CVE-2020-11023 - Vulnerability Details

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is in the KEV database since Jan. 23, 2025.

The EPSS score is 0.36278.

Exploitation active

Automatable no

Technical Impact partial

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

jquery

jQuery

affected

Version	Status	Constraints
`>= 1.0.3, < 3.5.0`	affected	—

Configuration 1 [-]

cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 3 [-]

OR	cpe:2.3:o:fedoraproject:fedora:31:::::::*
	cpe:2.3:o:fedoraproject:fedora:32:::::::*
	cpe:2.3:o:fedoraproject:fedora:33:::::::*

Configuration 4 [-]

OR	cpe:2.3:a:drupal:drupal::::::::
	cpe:2.3:a:drupal:drupal::::::::
	cpe:2.3:a:drupal:drupal::::::::

Configuration 5 [-]

OR	cpe:2.3:a:oracle:application_express::::::::
	cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:::::::*
	cpe:2.3:a:oracle:banking_enterprise_collections::::::::
	cpe:2.3:a:oracle:banking_platform::::::::
	cpe:2.3:a:oracle:blockchain_platform::::::::
	cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*
	cpe:2.3:a:oracle:business_intelligence:5.9.0.0.0::::enterprise:::
	cpe:2.3:a:oracle:communications_analytics:12.1.1:::::::*
	cpe:2.3:a:oracle:communications_eagle_application_processor::::::::
	cpe:2.3:a:oracle:communications_element_manager:8.1.1:::::::*
	cpe:2.3:a:oracle:communications_element_manager:8.2.0:::::::*
	cpe:2.3:a:oracle:communications_element_manager:8.2.1:::::::*
	cpe:2.3:a:oracle:communications_interactive_session_recorder::::::::
	cpe:2.3:a:oracle:communications_operations_monitor::::::::
	cpe:2.3:a:oracle:communications_operations_monitor:3.4:::::::*
	cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:::::::*
	cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:::::::*
	cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:::::::*
	cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:::::::*
	cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:::::::*
	cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:::::::*
	cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:::::::*
	cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_de_nederlandsche_bank:8.0.4:::::::*
	cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.7:::::::*
	cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.8:::::::*
	cpe:2.3:a:oracle:health_sciences_inform:6.3.0:::::::*
	cpe:2.3:a:oracle:healthcare_translational_research:3.2.1:::::::*
	cpe:2.3:a:oracle:healthcare_translational_research:3.3.1:::::::*
	cpe:2.3:a:oracle:healthcare_translational_research:3.3.2:::::::*
	cpe:2.3:a:oracle:healthcare_translational_research:3.4.0:::::::*
	cpe:2.3:a:oracle:hyperion_financial_reporting:11.1.2.4:::::::*
	cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator::::::::
	cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools::::::::
	cpe:2.3:a:oracle:oss_support_tools::::::::
	cpe:2.3:a:oracle:peoplesoft_enterprise_human_capital_management_resources:9.2:::::::*
	cpe:2.3:a:oracle:primavera_gateway::::::::
	cpe:2.3:a:oracle:primavera_gateway::::::::
	cpe:2.3:a:oracle:primavera_gateway::::::::
	cpe:2.3:a:oracle:primavera_gateway::::::::
	cpe:2.3:a:oracle:rest_data_services:11.2.0.4::::-:::
	cpe:2.3:a:oracle:rest_data_services:12.1.0.2::::-:::
	cpe:2.3:a:oracle:rest_data_services:12.2.0.1::::-:::
	cpe:2.3:a:oracle:rest_data_services:18c::::-:::
	cpe:2.3:a:oracle:rest_data_services:19c::::-:::
	cpe:2.3:a:oracle:siebel_mobile::::::::
	cpe:2.3:a:oracle:storagetek_acsls:8.5.1:::::::*
	cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3.1:::::::*
	cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:::::::*
	cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:::::::*
	cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:::::::*
	cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*
	cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*
	cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*

Configuration 6 [-]

AND

cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

Configuration 14 [-]

OR	cpe:2.3:a:netapp:active_iq_unified_manager:-:::::linux::
	cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vsphere::
	cpe:2.3:a:netapp:active_iq_unified_manager:-:::::windows::
	cpe:2.3:a:netapp:cloud_backup:-:::::::*
	cpe:2.3:a:netapp:cloud_insights_storage_workload_security_agent:-:::::::*
	cpe:2.3:a:netapp:hci_baseboard_management_controller:-:::::::*
	cpe:2.3:a:netapp:max_data:-:::::::*
	cpe:2.3:a:netapp:oncommand_insight:-:::::::*
	cpe:2.3:a:netapp:oncommand_system_manager::::::::
	cpe:2.3:a:netapp:snap_creator_framework:-:::::::*
	cpe:2.3:a:netapp:snapcenter_server:-:::::::*

