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2020/dsa-4693"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.drupal.org/sa-core-2020-002"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com//security-alerts/cpujul2021.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpujan2021.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpujan2022.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpujul2020.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.oracle.com/security-alerts/cpujul2022.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.tenable.com/security/tns-2020-10"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.tenable.com/security/tns-2020-11"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.tenable.com/security/tns-2021-02"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.tenable.com/security/tns-2021-10"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2020:4211", "cpe": "cpe:/a:redhat:amq_interconnect:1::el6", "package": "qpid-dispatch-0:1.13.0-3.el6_10", "product_name": "A-MQ Interconnect 1.y for RHEL 6", "release_date": "2020-10-08T00:00:00Z"}, {"advisory": "RHSA-2020:4211", "cpe": "cpe:/a:redhat:amq_interconnect:1::el7", "package": "qpid-dispatch-0:1.13.0-3.el7", "product_name": "A-MQ Interconnect 1.y for RHEL 7", "release_date": "2020-10-08T00:00:00Z"}, {"advisory": "RHSA-2020:4211", "cpe": "cpe:/a:redhat:amq_interconnect:1::el8", "package": "qpid-dispatch-0:1.13.0-3.el8", "product_name": "A-MQ Interconnect 1.y for RHEL 8", "release_date": "2020-10-08T00:00:00Z"}, {"advisory": "RHSA-2020:2362", "cpe": "cpe:/a:redhat:service_mesh:1.0::el7", "package": "jaeger-0:v1.13.1.redhat7-1.el7", "product_name": "Openshift Service Mesh 1.0", "release_date": "2020-06-02T00:00:00Z"}, {"advisory": "RHSA-2020:2362", "cpe": "cpe:/a:redhat:service_mesh:1.0::el7", "package": "kiali-0:v1.0.11.redhat1-1.el7", "product_name": "Openshift Service Mesh 1.0", "release_date": "2020-06-02T00:00:00Z"}, {"advisory": "RHSA-2020:2362", "cpe": "cpe:/a:redhat:service_mesh:1.0::el8", "package": "servicemesh-grafana-0:6.2.2-36.el8", "product_name": "OpenShift Service Mesh 1.0", "release_date": "2020-06-02T00:00:00Z"}, {"advisory": "RHSA-2021:0778", "cpe": "cpe:/a:redhat:ansible_tower:3.6::el7", "package": "ansible-tower-36/ansible-tower:3.6.7-1", "product_name": "Red Hat Ansible Tower 3.6 for RHEL 7", "release_date": "2021-03-09T00:00:00Z"}, {"advisory": "RHSA-2020:5249", "cpe": "cpe:/a:redhat:ansible_tower:3.7::el7", "package": "ansible-tower-37/ansible-tower-rhel7:3.7.4-1", "product_name": "Red Hat Ansible Tower 3.7 for RHEL 7", "release_date": "2020-11-30T00:00:00Z"}, {"advisory": "RHSA-2020:3936", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "ipa-0:4.6.8-5.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2020-09-29T00:00:00Z"}, {"advisory": "RHSA-2020:4670", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "idm:client-8030020200923172426.05ac3f11", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-11-04T00:00:00Z"}, {"advisory": "RHSA-2020:4670", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "idm:DL1-8030020200923172343.9c827e52", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-11-04T00:00:00Z"}, {"advisory": "RHSA-2020:4847", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "pki-core:10.6-8030020200911215836.5ff1562f", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-11-04T00:00:00Z"}, {"advisory": "RHSA-2020:4847", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "pki-deps:10.6-8030020200527165326.30b713e6", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-11-04T00:00:00Z"}, {"advisory": "RHSA-2023:0556", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4", "impact": "low", "package": "jquery", "product_name": "Red Hat JBoss Enterprise Application Platform 7", "release_date": "2023-01-31T00:00:00Z"}, {"advisory": "RHSA-2023:0553", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "impact": "low", "package": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2023-01-31T00:00:00Z"}, {"advisory": "RHSA-2023:0554", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "impact": "low", "package": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2023-01-31T00:00:00Z"}, {"advisory": "RHSA-2023:0552", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "impact": "low", "package": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date": "2023-01-31T00:00:00Z"}, {"advisory": "RHSA-2020:2217", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "atomic-openshift-web-console-0:3.11.219-1.git.1.9b9b889.