CVE-2019-11358

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 20-04-2019 02:29

Last modified: - 06-04-2022 08:07

Total changes: - 10

Description

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Low

Attack complexity

Network

Attack vector

None

Availability

Low

Confidentiality

Low

Integrity

None

Privileges required

Changed

Scope

Required

User interaction

6.1

Base score

2.8

2.7

Exploitability score

Impact score

Verification logic

vendor=jquery AND product=jquery AND versionEndExcluding=3.4.0

vendor=Debian AND product=debian_linux AND version=8.0

vendor=Debian AND product=debian_linux AND version=9.0

vendor=drupal AND product=drupal AND versionStartIncluding=7.0 AND versionEndExcluding=7.66

vendor=drupal AND product=drupal AND versionStartIncluding=8.5.0 AND versionEndExcluding=8.5.15

vendor=drupal AND product=drupal AND versionStartIncluding=8.6.0 AND versionEndExcluding=8.6.15

vendor=backdropcms AND product=backdrop AND versionStartIncluding=1.11.0 AND versionEndExcluding=1.11.9

vendor=backdropcms AND product=backdrop AND versionStartIncluding=1.12.0 AND versionEndExcluding=1.12.6

vendor=fedoraproject AND product=fedora AND version=28

vendor=fedoraproject AND product=fedora AND version=29

vendor=fedoraproject AND product=fedora AND version=30

vendor=opensuse AND product=backports_sle AND version=15.0 AND update=sp1

vendor=opensuse AND product=leap AND version=15.1

vendor=netapp AND product=oncommand_system_manager AND versionEndIncluding=3.1.3 AND versionStartIncluding=3.0

vendor=netapp AND product=snapcenter AND version=-

vendor=Red Hat Enterprise Linux AND product=cloudforms AND version=4.7

vendor=Red Hat Enterprise Linux AND product=virtualization_manager AND version=4.3

vendor=oracle AND product=agile_product_lifecycle_management_for_process AND version=6.1

vendor=oracle AND product=agile_product_lifecycle_management_for_process AND version=6.2.0.0

vendor=oracle AND product=agile_product_lifecycle_management_for_process AND version=6.2.1.0

vendor=oracle AND product=agile_product_lifecycle_management_for_process AND version=6.2.2.0

vendor=oracle AND product=agile_product_lifecycle_management_for_process AND version=6.2.3.0

vendor=oracle AND product=application_express AND versionEndExcluding=19.1

vendor=oracle AND product=application_service_level_management AND version=13.2.0.0

vendor=oracle AND product=application_service_level_management AND version=13.3.0.0

vendor=oracle AND product=application_testing_suite AND version=12.5.0.3

vendor=oracle AND product=application_testing_suite AND version=13.1.0.1

vendor=oracle AND product=application_testing_suite AND version=13.2

vendor=oracle AND product=application_testing_suite AND version=13.2.0.1

vendor=oracle AND product=application_testing_suite AND version=13.3

vendor=oracle AND product=application_testing_suite AND version=13.3.0.1

vendor=oracle AND product=banking_digital_experience AND version=18.1

vendor=oracle AND product=banking_digital_experience AND version=18.2

vendor=oracle AND product=banking_digital_experience AND version=18.3

vendor=oracle AND product=banking_digital_experience AND version=19.1

vendor=oracle AND product=banking_digital_experience AND version=19.2

vendor=oracle AND product=banking_digital_experience AND version=20.1

vendor=oracle AND product=banking_enterprise_collections AND versionEndIncluding=2.8.0 AND versionStartIncluding=2.7.0

vendor=oracle AND product=banking_platform AND versionEndIncluding=2.10.0 AND versionStartIncluding=2.4.0

vendor=oracle AND product=bi_publisher AND version=5.5.0.0.0

vendor=oracle AND product=bi_publisher AND version=12.2.1.3.0

vendor=oracle AND product=bi_publisher AND version=12.2.1.4.0

vendor=oracle AND product=big_data_discovery AND version=1.6

vendor=oracle AND product=business_process_management_suite AND version=12.2.1.3.0

vendor=oracle AND product=business_process_management_suite AND version=12.2.1.4.0

vendor=oracle AND product=communications_analytics AND version=12.1.1

vendor=oracle AND product=communications_application_session_controller AND version=3.8m0