Configuration 15 [-]

cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
A-MQ Interconnect 1.y for RHEL 6
qpid-dispatch-0:1.13.0-3.el6_10	cpe:/a:redhat:amq_interconnect:1::el6	RHSA-2020:4211	2020-10-08T00:00:00Z
A-MQ Interconnect 1.y for RHEL 7
qpid-dispatch-0:1.13.0-3.el7	cpe:/a:redhat:amq_interconnect:1::el7	RHSA-2020:4211	2020-10-08T00:00:00Z
A-MQ Interconnect 1.y for RHEL 8
qpid-dispatch-0:1.13.0-3.el8	cpe:/a:redhat:amq_interconnect:1::el8	RHSA-2020:4211	2020-10-08T00:00:00Z
Discovery 1 for RHEL 9
discovery/discovery-server-rhel9:1.12.0-1	cpe:/o:redhat:discovery:1.0::el9	RHSA-2025:1249	2025-02-10T00:00:00Z
discovery/discovery-ui-rhel9:1.12.0-1	cpe:/o:redhat:discovery:1.0::el9	RHSA-2025:1249	2025-02-10T00:00:00Z
Openshift Service Mesh 1.1
kiali-0:v1.12.10.redhat2-1.el7	cpe:/a:redhat:service_mesh:1.1::el7	RHSA-2020:3369	2020-08-06T00:00:00Z
OpenShift Service Mesh 1.1
ior-0:1.1.6-1.el8	cpe:/a:redhat:service_mesh:1.1::el8	RHSA-2020:3369	2020-08-06T00:00:00Z
servicemesh-0:1.1.6-1.el8	cpe:/a:redhat:service_mesh:1.1::el8	RHSA-2020:3369	2020-08-06T00:00:00Z
servicemesh-cni-0:1.1.6-1.el8	cpe:/a:redhat:service_mesh:1.1::el8	RHSA-2020:3369	2020-08-06T00:00:00Z
servicemesh-grafana-0:6.4.3-13.el8	cpe:/a:redhat:service_mesh:1.1::el8	RHSA-2020:3369	2020-08-06T00:00:00Z
servicemesh-operator-0:1.1.6-2.el8	cpe:/a:redhat:service_mesh:1.1::el8	RHSA-2020:3369	2020-08-06T00:00:00Z
servicemesh-prometheus-0:2.14.0-14.el8	cpe:/a:redhat:service_mesh:1.1::el8	RHSA-2020:3369	2020-08-06T00:00:00Z
Red Hat Ansible Tower 3.6 for RHEL 7
ansible-tower-36/ansible-tower:3.6.7-1	cpe:/a:redhat:ansible_tower:3.6::el7	RHSA-2021:0778	2021-03-09T00:00:00Z
Red Hat Ansible Tower 3.7 for RHEL 7
ansible-tower-37/ansible-tower-rhel7:3.7.4-1	cpe:/a:redhat:ansible_tower:3.7::el7	RHSA-2020:5249	2020-11-30T00:00:00Z
Red Hat Enterprise Linux 7
pki-core-0:10.5.18-12.el7_9	cpe:/o:redhat:enterprise_linux:7	RHSA-2021:0851	2021-03-16T00:00:00Z
ipa-0:4.6.8-5.el7_9.4	cpe:/o:redhat:enterprise_linux:7	RHSA-2021:0860	2021-03-16T00:00:00Z
pcs-0:0.9.169-3.el7_9.3	cpe:/o:redhat:enterprise_linux:7	RHSA-2022:7343	2022-11-02T00:00:00Z
Red Hat Enterprise Linux 7.7 Advanced Update Support
doxygen-1:1.8.5-3.el7_7.1	cpe:/o:redhat:rhel_aus:7.7	RHSA-2025:1256	2025-02-10T00:00:00Z
ipa-0:4.6.5-11.el7_7.5	cpe:/o:redhat:rhel_aus:7.7	RHSA-2025:1514	2025-02-17T00:00:00Z
gcc-0:4.8.5-40.el7_7	cpe:/o:redhat:rhel_aus:7.7	RHSA-2025:1580	2025-02-17T00:00:00Z
pki-core-0:10.5.16-8.el7_7	cpe:/o:redhat:rhel_aus:7.7	RHSA-2025:2426	2025-03-06T00:00:00Z
Red Hat Enterprise Linux 7 Extended Lifecycle Support
doxygen-1:1.8.5-4.el7_9.1	cpe:/o:redhat:rhel_els:7	RHSA-2025:1255	2025-02-10T00:00:00Z
gcc-0:4.8.5-45.el7_9	cpe:/o:redhat:rhel_els:7	RHSA-2025:1601	2025-02-17T00:00:00Z
Red Hat Enterprise Linux 8
pki-core:10.6-8030020200911215836.5ff1562f	cpe:/a:redhat:enterprise_linux:8	RHSA-2020:4847	2020-11-04T00:00:00Z
pki-deps:10.6-8030020200527165326.30b713e6	cpe:/a:redhat:enterprise_linux:8	RHSA-2020:4847	2020-11-04T00:00:00Z