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2020-05-28T00:00:00Z"}, {"advisory": "RHSA-2020:2412", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "package": "openshift4/ose-console:v4.5.0-202007012112.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-07-13T00:00:00Z"}, {"advisory": "RHSA-2020:4298", "cpe": "cpe:/a:redhat:openshift:4.6::el8", "package": "openshift4/ose-grafana:v4.6.0-202010061132.p0", "product_name": "Red Hat OpenShift Container Platform 4.6", "release_date": "2020-10-27T00:00:00Z"}, {"advisory": "RHSA-2020:4298", "cpe": "cpe:/a:redhat:openshift:4.6::el8", "package": "openshift4/ose-prometheus:v4.6.0-202009290409.p0", "product_name": "Red Hat OpenShift Container Platform 4.6", "release_date": "2020-10-27T00:00:00Z"}, {"advisory": "RHSA-2023:1049", "cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6", "package": "keycloak-idp-jquery", "product_name": "Red Hat Single Sign-On 7", "release_date": "2023-03-01T00:00:00Z"}, {"advisory": "RHSA-2020:2813", "cpe": "cpe:/a:redhat:jboss_single_sign_on:7.4", "package": "js-jquery", "product_name": "Red Hat Single Sign-On 7.4.1", "release_date": "2020-07-02T00:00:00Z"}, {"advisory": "RHSA-2023:1043", "cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6::el7", "package": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso", "product_name": "Red Hat Single Sign-On 7.6 for RHEL 7", "release_date": "2023-03-01T00:00:00Z"}, {"advisory": "RHSA-2023:1044", "cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6::el8", "package": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso", "product_name": "Red Hat Single Sign-On 7.6 for RHEL 8", "release_date": "2023-03-01T00:00:00Z"}, {"advisory": "RHSA-2023:1045", "cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6::el9", "package": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso", "product_name": "Red Hat Single Sign-On 7.6 for RHEL 9", "release_date": "2023-03-01T00:00:00Z"}, {"advisory": "RHSA-2020:3247", "cpe": "cpe:/a:redhat:rhev_manager:4.4:el8", "package": "ovirt-engine-ui-extensions-0:1.2.2-1.el8ev", "product_name": "Red Hat Virtualization Engine 4.4", "release_date": "2020-08-04T00:00:00Z"}, {"advisory": "RHSA-2020:3807", "cpe": "cpe:/a:redhat:rhev_manager:4.4:el8", "package": "ovirt-web-ui-0:1.6.4-1.el8ev", "product_name": "Red Hat Virtualization Engine 4.4", "release_date": "2020-09-23T00:00:00Z"}, {"advisory": "RHSA-2022:6393", "cpe": "cpe:/a:redhat:rhev_manager:4.4:el8", "package": "org.ovirt.engine-root-0:4.5.2.4-1", "product_name": "Red Hat Virtualization Engine 4.4", "release_date": "2022-09-08T00:00:00Z"}, {"advisory": "RHSA-2023:1047", "cpe": "cpe:/a:redhat:rhosemc:1.0::el8", "package": "rh-sso-7/sso76-openshift-rhel8:7.6-20", "product_name": "RHEL-8 based Middleware Containers", "release_date": "2023-03-01T00:00:00Z"}], "bugzilla": {"description": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", "id": "1828406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.1", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "status": "verified"}, "cwe": "CWE-79", "details": ["In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.", "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser."], "name": "CVE-2020-11022", "package_state": [{"cpe": "cpe:/a:redhat:cloudforms_managementengine:5", "fix_state": "Will not fix", "impact": "moderate", "package_name": "cfme-gemset", "product_name": "CloudForms Management Engine 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "ipa", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "pcp", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "pcs", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "python-coverage", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "python-weberror", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "cockpit", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "ipsilon", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "pcp", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "impact": "low", "package_name": "pcs", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "pki-core", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "publican", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "python-coverage", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "cockpit", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "impact": "low", "package_name": "pcs", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Will