vendor=oracle AND product=communications_billing_and_revenue_management AND version=7.5

vendor=oracle AND product=communications_billing_and_revenue_management AND version=7.5.0.23.0

vendor=oracle AND product=communications_billing_and_revenue_management AND version=12.0

vendor=oracle AND product=communications_billing_and_revenue_management AND version=12.0.0.3.0

vendor=oracle AND product=communications_diameter_signaling_router AND version=8.0.0

vendor=oracle AND product=communications_diameter_signaling_router AND version=8.1

vendor=oracle AND product=communications_diameter_signaling_router AND version=8.2

vendor=oracle AND product=communications_diameter_signaling_router AND version=8.2.1

vendor=oracle AND product=communications_eagle_application_processor AND versionEndIncluding=16.4.0 AND versionStartIncluding=16.1.0

vendor=oracle AND product=communications_element_manager AND version=8.1.1

vendor=oracle AND product=communications_element_manager AND version=8.2.0

vendor=oracle AND product=communications_element_manager AND version=8.2.1

vendor=oracle AND product=communications_interactive_session_recorder AND versionEndIncluding=6.4 AND versionStartIncluding=6.0

vendor=oracle AND product=communications_operations_monitor AND version=3.4

vendor=oracle AND product=communications_operations_monitor AND version=4.0

vendor=oracle AND product=communications_operations_monitor AND versionEndIncluding=4.3 AND versionStartIncluding=4.1

vendor=oracle AND product=communications_operations_monitor AND version=4.1.0

vendor=oracle AND product=communications_services_gatekeeper AND version=7.0

vendor=oracle AND product=communications_session_report_manager AND version=8.1.1

vendor=oracle AND product=communications_session_report_manager AND version=8.2.0

vendor=oracle AND product=communications_session_report_manager AND version=8.2.1

vendor=oracle AND product=communications_session_route_manager AND version=8.1.1

vendor=oracle AND product=communications_session_route_manager AND version=8.2.0

vendor=oracle AND product=communications_session_route_manager AND version=8.2.1

vendor=oracle AND product=communications_unified_inventory_management AND version=7.3

vendor=oracle AND product=communications_unified_inventory_management AND version=7.4.0

vendor=oracle AND product=communications_webrtc_session_controller AND version=7.2

vendor=oracle AND product=diagnostic_assistant AND version=2.12.36

vendor=oracle AND product=enterprise_manager_ops_center AND version=12.3.3

vendor=oracle AND product=enterprise_manager_ops_center AND version=12.4.0

vendor=oracle AND product=enterprise_manager_ops_center AND version=12.4.0.0

vendor=oracle AND product=enterprise_session_border_controller AND version=8.4

vendor=oracle AND product=financial_services_analytical_applications_infrastructure AND versionEndIncluding=7.3.5 AND versionStartIncluding=7.3.3

vendor=oracle AND product=financial_services_analytical_applications_infrastructure AND versionEndIncluding=8.1.0 AND versionStartIncluding=8.0.2

vendor=oracle AND product=financial_services_analytical_applications_reconciliation_framework AND versionEndIncluding=8.0.7 AND versionStartIncluding=8.0.4

vendor=oracle AND product=financial_services_analytical_applications_reconciliation_framework AND version=8.1.0

vendor=oracle AND product=financial_services_asset_liability_management AND versionEndIncluding=8.0.7 AND versionStartIncluding=8.0.4

vendor=oracle AND product=financial_services_asset_liability_management AND version=8.1.0

vendor=oracle AND product=financial_services_balance_sheet_planning AND version=8.0.8

vendor=oracle AND product=financial_services_basel_regulatory_capital_basic AND versionEndIncluding=8.0.7 AND versionStartIncluding=8.0.4

vendor=oracle AND product=financial_services_basel_regulatory_capital_basic AND version=8.1.0

vendor=oracle AND product=financial_services_basel_regulatory_capital_internal_ratings_based_approach AND versionEndIncluding=8.0.7 AND versionStartIncluding=8.0.4

vendor=oracle AND product=financial_services_basel_regulatory_capital_internal_ratings_based_approach AND version=8.1.0

vendor=oracle AND product=financial_services_data_foundation AND versionEndIncluding=8.0.8 AND versionStartIncluding=8.0.4