idm:client-8040020210319141812.479738cf	cpe:/a:redhat:enterprise_linux:8	RHSA-2021:1846	2021-05-18T00:00:00Z
idm:DL1-8040020210319141752.1f8cbe47	cpe:/a:redhat:enterprise_linux:8	RHSA-2021:1846	2021-05-18T00:00:00Z
tbb-0:2018.2-10.el8_10.1	cpe:/a:redhat:enterprise_linux:8	RHSA-2025:1215	2025-02-10T00:00:00Z
gcc-0:8.5.0-23.el8_10	cpe:/a:redhat:enterprise_linux:8	RHSA-2025:1301	2025-02-11T00:00:00Z
gcc-toolset-13-gcc-0:13.3.1-2.2.el8_10	cpe:/a:redhat:enterprise_linux:8	RHSA-2025:1306	2025-02-11T00:00:00Z
gcc-toolset-14-gcc-0:14.2.1-7.1.el8_10	cpe:/a:redhat:enterprise_linux:8	RHSA-2025:1338	2025-02-12T00:00:00Z
doxygen-1:1.8.14-13.el8_10	cpe:/a:redhat:enterprise_linux:8::crb	RHSA-2025:1314	2025-02-11T00:00:00Z
pcs-0:0.10.10-4.el8	cpe:/a:redhat:enterprise_linux:8::highavailability	RHSA-2021:4142	2021-11-09T00:00:00Z
gcc-0:8.5.0-23.el8_10	cpe:/o:redhat:enterprise_linux:8	RHSA-2025:1301	2025-02-11T00:00:00Z
Red Hat Enterprise Linux 8.2 Advanced Update Support
tbb-0:2018.2-9.el8_2.1	cpe:/a:redhat:rhel_aus:8.2	RHSA-2025:1217	2025-02-10T00:00:00Z
gcc-0:8.3.1-8.el8_2	cpe:/a:redhat:rhel_aus:8.2	RHSA-2025:1310	2025-02-11T00:00:00Z
idm:DL1-8020020250212111622.792f4060	cpe:/a:redhat:rhel_aus:8.2	RHSA-2025:1515	2025-02-17T00:00:00Z
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
tbb-0:2018.2-10.el8_4.1	cpe:/a:redhat:rhel_aus:8.4	RHSA-2025:1212	2025-02-10T00:00:00Z
gcc-0:8.4.1-1.4.el8_4	cpe:/a:redhat:rhel_aus:8.4	RHSA-2025:1312	2025-02-11T00:00:00Z
Red Hat Enterprise Linux 8.4 Telecommunications Update Service
tbb-0:2018.2-10.el8_4.1	cpe:/a:redhat:rhel_tus:8.4	RHSA-2025:1212	2025-02-10T00:00:00Z
gcc-0:8.4.1-1.4.el8_4	cpe:/a:redhat:rhel_tus:8.4	RHSA-2025:1312	2025-02-11T00:00:00Z
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
tbb-0:2018.2-10.el8_4.1	cpe:/a:redhat:rhel_e4s:8.4	RHSA-2025:1212	2025-02-10T00:00:00Z
gcc-0:8.4.1-1.4.el8_4	cpe:/a:redhat:rhel_e4s:8.4	RHSA-2025:1312	2025-02-11T00:00:00Z
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
tbb-0:2018.2-10.el8_6.1	cpe:/a:redhat:rhel_aus:8.6	RHSA-2025:1216	2025-02-10T00:00:00Z
gcc-0:8.5.0-10.4.el8_6	cpe:/a:redhat:rhel_aus:8.6	RHSA-2025:1308	2025-02-11T00:00:00Z
Red Hat Enterprise Linux 8.6 Telecommunications Update Service
tbb-0:2018.2-10.el8_6.1	cpe:/a:redhat:rhel_tus:8.6	RHSA-2025:1216	2025-02-10T00:00:00Z
gcc-0:8.5.0-10.4.el8_6	cpe:/a:redhat:rhel_tus:8.6	RHSA-2025:1308	2025-02-11T00:00:00Z
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
tbb-0:2018.2-10.el8_6.1	cpe:/a:redhat:rhel_e4s:8.6	RHSA-2025:1216	2025-02-10T00:00:00Z
gcc-0:8.5.0-10.4.el8_6	cpe:/a:redhat:rhel_e4s:8.6	RHSA-2025:1308	2025-02-11T00:00:00Z
Red Hat Enterprise Linux 8.8 Extended Update Support
tbb-0:2018.2-10.el8_8.1	cpe:/a:redhat:rhel_eus:8.8	RHSA-2025:1214	2025-02-10T00:00:00Z
gcc-0:8.5.0-18.3.el8_8	cpe:/a:redhat:rhel_eus:8.8	RHSA-2025:1311	2025-02-11T00:00:00Z
doxygen-1:1.8.14-13.el8_8	cpe:/a:redhat:rhel_eus:8.8::crb	RHSA-2025:1247	2025-02-10T00:00:00Z
Red Hat Enterprise Linux 9
tbb-0:2020.3-8.el9_5.1	cpe:/a:redhat:enterprise_linux:9	RHSA-2025:1210	2025-02-10T00:00:00Z