not fix", "package_name": "jquery", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Will not fix", "package_name": "openshift3/grafana", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openstack:10", "fix_state": "Not affected", "package_name": "python-XStatic-jQuery", "product_name": "Red Hat OpenStack Platform 10 (Newton)"}, {"cpe": "cpe:/a:redhat:openstack:10", "fix_state": "Not affected", "package_name": "python-XStatic-jquery-ui", "product_name": "Red Hat OpenStack Platform 10 (Newton)"}, {"cpe": "cpe:/a:redhat:openstack:13", "fix_state": "Not affected", "package_name": "python-XStatic-jQuery", "product_name": "Red Hat OpenStack Platform 13 (Queens)"}, {"cpe": "cpe:/a:redhat:openstack:13", "fix_state": "Not affected", "package_name": "python-XStatic-jquery-ui", "product_name": "Red Hat OpenStack Platform 13 (Queens)"}, {"cpe": "cpe:/a:redhat:openstack:15", "fix_state": "Not affected", "package_name": "python-XStatic-jQuery", "product_name": "Red Hat OpenStack Platform 15 (Stein)"}, {"cpe": "cpe:/a:redhat:openstack:15", "fix_state": "Not affected", "package_name": "python-XStatic-jquery-ui", "product_name": "Red Hat OpenStack Platform 15 (Stein)"}, {"cpe": "cpe:/a:redhat:openstack:16", "fix_state": "Not affected", "package_name": "python-XStatic-jQuery", "product_name": "Red Hat OpenStack Platform 16 (Train)"}, {"cpe": "cpe:/a:redhat:openstack:16", "fix_state": "Not affected", "package_name": "python-XStatic-jquery-ui", "product_name": "Red Hat OpenStack Platform 16 (Train)"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Not affected", "package_name": "quay/quay-rhel8", "product_name": "Red Hat Quay 3"}, {"cpe": "cpe:/a:redhat:network_satellite:5", "fix_state": "Out of support scope", "impact": "moderate", "package_name": "jquery-ui", "product_name": "Red Hat Satellite 5"}, {"cpe": "cpe:/a:redhat:network_satellite:5", "fix_state": "Out of support scope", "impact": "moderate", "package_name": "patternfly1", "product_name": "Red Hat Satellite 5"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Not affected", "impact": "low", "package_name": "jquery", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Will not fix", "package_name": "python27-python-coverage", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Will not fix", "package_name": "python27-python-werkzeug", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Not affected", "package_name": "rh-python35-python-coverage", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Not affected", "package_name": "rh-python36-python-coverage", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Out of support scope", "package_name": "rh-ror42-rubygem-jquery-rails", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Out of support scope", "package_name": "rh-ror50-rubygem-jquery-rails", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:storage:3", "fix_state": "Affected", "package_name": "pcs", "product_name": "Red Hat Storage 3"}, {"cpe": "cpe:/a:redhat:storage:3", "fix_state": "Affected", "package_name": "python-testtools", "product_name": "Red Hat Storage 3"}, {"cpe": "cpe:/o:redhat:rhev_hypervisor:4", "fix_state": "Affected", "package_name": "ovirt-engine", "product_name": "Red Hat Virtualization 4"}, {"cpe": "cpe:/o:redhat:rhev_hypervisor:4", "fix_state": "Out of support scope", "package_name": "ovirt-engine-api-explorer", "product_name": "Red Hat Virtualization 4"}, {"cpe": "cpe:/o:redhat:rhev_hypervisor:4", "fix_state": "Fix deferred", "package_name": "ovirt-js-dependencies", "product_name": "Red Hat Virtualization 4"}], "public_date": "2020-04-23T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-11022\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-11022\nhttps://github.com/advisories/GHSA-gxr4-xjj5-5px2"], "statement": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.", "threat_severity": "Moderate"}

{}