vendor=oracle AND product=financial_services_data_governance_for_us_regulatory_reporting AND versionEndIncluding=8.0.9 AND versionStartIncluding=8.0.6

vendor=oracle AND product=financial_services_data_integration_hub AND versionEndIncluding=8.0.7 AND versionStartIncluding=8.0.5

vendor=oracle AND product=financial_services_data_integration_hub AND version=8.1.0

vendor=oracle AND product=financial_services_enterprise_financial_performance_analytics AND version=8.0.6

vendor=oracle AND product=financial_services_enterprise_financial_performance_analytics AND version=8.0.7

vendor=oracle AND product=financial_services_funds_transfer_pricing AND versionEndIncluding=8.0.7 AND versionStartIncluding=8.0.4

vendor=oracle AND product=financial_services_funds_transfer_pricing AND version=8.1.0

vendor=oracle AND product=financial_services_hedge_management_and_ifrs_valuations AND versionEndIncluding=8.0.7 AND versionStartIncluding=8.0.4

vendor=oracle AND product=financial_services_hedge_management_and_ifrs_valuations AND version=8.1.0

vendor=oracle AND product=financial_services_institutional_performance_analytics AND versionEndIncluding=8.0.7 AND versionStartIncluding=8.0.4

vendor=oracle AND product=financial_services_institutional_performance_analytics AND version=8.1.0

vendor=oracle AND product=financial_services_liquidity_risk_management AND version=8.0.0.1.0

vendor=oracle AND product=financial_services_liquidity_risk_management AND version=8.0.2

vendor=oracle AND product=financial_services_liquidity_risk_management AND version=8.0.4.0.0

vendor=oracle AND product=financial_services_liquidity_risk_management AND version=8.0.5.0.0

vendor=oracle AND product=financial_services_liquidity_risk_management AND version=8.0.6

vendor=oracle AND product=financial_services_liquidity_risk_measurement_and_management AND version=8.0.7

vendor=oracle AND product=financial_services_liquidity_risk_measurement_and_management AND version=8.0.8

vendor=oracle AND product=financial_services_liquidity_risk_measurement_and_management AND version=8.1.0

vendor=oracle AND product=financial_services_loan_loss_forecasting_and_provisioning AND versionEndIncluding=8.0.7 AND versionStartIncluding=8.0.2

vendor=oracle AND product=financial_services_loan_loss_forecasting_and_provisioning AND version=8.1.0

vendor=oracle AND product=financial_services_market_risk_measurement_and_management AND version=8.0.5

vendor=oracle AND product=financial_services_market_risk_measurement_and_management AND version=8.0.6

vendor=oracle AND product=financial_services_market_risk_measurement_and_management AND version=8.0.8

vendor=oracle AND product=financial_services_price_creation_and_discovery AND versionEndIncluding=8.0.7 AND versionStartIncluding=8.0.4

vendor=oracle AND product=financial_services_profitability_management AND versionEndIncluding=8.0.7 AND versionStartIncluding=8.0.4

vendor=oracle AND product=financial_services_profitability_management AND version=8.1.0

vendor=oracle AND product=financial_services_regulatory_reporting_for_de_nederlandsche_bank AND version=8.0.4

vendor=oracle AND product=financial_services_regulatory_reporting_for_european_banking_authority AND version=8.0.6

vendor=oracle AND product=financial_services_regulatory_reporting_for_european_banking_authority AND version=8.0.7

vendor=oracle AND product=financial_services_regulatory_reporting_for_us_federal_reserve AND versionEndIncluding=8.0.7 AND versionStartIncluding=8.0.4

vendor=oracle AND product=financial_services_retail_customer_analytics AND versionEndIncluding=8.0.6 AND versionStartIncluding=8.0.4

vendor=oracle AND product=financial_services_retail_performance_analytics AND version=8.0.6

vendor=oracle AND product=financial_services_retail_performance_analytics AND version=8.0.7

vendor=oracle AND product=financial_services_revenue_management_and_billing AND version=2.4.0.0

vendor=oracle AND product=financial_services_revenue_management_and_billing AND version=2.4.0.1