gcc-toolset-14-gcc-0:14.2.1-1.3.el9_5	cpe:/a:redhat:enterprise_linux:9	RHSA-2025:1300	2025-02-11T00:00:00Z
gcc-toolset-13-gcc-0:13.3.1-2.2.el9_5	cpe:/a:redhat:enterprise_linux:9	RHSA-2025:1309	2025-02-11T00:00:00Z
gcc-0:11.5.0-5.el9_5	cpe:/a:redhat:enterprise_linux:9	RHSA-2025:1346	2025-02-12T00:00:00Z
doxygen-1:1.9.1-12.el9_5	cpe:/a:redhat:enterprise_linux:9::crb	RHSA-2025:1329	2025-02-11T00:00:00Z
gcc-0:11.5.0-5.el9_5	cpe:/o:redhat:enterprise_linux:9	RHSA-2025:1346	2025-02-12T00:00:00Z
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
tbb-0:2020.3-8.el9_0.1	cpe:/a:redhat:rhel_e4s:9.0	RHSA-2025:1213	2025-02-10T00:00:00Z
gcc-0:11.2.1-9.5.el9_0	cpe:/a:redhat:rhel_e4s:9.0	RHSA-2025:1305	2025-02-11T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support
tbb-0:2020.3-8.el9_2.1	cpe:/a:redhat:rhel_eus:9.2	RHSA-2025:1209	2025-02-10T00:00:00Z
gcc-0:11.3.1-4.4.el9_2	cpe:/a:redhat:rhel_eus:9.2	RHSA-2025:1303	2025-02-11T00:00:00Z
doxygen-1:1.9.1-12.el9_2	cpe:/a:redhat:rhel_eus:9.2::crb	RHSA-2025:1185	2025-02-10T00:00:00Z
Red Hat Enterprise Linux 9.4 Extended Update Support
tbb-0:2020.3-8.el9_4.1	cpe:/a:redhat:rhel_eus:9.4	RHSA-2025:1211	2025-02-10T00:00:00Z
gcc-0:11.4.1-4.el9_4	cpe:/a:redhat:rhel_eus:9.4	RHSA-2025:1304	2025-02-11T00:00:00Z
gcc-toolset-13-gcc-0:13.3.1-2.2.el9_4	cpe:/a:redhat:rhel_eus:9.4	RHSA-2025:1342	2025-02-12T00:00:00Z
doxygen-1:1.9.1-12.el9_4	cpe:/a:redhat:rhel_eus:9.4::crb	RHSA-2025:1315	2025-02-11T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7
jquery	cpe:/a:redhat:jboss_enterprise_application_platform:7.4	RHSA-2023:0556	2023-01-31T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8
eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8	RHSA-2023:0553	2023-01-31T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9
eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2023:0554	2023-01-31T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7
eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7	RHSA-2023:0552	2023-01-31T00:00:00Z
Red Hat OpenShift Container Platform 4.5
openshift4/ose-console:v4.5.0-202007012112.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:2412	2020-07-13T00:00:00Z
Red Hat OpenShift Container Platform 4.6
openshift4/ose-grafana:v4.6.0-202010061132.p0	cpe:/a:redhat:openshift:4.6::el8	RHSA-2020:4298	2020-10-27T00:00:00Z
openshift4/ose-prometheus:v4.6.0-202009290409.p0	cpe:/a:redhat:openshift:4.6::el8	RHSA-2020:4298	2020-10-27T00:00:00Z
Red Hat OpenStack Platform 16.1
python-XStatic-jQuery224-0:2.2.4.1-3.el8ost	cpe:/a:redhat:openstack:16.1::el8	RHSA-2020:5412	2020-12-15T00:00:00Z
Red Hat OpenStack Platform 16.2
python-django20-0:2.0.13-19.el8ost	cpe:/a:redhat:openstack:16.2::el8	RHSA-2025:1070	2025-02-05T00:00:00Z
Red Hat Quay 3
quay/clair-rhel8:v3.13.4-2	cpe:/a:redhat:quay:3::el8	RHBA-2025:1079	2025-02-24T00:00:00Z
quay/quay-bridge-operator-bundle:v3.13.4-2	cpe:/a:redhat:quay:3::el8	RHBA-2025:1079	2025-02-24T00:00:00Z
quay/quay-bridge-operator-rhel8:v3.13.4-1	cpe:/a:redhat:quay:3::el8	RHBA-2025:1079	2025-02-24T00:00:00Z
quay/quay-builder-qemu-rhcos-rhel8:v3.13.4-1	cpe:/a:redhat:quay:3::el8	RHBA-2025:1079	2025-02-24T00:00:00Z
quay/quay-builder-rhel8:v3.13.4-2	cpe:/a:redhat:quay:3::el8	RHBA-2025:1079	2025-02-24T00:00:00Z
quay/quay-container-security-operator-bundle:v3.13.4-1	cpe:/a:redhat:quay:3::el8	RHBA-2025:1079	2025-02-24T00:00:00Z
quay/quay-container-security-operator-rhel8:v3.13.4-1	cpe:/a:redhat:quay:3::el8	RHBA-2025:1079	2025-02-24T00:00:00Z
quay/quay-operator-bundle:v3.13.4-9	cpe:/a:redhat:quay:3::el8	RHBA-2025:1079	2025-02-24T00:00:00Z
quay/quay-operator-rhel8:v3.13.4-3	cpe:/a:redhat:quay:3::el8	RHBA-2025:1079	2025-02-24T00:00:00Z
quay/quay-rhel8:v3.13.4-6	cpe:/a:redhat:quay:3::el8	RHBA-2025:1079	2025-02-24T00:00:00Z
quay/clair-rhel8:v3.9.10-3	cpe:/a:redhat:quay:3::el8	RHBA-2025:1597	2025-02-24T00:00:00Z
quay/quay-bridge-operator-bundle:v3.9.10-7	cpe:/a:redhat:quay:3::el8	RHBA-2025:1597	2025-02-24T00:00:00Z
quay/quay-bridge-operator-rhel8:v3.9.10-3	cpe:/a:redhat:quay:3::el8	RHBA-2025:1597	2025-02-24T00:00:00Z
quay/quay-builder-qemu-rhcos-rhel8:v3.9.10-4	cpe:/a:redhat:quay:3::el8	RHBA-2025:1597	2025-02-24T00:00:00Z
quay/quay-builder-rhel8:v3.9.10-7	cpe:/a:redhat:quay:3::el8	RHBA-2025:1597	2025-02-24T00:00:00Z
quay/quay-container-security-operator-bundle:v3.9.10-2	cpe:/a:redhat:quay:3::el8	RHBA-2025:1597	2025-02-24T00:00:00Z
quay/quay-container-security-operator-rhel8:v3.9.10-2	cpe:/a:redhat:quay:3::el8	RHBA-2025:1597	2025-02-24T00:00:00Z
quay/quay-operator-bundle:v3.9.10-16	cpe:/a:redhat:quay:3::el8	RHBA-2025:1597	2025-02-24T00:00:00Z
quay/quay-operator-rhel8:v3.9.10-2	cpe:/a:redhat:quay:3::el8	RHBA-2025:1597	2025-02-24T00:00:00Z
quay/quay-rhel8:v3.9.10-7	cpe:/a:redhat:quay:3::el8	RHBA-2025:1597	2025-02-24T00:00:00Z
quay/clair-rhel8:v3.12.8-1	cpe:/a:redhat:quay:3::el8	RHBA-2025:1598	2025-02-24T00:00:00Z
quay/quay-bridge-operator-bundle:v3.12.8-3	cpe:/a:redhat:quay:3::el8	RHBA-2025:1598	2025-02-24T00:00:00Z
quay/quay-bridge-operator-rhel8:v3.12.8-1	cpe:/a:redhat:quay:3::el8	RHBA-2025:1598	2025-02-24T00:00:00Z
quay/quay-builder-qemu-rhcos-rhel8:v3.12.8-1	cpe:/a:redhat:quay:3::el8	RHBA-2025:1598	2025-02-24T00:00:00Z
quay/quay-builder-rhel8:v3.12.8-2	cpe:/a:redhat:quay:3::el8	RHBA-2025:1598	2025-02-24T00:00:00Z
quay/quay-container-security-operator-bundle:v3.12.8-1	cpe:/a:redhat:quay:3::el8	RHBA-2025:1598	2025-02-24T00:00:00Z
quay/quay-container-security-operator-rhel8:v3.12.8-1	cpe:/a:redhat:quay:3::el8	RHBA-2025:1598	2025-02-24T00:00:00Z
quay/quay-operator-bundle:v3.12.8-4	cpe:/a:redhat:quay:3::el8	RHBA-2025:1598	2025-02-24T00:00:00Z
quay/quay-operator-rhel8:v3.12.8-2	cpe:/a:redhat:quay:3::el8	RHBA-2025:1598	2025-02-24T00:00:00Z
quay/quay-rhel8:v3.12.8-2	cpe:/a:redhat:quay:3::el8	RHBA-2025:1598	2025-02-24T00:00:00Z
quay/clair-rhel8:v3.11.9-1	cpe:/a:redhat:quay:3::el8	RHBA-2025:1599	2025-02-24T00:00:00Z
quay/quay-bridge-operator-bundle:v3.11.9-2	cpe:/a:redhat:quay:3::el8	RHBA-2025:1599	2025-02-24T00:00:00Z
quay/quay-bridge-operator-rhel8:v3.11.9-1	cpe:/a:redhat:quay:3::el8	RHBA-2025:1599	2025-02-24T00:00:00Z
quay/quay-builder-qemu-rhcos-rhel8:v3.11.9-1	cpe:/a:redhat:quay:3::el8	RHBA-2025:1599	2025-02-24T00:00:00Z
quay/quay-builder-rhel8:v3.11.9-3	cpe:/a:redhat:quay:3::el8	RHBA-2025:1599	2025-02-24T00:00:00Z
quay/quay-container-security-operator-bundle:v3.11.9-1	cpe:/a:redhat:quay:3::el8	RHBA-2025:1599	2025-02-24T00:00:00Z
quay/quay-container-security-operator-rhel8:v3.11.9-1	cpe:/a:redhat:quay:3::el8	RHBA-2025:1599	2025-02-24T00:00:00Z
quay/quay-operator-bundle:v3.11.9-8	cpe:/a:redhat:quay:3::el8	RHBA-2025:1599	2025-02-24T00:00:00Z
quay/quay-operator-rhel8:v3.11.9-1	cpe:/a:redhat:quay:3::el8	RHBA-2025:1599	2025-02-24T00:00:00Z
quay/quay-rhel8:v3.11.9-5	cpe:/a:redhat:quay:3::el8	RHBA-2025:1599	2025-02-24T00:00:00Z
quay/clair-rhel8:v3.10.9-1	cpe:/a:redhat:quay:3::el8	RHBA-2025:1600	2025-02-24T00:00:00Z
quay/quay-bridge-operator-bundle:v3.10.9-1	cpe:/a:redhat:quay:3::el8	RHBA-2025:1600	2025-02-24T00:00:00Z
quay/quay-bridge-operator-rhel8:v3.10.9-1	cpe:/a:redhat:quay:3::el8	RHBA-2025:1600	2025-02-24T00:00:00Z
quay/quay-builder-qemu-rhcos-rhel8:v3.10.9-1	cpe:/a:redhat:quay:3::el8	RHBA-2025:1600	2025-02-24T00:00:00Z
quay/quay-builder-rhel8:v3.10.9-2	cpe:/a:redhat:quay:3::el8	RHBA-2025:1600	2025-02-24T00:00:00Z
quay/quay-container-security-operator-bundle:v3.10.9-1	cpe:/a:redhat:quay:3::el8	RHBA-2025:1600	2025-02-24T00:00:00Z
quay/quay-container-security-operator-rhel8:v3.10.9-1	cpe:/a:redhat:quay:3::el8	RHBA-2025:1600	2025-02-24T00:00:00Z
quay/quay-operator-bundle:v3.10.9-4	cpe:/a:redhat:quay:3::el8	RHBA-2025:1600	2025-02-24T00:00:00Z
quay/quay-operator-rhel8:v3.10.9-1	cpe:/a:redhat:quay:3::el8	RHBA-2025:1600	2025-02-24T00:00:00Z
quay/quay-rhel8:v3.10.9-2	cpe:/a:redhat:quay:3::el8	RHBA-2025:1600	2025-02-24T00:00:00Z
Red Hat Single Sign-On 7
keycloak-idp-jquery	cpe:/a:redhat:red_hat_single_sign_on:7.6	RHSA-2023:1049	2023-03-01T00:00:00Z
Red Hat Single Sign-On 7.4.1
js-jquery	cpe:/a:redhat:jboss_single_sign_on:7.4	RHSA-2020:2813	2020-07-02T00:00:00Z
Red Hat Single Sign-On 7.6 for RHEL 7
rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso	cpe:/a:redhat:red_hat_single_sign_on:7.6::el7	RHSA-2023:1043	2023-03-01T00:00:00Z
Red Hat Single Sign-On 7.6 for RHEL 8
rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso	cpe:/a:redhat:red_hat_single_sign_on:7.6::el8	RHSA-2023:1044	2023-03-01T00:00:00Z
Red Hat Single Sign-On 7.6 for RHEL 9
rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso	cpe:/a:redhat:red_hat_single_sign_on:7.6::el9	RHSA-2023:1045	2023-03-01T00:00:00Z
Red Hat Virtualization Engine 4.4
ovirt-engine-ui-extensions-0:1.2.2-1.el8ev	cpe:/a:redhat:rhev_manager:4.4:el8	RHSA-2020:3247	2020-08-04T00:00:00Z
ovirt-web-ui-0:1.6.4-1.el8ev	cpe:/a:redhat:rhev_manager:4.4:el8	RHSA-2020:3807	2020-09-23T00:00:00Z
org.ovirt.engine-root-0:4.5.2.4-1	cpe:/a:redhat:rhev_manager:4.4:el8	RHSA-2022:6393	2022-09-08T00:00:00Z
RHOL-5.8-RHEL-8
logging-kibana6-container-v6.8.1-479	cpe:/a:redhat:logging:5.8::el8	RHSA-2025:1983	2025-03-05T00:00:00Z

No data.

Project Subscriptions

Vendors	Products
Debian Subscribe	Debian Linux Subscribe
Drupal Subscribe	Drupal Subscribe
Fedoraproject Subscribe	Fedora Subscribe
Jquery Subscribe	Jquery Subscribe
Netapp Subscribe	Active Iq Unified Manager Subscribe Cloud Backup Subscribe Cloud Insights Storage Workload Security Agent Subscribe H300e Subscribe H300e Firmware Subscribe H300s Subscribe H300s Firmware Subscribe H410c Subscribe H410c Firmware Subscribe H410s Subscribe H410s Firmware Subscribe H500e Subscribe H500e Firmware Subscribe H500s Subscribe H500s Firmware Subscribe H700e Subscribe H700e Firmware Subscribe H700s Subscribe H700s Firmware Subscribe Hci Baseboard Management Controller Subscribe Max Data Subscribe Oncommand Insight Subscribe Oncommand System Manager Subscribe Snap Creator Framework Subscribe Snapcenter Server Subscribe
Oracle Subscribe	Application Express Subscribe Application Testing Suite Subscribe Banking Enterprise Collections Subscribe Banking Platform Subscribe Blockchain Platform Subscribe Business Intelligence Subscribe Communications Analytics Subscribe Communications Eagle Application Processor Subscribe Communications Element Manager Subscribe Communications Interactive Session Recorder Subscribe Communications Operations Monitor Subscribe Communications Services Gatekeeper Subscribe Communications Session Report Manager Subscribe Communications Session Route Manager Subscribe Financial Services Regulatory Reporting For De Nederlandsche Bank Subscribe Financial Services Revenue Management And Billing Analytics Subscribe Health Sciences Inform Subscribe Healthcare Translational Research Subscribe Hyperion Financial Reporting Subscribe Jd Edwards Enterpriseone Orchestrator Subscribe Jd Edwards Enterpriseone Tools Subscribe Oss Support Tools Subscribe Peoplesoft Enterprise Human Capital Management Resources Subscribe Primavera Gateway Subscribe Rest Data Services Subscribe Siebel Mobile Subscribe Storagetek Acsls Subscribe Storagetek Tape Analytics Sw Tool Subscribe Webcenter Sites Subscribe Weblogic Server Subscribe
Redhat Subscribe	Amq Interconnect Subscribe Ansible Tower Subscribe Discovery Subscribe Enterprise Linux Subscribe Jboss Enterprise Application Platform Subscribe Jboss Single Sign On Subscribe Logging Subscribe Openshift Subscribe Openstack Subscribe Quay Subscribe Red Hat Single Sign On Subscribe Rhel Aus Subscribe Rhel E4s Subscribe Rhel Els Subscribe Rhel Eus Subscribe Rhel Tus Subscribe Rhev Manager Subscribe Service Mesh Subscribe
Tenable Subscribe	Log Correlation Engine Subscribe

Advisories

Source	ID	Title
Debian DLA	DLA-2608-1	jquery security update
Debian DLA	DLA-3551-1	otrs2 security update
Debian DSA	DSA-4693-1	drupal7 security update
Github GHSA	GHSA-jpcq-cgw6-v4j6	Potential XSS vulnerability in jQuery
Ubuntu USN	USN-7246-1	jQuery vulnerabilities
Ubuntu USN	USN-7622-1	jQuery vulnerabilities
Ubuntu USN	USN-7658-1	Drupal vulnerabilities

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html
http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html
http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html
https://blog.jquery.com/2020/04/10/jquery-3-5-0-released
https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
https://github.com/github/advisory-database/blob/99afa6fdeaf5d1d23e1021ff915a5e5dbc82c1f1/advisories/github-reviewed/2020/04/GHSA-jpcq-cgw6-v4j6/GHSA-jpcq-cgw6-v4j6.json#L20-L37
https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6
https://jquery.com/upgrade-guide/3.5/
https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb%40%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6%40%3Cdev.felix.apache.org%3E
https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec%40%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c%40%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330%40%3Cdev.felix.apache.org%3E
https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef%40%3Cdev.felix.apache.org%3E
https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5%40%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16%40%3Cdev.felix.apache.org%3E
https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494%40%3Cdev.felix.apache.org%3E
https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1%40%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49%40%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c%40%3Ccommits.felix.apache.org%3E
https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15%40%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e%40%3Cdev.felix.apache.org%3E
https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac%40%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72%40%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c%40%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6%40%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9%40%3Ccommits.hive.apache.org%3E
https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea%40%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61%40%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7%40%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E
https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9%40%3Cissues.hive.apache.org%3E
https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679%40%3Ccommits.nifi.apache.org%3E
https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817%40%3Cdev.felix.apache.org%3E
https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93%40%3Cgitbox.hive.apache.org%3E
https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248%40%3Cdev.hive.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html
https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/
https://nvd.nist.gov/vuln/detail/CVE-2020-11023
https://security.gentoo.org/glsa/202007-03
https://security.netapp.com/advisory/ntap-20200511-0006/
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-11023
https://www.cve.org/CVERecord?id=CVE-2020-11023
https://www.debian.org/security/2020/dsa-4693
https://www.drupal.org/sa-core-2020-002
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpujan2022.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpujul2022.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.tenable.com/security/tns-2021-02
https://www.tenable.com/security/tns-2021-10

History

Wed, 22 Oct 2025 00:15:00 +0000

Type	Values Removed	Values Added
References		https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-11023

Tue, 21 Oct 2025 20:30:00 +0000

Type	Values Removed	Values Added
References	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-11023

Tue, 21 Oct 2025 19:30:00 +0000

Type	Values Removed	Values Added
References		https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-11023

Fri, 18 Apr 2025 02:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat quay
CPEs		cpe:/a:redhat:quay:3::el8
Vendors & Products		Redhat quay

Fri, 04 Apr 2025 20:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Netapp active Iq Unified Manager Netapp cloud Backup Netapp cloud Insights Storage Workload Security Agent Netapp hci Baseboard Management Controller Oracle blockchain Platform
CPEs		cpe:2.3:a:netapp:active_iq_unified_manager:-:::::linux:: cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vsphere:: cpe:2.3:a:netapp:active_iq_unified_manager:-:::::windows:: cpe:2.3:a:netapp:cloud_backup:-:::::::* cpe:2.3:a:netapp:cloud_insights_storage_workload_security_agent:-:::::::* cpe:2.3:a:netapp:hci_baseboard_management_controller:-:::::::* cpe:2.3:a:oracle:blockchain_platform:::::::: cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*
Vendors & Products		Netapp active Iq Unified Manager Netapp cloud Backup Netapp cloud Insights Storage Workload Security Agent Netapp hci Baseboard Management Controller Oracle blockchain Platform

Thu, 06 Mar 2025 02:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat logging
CPEs		cpe:/a:redhat:logging:5.8::el8
Vendors & Products		Redhat logging

Thu, 13 Feb 2025 02:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/o:redhat:enterprise_linux:9

Thu, 13 Feb 2025 00:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat discovery Redhat rhel Aus Redhat rhel E4s Redhat rhel Els Redhat rhel Eus Redhat rhel Tus
CPEs		cpe:/a:redhat:enterprise_linux:8::crb cpe:/a:redhat:enterprise_linux:9 cpe:/a:redhat:enterprise_linux:9::crb cpe:/a:redhat:openstack:16.2::el8 cpe:/a:redhat:rhel_aus:8.2 cpe:/a:redhat:rhel_aus:8.4 cpe:/a:redhat:rhel_aus:8.6 cpe:/a:redhat:rhel_e4s:8.4 cpe:/a:redhat:rhel_e4s:8.6 cpe:/a:redhat:rhel_e4s:9.0 cpe:/a:redhat:rhel_eus:8.8 cpe:/a:redhat:rhel_eus:8.8::crb cpe:/a:redhat:rhel_eus:9.2 cpe:/a:redhat:rhel_eus:9.2::crb cpe:/a:redhat:rhel_eus:9.4 cpe:/a:redhat:rhel_eus:9.4::crb cpe:/a:redhat:rhel_tus:8.4 cpe:/a:redhat:rhel_tus:8.6 cpe:/o:redhat:discovery:1.0::el9 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:rhel_aus:7.7 cpe:/o:redhat:rhel_els:7
Vendors & Products		Redhat discovery Redhat rhel Aus Redhat rhel E4s Redhat rhel Els Redhat rhel Eus Redhat rhel Tus
References		https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Mon, 10 Feb 2025 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		kev `{'dateAdded': '2025-01-23'}`

Thu, 23 Jan 2025 21:30:00 +0000

Type	Values Removed	Values Added
References		https://github.com/github/advisory-database/blob/99afa6fdeaf5d1d23e1021ff915a5e5dbc82c1f1/advisories/github-reviewed/2020/04/GHSA-jpcq-cgw6-v4j6/GHSA-jpcq-cgw6-v4j6.json#L20-L37

Thu, 23 Jan 2025 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'active', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2020-04-29T00:00:00.000Z

Updated: 2025-10-21T23:35:45.230Z

Reserved: 2020-03-30T00:00:00.000Z

Link: CVE-2020-11023

Vulnrichment

Updated: 2025-01-23T21:07:47.681Z

NVD

Status : Analyzed

Published: 2020-04-29T21:15:11.743

Modified: 2025-11-07T19:32:52.023

Link: CVE-2020-11023

Redhat

Severity : Moderate

Publid Date: 2020-04-29T00:00:00Z

Links: CVE-2020-11023 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

CWE-79

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Exploitation active

Automatable no

Technical Impact partial

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object