vendor=oracle AND product=fusion_middleware_mapviewer AND version=12.2.1.3.0

vendor=oracle AND product=healthcare_foundation AND version=7.1.1

vendor=oracle AND product=healthcare_foundation AND version=7.2.0

vendor=oracle AND product=healthcare_foundation AND version=7.2.2

vendor=oracle AND product=healthcare_foundation AND version=7.3.0

vendor=oracle AND product=healthcare_translational_research AND version=3.1.0

vendor=oracle AND product=healthcare_translational_research AND version=3.2.1

vendor=oracle AND product=healthcare_translational_research AND version=3.3.1

vendor=oracle AND product=healthcare_translational_research AND version=3.3.2

vendor=oracle AND product=healthcare_translational_research AND version=3.4.0

vendor=oracle AND product=hospitality_guest_access AND version=4.2.0

vendor=oracle AND product=hospitality_guest_access AND version=4.2.1

vendor=oracle AND product=hospitality_materials_control AND version=18.1

vendor=oracle AND product=hospitality_simphony AND version=18.1

vendor=oracle AND product=hospitality_simphony AND version=18.2

vendor=oracle AND product=hospitality_simphony AND versionEndIncluding=19.1.2 AND versionStartIncluding=19.1.0

vendor=oracle AND product=identity_manager AND version=12.2.1.3.0

vendor=oracle AND product=insurance_accounting_analyzer AND version=8.0.9

vendor=oracle AND product=insurance_allocation_manager_for_enterprise_profitability AND version=8.0.8

vendor=oracle AND product=insurance_allocation_manager_for_enterprise_profitability AND version=8.1.0

vendor=oracle AND product=insurance_data_foundation AND versionEndIncluding=8.0.7 AND versionStartIncluding=8.0.4

vendor=oracle AND product=insurance_ifrs_17_analyzer AND version=8.0.6

vendor=oracle AND product=insurance_ifrs_17_analyzer AND version=8.0.7

vendor=oracle AND product=insurance_insbridge_rating_and_underwriting AND versionEndIncluding=5.6.0.0 AND versionStartIncluding=5.0.0.0

vendor=oracle AND product=insurance_insbridge_rating_and_underwriting AND version=5.6.1.0

vendor=oracle AND product=insurance_performance_insight AND version=8.0.7

vendor=oracle AND product=jd_edwards_enterpriseone_tools AND version=9.2

vendor=oracle AND product=jdeveloper AND version=11.1.1.9.0

vendor=oracle AND product=jdeveloper AND version=12.2.1.3.0

vendor=oracle AND product=jdeveloper AND version=12.2.1.4.0

vendor=oracle AND product=jdeveloper_and_adf AND version=11.1.1.9.0

vendor=oracle AND product=jdeveloper_and_adf AND version=12.1.3.0.0

vendor=oracle AND product=jdeveloper_and_adf AND version=12.2.1.3.0

vendor=oracle AND product=knowledge AND versionEndIncluding=8.6.3 AND versionStartIncluding=8.6.0

vendor=oracle AND product=peoplesoft_enterprise_peopletools AND version=8.55

vendor=oracle AND product=peoplesoft_enterprise_peopletools AND version=8.56

vendor=oracle AND product=peoplesoft_enterprise_peopletools AND version=8.57

vendor=oracle AND product=peoplesoft_enterprise_peopletools AND version=8.58

vendor=oracle AND product=policy_automation AND version=10.4.7

vendor=oracle AND product=policy_automation AND version=12.1.0

vendor=oracle AND product=policy_automation AND version=12.1.1

vendor=oracle AND product=policy_automation AND versionEndIncluding=12.2.15 AND versionStartIncluding=12.2.0

vendor=oracle AND product=policy_automation_connector_for_siebel AND version=10.4.6

vendor=oracle AND product=policy_automation_for_mobile_devices AND versionEndIncluding=12.2.15 AND versionStartIncluding=12.2.0

vendor=oracle AND product=primavera_gateway AND version=15.2.18

vendor=oracle AND product=primavera_gateway AND versionEndIncluding=16.2.11 AND versionStartIncluding=16.2.0

vendor=oracle AND product=primavera_gateway AND versionEndIncluding=17.12.7 AND versionStartIncluding=17.12.0

vendor=oracle AND product=primavera_gateway AND versionEndIncluding=18.8.9 AND versionStartIncluding=18.8.0

vendor=oracle AND product=primavera_gateway AND versionEndIncluding=19.12.4 AND versionStartIncluding=19.12.0

vendor=oracle AND product=primavera_unifier AND version=16.1

vendor=oracle AND product=primavera_unifier AND version=16.2

vendor=oracle AND product=primavera_unifier AND versionEndIncluding=17.12 AND versionStartIncluding=17.7

vendor=oracle AND product=primavera_unifier AND version=18.8

vendor=oracle AND product=real-time_scheduler AND versionEndIncluding=2.3.0.3 AND versionStartIncluding=2.3.0.1

vendor=oracle AND product=rest_data_services AND version=11.2.0.4 AND software_edition=-

vendor=oracle AND product=rest_data_services AND version=12.1.0.2 AND software_edition=-

vendor=oracle AND product=rest_data_services AND version=12.2.0.1 AND software_edition=-

vendor=oracle AND product=rest_data_services AND version=18c AND software_edition=-

vendor=oracle AND product=rest_data_services AND version=19c AND software_edition=-

vendor=oracle AND product=retail_back_office AND version=14.0

vendor=oracle AND product=retail_back_office AND version=14.1

vendor=oracle AND product=retail_central_office AND version=14.0

vendor=oracle AND product=retail_central_office AND version=14.1

vendor=oracle AND product=retail_customer_insights AND version=15.0

vendor=oracle AND product=retail_customer_insights AND version=16.0

vendor=oracle AND product=retail_customer_management_and_segmentation_foundation AND version=18.0

vendor=oracle AND product=retail_customer_management_and_segmentation_foundation AND version=19.0

vendor=oracle AND product=retail_point-of-service AND version=14.0

vendor=oracle AND product=retail_point-of-service AND version=14.1

vendor=oracle AND product=retail_returns_management AND version=14.0

vendor=oracle AND product=retail_returns_management AND version=14.1

vendor=oracle AND product=service_bus AND version=11.1.1.9.0

vendor=oracle AND product=service_bus AND version=12.1.3.0.0

vendor=oracle AND product=service_bus AND version=12.2.1.3.0

vendor=oracle AND product=siebel_mobile_applications AND versionEndIncluding=19.8

vendor=oracle AND product=siebel_ui_framework AND version=20.8

vendor=oracle AND product=storagetek_tape_analytics_sw_tool AND version=2.3.0

vendor=oracle AND product=system_utilities AND version=19.1

vendor=oracle AND product=tape_library_acsls AND version=8.5

vendor=oracle AND product=tape_library_acsls AND version=8.5.1

vendor=oracle AND product=transportation_management AND version=1.4.3

vendor=oracle AND product=utilities_mobile_workforce_management AND versionEndIncluding=2.3.0.3 AND versionStartIncluding=2.3.0.1

vendor=oracle AND product=webcenter_sites AND version=12.2.1.3.0

vendor=oracle AND product=weblogic_server AND version=10.3.6.0.0

vendor=oracle AND product=weblogic_server AND version=12.1.3.0.0

vendor=oracle AND product=weblogic_server AND version=12.2.1.3.0

vendor=oracle AND product=weblogic_server AND version=12.2.1.4.0

vendor=oracle AND product=weblogic_server AND version=14.1.1.0.0

vendor=joomla AND product=joomla\! AND versionEndIncluding=3.9.4 AND versionStartIncluding=3.0.0

Reference

https://www.drupal.org/sa-core-2019-006
https://snyk.io/vuln/SNYK-JS-JQUERY-174006
https://github.com/jquery/jquery/pull/4333
https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b
https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/
https://backdropcms.org/security/backdrop-sa-core-2019-009
DSA-4434-Third Party Advisory
20190421 [SECURITY] [DSA 4434-1] drupal7 security update-Mailing List, Third Party Advisory
108023-Broken Link
[airflow-commits] 20190428 [GitHub] [airflow] feng-tao opened a new pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358-Mailing List, Third Party Advisory
[airflow-commits] 20190428 [GitHub] [airflow] feng-tao commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358-Mailing List, Third Party Advisory
[airflow-commits] 20190428 [GitHub] [airflow] codecov-io commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358-Mailing List, Third Party Advisory
[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358-Mailing List, Third Party Advisory
[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG merged pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358-Mailing List, Third Party Advisory
[debian-lts-announce] 20190506 [SECURITY] [DLA 1777-1] jquery security update-Mailing List, Third Party Advisory
FEDORA-2019-eba8e44ee6-Mailing List, Third Party Advisory
FEDORA-2019-1a3edd7e8a-Mailing List, Third Party Advisory
FEDORA-2019-7eaf0bbe7c-Mailing List, Third Party Advisory
FEDORA-2019-2a0ce0c58c-Mailing List, Third Party Advisory
FEDORA-2019-f563e66380-Mailing List, Third Party Advisory
FEDORA-2019-a06dffab1c-Mailing List, Third Party Advisory
20190509 dotCMS v5.1.1 Vulnerabilities-Mailing List, Patch, Third Party Advisory
http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html
20190510 Re: dotCMS v5.1.1 HTML Injection & XSS Vulnerability-Mailing List, Patch, Third Party Advisory
20190510 dotCMS v5.1.1 HTML Injection & XSS Vulnerability-Mailing List, Patch, Third Party Advisory
20190510 dotCMS v5.1.1 Vulnerabilities-Mailing List, Third Party Advisory
[debian-lts-announce] 20190520 [SECURITY] [DLA 1797-1] drupal7 security update-Mailing List, Third Party Advisory
[oss-security] 20190603 Django: CVE-2019-12308 AdminURLFieldWidget XSS (plus patched bundled jQuery for CVE-2019-11358)-Mailing List, Patch, Third Party Advisory
http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html
RHSA-2019:1456-Third Party Advisory
DSA-4460-Third Party Advisory
20190612 [SECURITY] [DSA 4460-1] mediawiki security update-Issue Tracking, Mailing List, Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/
openSUSE-SU-2019:1839-Mailing List, Third Party Advisory
RHBA-2019:1570-Third Party Advisory
openSUSE-SU-2019:1872-Mailing List, Third Party Advisory
[roller-commits] 20190820 [jira] [Created] (ROL-2150) Fix Js security vulnerabilities detected using retire js-Mailing List, Third Party Advisory
RHSA-2019:2587-Third Party Advisory
https://security.netapp.com/advisory/ntap-20190919-0001/
RHSA-2019:3023-Third Party Advisory
RHSA-2019:3024-Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities-Mailing List, Third Party Advisory
[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities-Mailing List, Third Party Advisory
[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities-Mailing List, Third Party Advisory
https://www.synology.com/security/advisory/Synology_SA_19_19
[nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html-Mailing List, Third Party Advisory
https://www.tenable.com/security/tns-2019-08
https://www.oracle.com/security-alerts/cpujan2020.html
[nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html-Mailing List, Third Party Advisory
[debian-lts-announce] 20200224 [SECURITY] [DLA 2118-1] otrs2 security update-Mailing List, Third Party Advisory
http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html
https://www.tenable.com/security/tns-2020-02
N/A-Patch, Third Party Advisory
[syncope-dev] 20200423 Jquery version on 2.1.x/2.0.x-Mailing List, Third Party Advisory
[flink-dev] 20200513 [jira] [Created] (FLINK-17675) Resolve CVE-2019-11358 from jquery-Mailing List, Third Party Advisory
[flink-issues] 20200513 [jira] [Created] (FLINK-17675) Resolve CVE-2019-11358 from jquery-Mailing List, Third Party Advisory
[flink-issues] 20200518 [jira] [Commented] (FLINK-17675) Resolve CVE-2019-11358 from jquery-Mailing List, Third Party Advisory
[flink-issues] 20200518 [jira] [Updated] (FLINK-17675) Resolve CVE-2019-11358 from jquery-Mailing List, Third Party Advisory
[flink-issues] 20200518 [jira] [Assigned] (FLINK-17675) Resolve CVE-2019-11358 from jquery-Mailing List, Third Party Advisory
[flink-issues] 20200520 [jira] [Closed] (FLINK-17675) Resolve CVE-2019-11358 from jquery-Mailing List, Third Party Advisory
[storm-dev] 20200708 [GitHub] [storm] Crim opened a new pull request #3305: [STORM-3553] Upgrade jQuery from 1.11.1 to 3.5.1-Mailing List, Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
N/A-Patch, Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.oracle.com/security-alerts/cpujan2022.html

Keywords

CVE-2019-11358

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2019-11358

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures