Vulnerabilites related to oracle - jdeveloper_and_adf
cve-2019-11358
Vulnerability from cvelistv5
Published
2019-04-19 00:00
Modified
2024-11-15 15:11
Severity ?
EPSS score ?
Summary
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:48:09.199Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.drupal.org/sa-core-2019-006", }, { tags: [ "x_transferred", ], url: "https://www.synology.com/security/advisory/Synology_SA_19_19", }, { name: "DSA-4434", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4434", }, { name: "20190421 [SECURITY] [DSA 4434-1] drupal7 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Apr/32", }, { name: "108023", tags: [ "vdb-entry", "x_transferred", ], url: "http://www.securityfocus.com/bid/108023", }, { name: "[airflow-commits] 20190428 [GitHub] [airflow] feng-tao commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E", }, { name: "[airflow-commits] 20190428 [GitHub] [airflow] feng-tao opened a new pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E", }, { name: "[airflow-commits] 20190428 [GitHub] [airflow] codecov-io commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E", }, { name: "[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG merged pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E", }, { name: "[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E", }, { name: "[debian-lts-announce] 20190506 [SECURITY] [DLA 1777-1] jquery security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html", }, { name: "FEDORA-2019-eba8e44ee6", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/", }, { name: "FEDORA-2019-1a3edd7e8a", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/", }, { name: "FEDORA-2019-7eaf0bbe7c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/", }, { name: "FEDORA-2019-2a0ce0c58c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/", }, { name: "FEDORA-2019-a06dffab1c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/", }, { name: "FEDORA-2019-f563e66380", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/", }, { name: "20190509 dotCMS v5.1.1 Vulnerabilities", tags: [ "mailing-list", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/May/18", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html", }, { name: "20190510 dotCMS v5.1.1 HTML Injection & XSS Vulnerability", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2019/May/11", }, { name: "20190510 dotCMS v5.1.1 Vulnerabilities", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2019/May/10", }, { name: "20190510 Re: dotCMS v5.1.1 HTML Injection & XSS Vulnerability", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2019/May/13", }, { name: "[debian-lts-announce] 20190520 [SECURITY] [DLA 1797-1] drupal7 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html", }, { name: "[oss-security] 20190603 Django: CVE-2019-12308 AdminURLFieldWidget XSS (plus patched bundled jQuery for CVE-2019-11358)", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2019/06/03/2", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html", }, { name: "RHSA-2019:1456", tags: [ "vendor-advisory", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1456", }, { name: "DSA-4460", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4460", }, { name: "20190612 [SECURITY] [DSA 4460-1] mediawiki security update", tags: [ "mailing-list", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Jun/12", }, { name: "openSUSE-SU-2019:1839", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html", }, { name: "RHBA-2019:1570", tags: [ "vendor-advisory", "x_transferred", ], url: "https://access.redhat.com/errata/RHBA-2019:1570", }, { name: "openSUSE-SU-2019:1872", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html", }, { name: "[roller-commits] 20190820 [jira] [Created] (ROL-2150) Fix Js security vulnerabilities detected using retire js", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E", }, { name: "RHSA-2019:2587", tags: [ "vendor-advisory", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2587", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190919-0001/", }, { name: "RHSA-2019:3023", tags: [ "vendor-advisory", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3023", }, { name: "RHSA-2019:3024", tags: [ "vendor-advisory", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3024", }, { name: "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E", }, { name: "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E", }, { name: "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E", }, { name: "[nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2019-08", }, { name: "[nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E", }, { name: "[debian-lts-announce] 20200224 [SECURITY] [DLA 2118-1] otrs2 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2020-02", }, { name: "[syncope-dev] 20200423 Jquery version on 2.1.x/2.0.x", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E", }, { name: "[flink-dev] 20200513 [jira] [Created] (FLINK-17675) Resolve CVE-2019-11358 from jquery", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E", }, { name: "[flink-issues] 20200513 [jira] [Created] (FLINK-17675) Resolve CVE-2019-11358 from jquery", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E", }, { name: "[flink-issues] 20200518 [jira] [Commented] (FLINK-17675) Resolve CVE-2019-11358 from jquery", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E", }, { name: "[flink-issues] 20200518 [jira] [Updated] (FLINK-17675) Resolve CVE-2019-11358 from jquery", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E", }, { name: "[flink-issues] 20200518 [jira] [Assigned] (FLINK-17675) Resolve CVE-2019-11358 from jquery", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E", }, { name: "[flink-issues] 20200520 [jira] [Closed] (FLINK-17675) Resolve CVE-2019-11358 from jquery", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { name: "[storm-dev] 20200708 [GitHub] [storm] Crim opened a new pull request #3305: [STORM-3553] Upgrade jQuery from 1.11.1 to 3.5.1", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2020.html", }, { tags: [ "x_transferred", ], url: "https://backdropcms.org/security/backdrop-sa-core-2019-009", }, { tags: [ "x_transferred", ], url: "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", }, { tags: [ "x_transferred", ], url: "https://snyk.io/vuln/SNYK-JS-JQUERY-174006", }, { tags: [ "x_transferred", ], url: "https://github.com/jquery/jquery/pull/4333", }, { tags: [ "x_transferred", ], url: "https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b", }, { tags: [ "x_transferred", ], url: "https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { tags: [ "x_transferred", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_transferred", ], url: "https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1", }, { name: "[debian-lts-announce] 20230831 [SECURITY] [DLA 3551-1] otrs2 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-11358", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-02-20T15:03:16.892088Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T15:11:23.024Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-31T02:06:52.187292", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://www.drupal.org/sa-core-2019-006", }, { url: "https://www.synology.com/security/advisory/Synology_SA_19_19", }, { name: "DSA-4434", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2019/dsa-4434", }, { name: "20190421 [SECURITY] [DSA 4434-1] drupal7 security update", tags: [ "mailing-list", ], url: "https://seclists.org/bugtraq/2019/Apr/32", }, { name: "108023", tags: [ "vdb-entry", ], url: "http://www.securityfocus.com/bid/108023", }, { name: "[airflow-commits] 20190428 [GitHub] [airflow] feng-tao commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E", }, { name: "[airflow-commits] 20190428 [GitHub] [airflow] feng-tao opened a new pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E", }, { name: "[airflow-commits] 20190428 [GitHub] [airflow] codecov-io commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E", }, { name: "[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG merged pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E", }, { name: "[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E", }, { name: "[debian-lts-announce] 20190506 [SECURITY] [DLA 1777-1] jquery security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html", }, { name: "FEDORA-2019-eba8e44ee6", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/", }, { name: "FEDORA-2019-1a3edd7e8a", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/", }, { name: "FEDORA-2019-7eaf0bbe7c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/", }, { name: "FEDORA-2019-2a0ce0c58c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/", }, { name: "FEDORA-2019-a06dffab1c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/", }, { name: "FEDORA-2019-f563e66380", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/", }, { name: "20190509 dotCMS v5.1.1 Vulnerabilities", tags: [ "mailing-list", ], url: "https://seclists.org/bugtraq/2019/May/18", }, { url: "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html", }, { name: "20190510 dotCMS v5.1.1 HTML Injection & XSS Vulnerability", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2019/May/11", }, { name: "20190510 dotCMS v5.1.1 Vulnerabilities", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2019/May/10", }, { name: "20190510 Re: dotCMS v5.1.1 HTML Injection & XSS Vulnerability", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2019/May/13", }, { name: "[debian-lts-announce] 20190520 [SECURITY] [DLA 1797-1] drupal7 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html", }, { name: "[oss-security] 20190603 Django: CVE-2019-12308 AdminURLFieldWidget XSS (plus patched bundled jQuery for CVE-2019-11358)", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2019/06/03/2", }, { url: "http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html", }, { name: "RHSA-2019:1456", tags: [ "vendor-advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1456", }, { name: "DSA-4460", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2019/dsa-4460", }, { name: "20190612 [SECURITY] [DSA 4460-1] mediawiki security update", tags: [ "mailing-list", ], url: "https://seclists.org/bugtraq/2019/Jun/12", }, { name: "openSUSE-SU-2019:1839", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html", }, { name: "RHBA-2019:1570", tags: [ "vendor-advisory", ], url: "https://access.redhat.com/errata/RHBA-2019:1570", }, { name: "openSUSE-SU-2019:1872", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html", }, { name: "[roller-commits] 20190820 [jira] [Created] (ROL-2150) Fix Js security vulnerabilities detected using retire js", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E", }, { name: "RHSA-2019:2587", tags: [ "vendor-advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2587", }, { url: "https://security.netapp.com/advisory/ntap-20190919-0001/", }, { name: "RHSA-2019:3023", tags: [ "vendor-advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3023", }, { name: "RHSA-2019:3024", tags: [ "vendor-advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3024", }, { name: "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E", }, { name: "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E", }, { name: "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E", }, { name: "[nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E", }, { url: "https://www.tenable.com/security/tns-2019-08", }, { name: "[nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E", }, { name: "[debian-lts-announce] 20200224 [SECURITY] [DLA 2118-1] otrs2 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html", }, { url: "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html", }, { url: "https://www.tenable.com/security/tns-2020-02", }, { name: "[syncope-dev] 20200423 Jquery version on 2.1.x/2.0.x", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E", }, { name: "[flink-dev] 20200513 [jira] [Created] (FLINK-17675) Resolve CVE-2019-11358 from jquery", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E", }, { name: "[flink-issues] 20200513 [jira] [Created] (FLINK-17675) Resolve CVE-2019-11358 from jquery", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E", }, { name: "[flink-issues] 20200518 [jira] [Commented] (FLINK-17675) Resolve CVE-2019-11358 from jquery", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E", }, { name: "[flink-issues] 20200518 [jira] [Updated] (FLINK-17675) Resolve CVE-2019-11358 from jquery", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E", }, { name: "[flink-issues] 20200518 [jira] [Assigned] (FLINK-17675) Resolve CVE-2019-11358 from jquery", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E", }, { name: "[flink-issues] 20200520 [jira] [Closed] (FLINK-17675) Resolve CVE-2019-11358 from jquery", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E", }, { url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { name: "[storm-dev] 20200708 [GitHub] [storm] Crim opened a new pull request #3305: [STORM-3553] Upgrade jQuery from 1.11.1 to 3.5.1", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E", }, { url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, { url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { url: "https://www.oracle.com/security-alerts/cpujan2020.html", }, { url: "https://backdropcms.org/security/backdrop-sa-core-2019-009", }, { url: "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", }, { url: "https://snyk.io/vuln/SNYK-JS-JQUERY-174006", }, { url: "https://github.com/jquery/jquery/pull/4333", }, { url: "https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b", }, { url: "https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/", }, { url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601", }, { url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { url: "https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1", }, { name: "[debian-lts-announce] 20230831 [SECURITY] [DLA 3551-1] otrs2 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-11358", datePublished: "2019-04-19T00:00:00", dateReserved: "2019-04-19T00:00:00", dateUpdated: "2024-11-15T15:11:23.024Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2019-04-20 00:29
Modified
2024-11-21 04:20
Severity ?
Summary
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*", matchCriteriaId: "D2D193C7-2259-492F-8B85-E74C57A7426A", versionEndExcluding: "3.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", matchCriteriaId: "FC5AB839-4DAC-45E7-9D0B-B528F6D12043", versionEndExcluding: "7.66", versionStartIncluding: "7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", matchCriteriaId: "9106BF81-B898-4EB0-B63C-9919D3B22260", versionEndExcluding: "8.5.15", versionStartIncluding: "8.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", matchCriteriaId: "9B37281E-9B44-42A5-AE0A-17CE6770995C", versionEndExcluding: "8.6.15", versionStartIncluding: "8.6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:*", matchCriteriaId: "E75C32CE-3FA9-4DC2-A22A-4A841D4911EB", versionEndExcluding: "1.11.9", versionStartIncluding: "1.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:*", matchCriteriaId: "F6F204D6-2C8A-4517-8E3C-328ED0D9D3E4", versionEndExcluding: "1.12.6", versionStartIncluding: "1.12.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", matchCriteriaId: "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", matchCriteriaId: "40513095-7E6E-46B3-B604-C926F1BA3568", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B9273745-6408-4CD3-94E8-9385D4F5FE69", versionEndIncluding: "3.1.3", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", matchCriteriaId: "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:cloudforms:4.7:*:*:*:*:*:*:*", matchCriteriaId: "04AC556D-D511-4C4C-B9FB-A089BB2FEFD5", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*", matchCriteriaId: "9FA1A18F-D997-4121-A01B-FD9B3BF266CF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.1:*:*:*:*:*:*:*", matchCriteriaId: "230E2167-9107-4994-8328-295575E17DF6", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "A079FD6E-3BB0-4997-9A8E-6F8FEC89887A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.1.0:*:*:*:*:*:*:*", matchCriteriaId: "900D2344-5160-42A0-8C49-36DBC7FF3D87", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.2.0:*:*:*:*:*:*:*", matchCriteriaId: "A4AA4B21-1BA9-4ED8-B9EA-558AF8655D24", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.3.0:*:*:*:*:*:*:*", matchCriteriaId: "9C3F9EE5-FCFC-45B8-9F57-C05D42EE0FF0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*", matchCriteriaId: "90CFEC52-A574-493E-A2AC-0EC21851BBFA", versionEndExcluding: "19.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:application_service_level_management:13.2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3665B8A2-1F1A-490F-B01D-5B3455A6A539", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:application_service_level_management:13.3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "A8577D60-A711-493D-9246-E49D0E2B07E0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:application_testing_suite:12.5.0.3:*:*:*:*:*:*:*", matchCriteriaId: "17EA8B91-7634-4636-B647-1049BA7CA088", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:application_testing_suite:13.1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "5B4DF46F-DBCC-41F2-A260-F83A14838F23", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:application_testing_suite:13.2:*:*:*:*:*:*:*", matchCriteriaId: "5E5BC0B6-0C66-4FC5-81F0-6AC9BEC0813E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:application_testing_suite:13.2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "10F17843-32EA-4C31-B65C-F424447BEF7B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:application_testing_suite:13.3:*:*:*:*:*:*:*", matchCriteriaId: "C784CEE8-F071-4583-A72D-F46C7C95FEC0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*", matchCriteriaId: "A125E817-F974-4509-872C-B71933F42AD1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:*", matchCriteriaId: "BBE7BF09-B89C-4590-821E-6C0587E096B5", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:*", matchCriteriaId: "ADAE8A71-0BCD-42D5-B38C-9B2A27CC1E6B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*", matchCriteriaId: "E7231D2D-4092-44F3-B60A-D7C9ED78AFDF", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*", matchCriteriaId: "F7BDFC10-45A0-46D8-AB92-4A5E2C1C76ED", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*", matchCriteriaId: "18127694-109C-4E7E-AE79-0BA351849291", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:*", matchCriteriaId: "33F68878-BC19-4DB8-8A72-BD9FE3D0ACEC", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_enterprise_collections:*:*:*:*:*:*:*:*", matchCriteriaId: "660DB443-6250-4956-ABD1-C6A522B8DCCA", versionEndIncluding: "2.8.0", versionStartIncluding: "2.7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "3625D477-1338-46CB-90B1-7291D617DC39", versionEndIncluding: "2.10.0", versionStartIncluding: "2.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:bi_publisher:5.5.0.0.0:*:*:*:*:*:*:*", matchCriteriaId: "5CD806C1-CC17-47BD-8BB0-9430C4253BC7", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "9DC56004-4497-4CDD-AE76-5E3DFAE170F0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "274A0CF5-41E8-42E0-9931-F7372A65B9C4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:big_data_discovery:1.6:*:*:*:*:*:*:*", matchCriteriaId: "8C4C38FF-B75B-4DF1-BFB3-C91BDD10D90E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "E869C417-C0E6-4FC3-B406-45598A1D1906", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "DFEFE2C0-7B98-44F9-B3AD-D6EC607E90DA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_analytics:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "55D98C27-734F-490B-92D5-251805C841B9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:*", matchCriteriaId: "B796AC70-A220-48D8-B8CD-97CF57227962", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:*:*:*:*:*:*:*", matchCriteriaId: "E6039DC7-08F2-4DD9-B5B5-B6B22DD2409F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*", matchCriteriaId: "790A89FD-6B86-49AE-9B4F-AE7262915E13", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:*:*:*:*:*:*:*", matchCriteriaId: "7231AF76-3D46-41C4-83E9-6E9E12940BD9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*", matchCriteriaId: "E39D442D-1997-49AF-8B02-5640BE2A26CC", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0:*:*:*:*:*:*:*", matchCriteriaId: "A9317C01-22AA-452B-BBBF-5FAFFFB8BEA4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:*", matchCriteriaId: "C4534CF9-D9FD-4936-9D8C-077387028A05", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:*", matchCriteriaId: "D60384BD-284C-4A68-9EEF-0FAFDF0C21F3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:*:*:*:*:*:*:*", matchCriteriaId: "FCA44E38-EB8C-4E2D-8611-B201F47520E9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:*", matchCriteriaId: "1A0E3537-CB5A-40BF-B42C-CED9211B8892", versionEndIncluding: "16.4.0", versionStartIncluding: "16.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*", matchCriteriaId: "0C57FD3A-0CC1-4BA9-879A-8C4A40234162", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*", matchCriteriaId: "698FB6D0-B26F-4760-9B9B-1C65FBFF2126", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*", matchCriteriaId: "4F1D64BC-17BF-4DAE-B5FC-BC41F9C12DFD", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:*", matchCriteriaId: "4E16A16E-BFA3-4D17-9B4E-B42ADE725356", versionEndIncluding: "6.4", versionStartIncluding: "6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:*", matchCriteriaId: "9264AF8A-3819-40E5-BBCB-3B6C95A0D828", versionEndIncluding: "4.3", versionStartIncluding: "4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*", matchCriteriaId: "D52F557F-D0A0-43D3-85F1-F10B6EBFAEDF", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*", matchCriteriaId: "E3517A27-E6EE-497C-9996-F78171BBE90F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.1.0:*:*:*:*:*:*:*", matchCriteriaId: "1C3CE8D5-6404-4CEB-953E-7B7961BC14D6", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*", matchCriteriaId: "062E4E7C-55BB-46F3-8B61-5A663B565891", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*", matchCriteriaId: "DB43DFD4-D058-4001-BD19-488E059F4532", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*", matchCriteriaId: "086E2E5C-44EB-4C07-B298-C04189533996", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*", matchCriteriaId: "AA77B994-3872-4059-854B-0974AA5593D4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*", matchCriteriaId: "5682DAEB-3810-4541-833A-568C868BCE0B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*", matchCriteriaId: "01BC9AED-F81D-4344-AD97-EEF19B6EA8C7", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*", matchCriteriaId: "8198E762-9AD9-452B-B1AF-516E52436B7D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3:*:*:*:*:*:*:*", matchCriteriaId: "D0D177F6-25D9-4696-8528-3F57D91BAC12", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*", matchCriteriaId: "539DA24F-E3E0-4455-84C6-A9D96CD601B3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*", matchCriteriaId: "726DB59B-00C7-444E-83F7-CB31032482AB", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:diagnostic_assistant:2.12.36:*:*:*:*:*:*:*", matchCriteriaId: "80B6D265-9D72-45C3-AA2C-5B186E23CDAF", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*", matchCriteriaId: "AB654DFA-FEF9-4D00-ADB0-F3F2B6ACF13E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*", matchCriteriaId: "37209C6F-EF99-4D21-9608-B3A06D283D24", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B095CC03-7077-4A58-AB25-CC5380CDCE5A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*", matchCriteriaId: "7015A8CB-8FA6-423E-8307-BD903244F517", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*", matchCriteriaId: "B5BC32AA-78BE-468B-B92A-5A0FFFA970FA", versionEndIncluding: "7.3.5", versionStartIncluding: "7.3.3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*", matchCriteriaId: "FA699B16-5100-4485-9BB7-85B247743B17", versionEndIncluding: "8.1.0", versionStartIncluding: "8.0.2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:*", matchCriteriaId: "A7E00BA1-E643-45D9-97D3-EF12C29DB262", versionEndIncluding: "8.0.7", versionStartIncluding: "8.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "2ACA29E6-F393-46E5-B2B3-9158077819A9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_asset_liability_management:*:*:*:*:*:*:*:*", matchCriteriaId: "703DA91D-3440-4C67-AA20-78F71B1376DD", versionEndIncluding: "8.0.7", versionStartIncluding: "8.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "39B8DFFF-B037-4F29-8C8E-F4BBC3435199", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:*", matchCriteriaId: "4D0D0EAC-300D-44B1-AD4A-93A368D5DBA1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:*:*:*:*:*:*:*:*", matchCriteriaId: "9CB2A0EB-E1C7-4206-8E64-D2EE77C1CD86", versionEndIncluding: "8.0.7", versionStartIncluding: "8.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "8A566893-8DCF-49E4-93D0-0ACCEFD70D3D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:*:*:*:*:*:*:*:*", matchCriteriaId: "A180039F-22C3-458E-967D-E07C61C69FAF", versionEndIncluding: "8.0.7", versionStartIncluding: "8.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "00E5D719-249D-48B8-BAFC-1E14D250B3F6", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_data_foundation:*:*:*:*:*:*:*:*", matchCriteriaId: "2C5F6B8C-2044-4E68-98BD-37B0CD108434", versionEndIncluding: "8.0.8", versionStartIncluding: "8.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:*:*:*:*:*:*:*:*", matchCriteriaId: "672949B4-1989-4AA7-806F-EEC07D07F317", versionEndIncluding: "8.0.9", versionStartIncluding: "8.0.6", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_data_integration_hub:*:*:*:*:*:*:*:*", matchCriteriaId: "73E05211-8415-42FB-9B93-959EB03B090B", versionEndIncluding: "8.0.7", versionStartIncluding: "8.0.5", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "9476D1DA-C8A8-40A0-94DD-9B46C05FD461", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.6:*:*:*:*:*:*:*", matchCriteriaId: "7DEE0A37-6B9A-43FE-B3E0-8AB5CA368425", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.7:*:*:*:*:*:*:*", matchCriteriaId: "CF6A5433-A7D9-4521-9D28-E7684FB76E5B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:*:*:*:*:*:*:*:*", matchCriteriaId: "AC15899F-8528-4D10-8CD5-F67121D7F293", versionEndIncluding: "8.0.7", versionStartIncluding: "8.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "F727AAC6-6D9F-4B28-B07C-6A93916C43A3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:*", matchCriteriaId: "30657F1B-D1FC-4EE6-9854-18993294A01D", versionEndIncluding: "8.0.7", versionStartIncluding: "8.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "51C17460-D326-4525-A7D1-0AED53E75E18", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "30F0991A-8507-48C4-9A8E-DE5B28C46A99", versionEndIncluding: "8.0.7", versionStartIncluding: "8.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "A00142E6-EEB3-44BD-AB0D-0E5C5640557F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.0.1.0:*:*:*:*:*:*:*", matchCriteriaId: "00ED7CB0-96F7-4089-9047-A3AC241139C2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.2:*:*:*:*:*:*:*", matchCriteriaId: "005E458D-4059-4E20-A620-B25DEBCE40C2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "74008AEE-589F-423E-8D77-EA54C36D776A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.5.0.0:*:*:*:*:*:*:*", matchCriteriaId: "FD85DB06-692F-4E81-BEB7-1E41B438D1FD", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6:*:*:*:*:*:*:*", matchCriteriaId: "6149C89E-0111-4CF9-90CA-0662D2F75E04", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7:*:*:*:*:*:*:*", matchCriteriaId: "6CDDF6CA-6441-4606-9D2F-22A67BA46978", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*", matchCriteriaId: "6FA0B592-A216-4320-A4FE-ABCA6B3E7D7A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "CEA4D6CF-D54A-40DF-9B70-E13392D0BE19", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:*", matchCriteriaId: "DB6C521C-F104-4E26-82F2-6F63F94108BC", versionEndIncluding: "8.0.7", versionStartIncluding: "8.0.2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "397B1A24-7C95-4A73-8363-4529A7F6CFCC", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.5:*:*:*:*:*:*:*", matchCriteriaId: "402B8642-7ACC-4F42-87A9-AB4D3B581751", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:*", matchCriteriaId: "EF6D5112-4055-4F89-A5B3-0DCB109481B7", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*", matchCriteriaId: "D262848E-AA24-4057-A747-6221BA22ADF4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:*:*:*:*:*:*:*:*", matchCriteriaId: "2163B848-D684-4B17-969A-36E0866C5749", versionEndIncluding: "8.0.7", versionStartIncluding: "8.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_profitability_management:*:*:*:*:*:*:*:*", matchCriteriaId: "00615085-65B2-4211-A766-551842B3356F", versionEndIncluding: "8.0.7", versionStartIncluding: "8.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "F8E565DA-91BE-44FC-A28F-579BE8D2281A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_de_nederlandsche_bank:8.0.4:*:*:*:*:*:*:*", matchCriteriaId: "51DB64CA-8953-43BB-AEA9-D0D7E91E9FE3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:8.0.6:*:*:*:*:*:*:*", matchCriteriaId: "669BA301-4D29-4692-823B-CDEDD2A5BD18", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:8.0.7:*:*:*:*:*:*:*", matchCriteriaId: "419559E6-5441-4335-8FE1-6ADAAD9355DE", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve:*:*:*:*:*:*:*:*", matchCriteriaId: "036E4450-53C6-4322-9C7D-91DA94C9A3C9", versionEndIncluding: "8.0.7", versionStartIncluding: "8.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_retail_customer_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "89C26226-A3CF-4D36-BBDA-80E298E0A51F", versionEndIncluding: "8.0.6", versionStartIncluding: "8.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.6:*:*:*:*:*:*:*", matchCriteriaId: "F67D1332-621E-4756-B205-97A5CF670A19", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.7:*:*:*:*:*:*:*", matchCriteriaId: "6748C867-0A52-452B-B4D6-DA80396F4152", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "A64B5C4C-DF69-4292-A534-EDC5955CDDAE", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.4.0.1:*:*:*:*:*:*:*", matchCriteriaId: "C7141C66-0384-4BA1-A788-91DEB7EF1361", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "06E586B3-3434-4B08-8BE3-16C528642CA5", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:healthcare_foundation:7.1.1:*:*:*:*:*:*:*", matchCriteriaId: "26A1F27B-C3AC-4D13-B9B2-2D6CF65D07BC", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:healthcare_foundation:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "B95E8056-51D8-4390-ADE3-661B7AE1D7CE", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:healthcare_foundation:7.2.2:*:*:*:*:*:*:*", matchCriteriaId: "4EFC8DAB-E5D8-420C-B800-08F8C5BF3F4F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:healthcare_foundation:7.3.0:*:*:*:*:*:*:*", matchCriteriaId: "9059A907-508B-4844-8D7B-0FA68C0DF6A6", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:healthcare_translational_research:3.1.0:*:*:*:*:*:*:*", matchCriteriaId: "A5ACB1D2-69CE-4B7D-9B51-D8F80E541631", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:healthcare_translational_research:3.2.1:*:*:*:*:*:*:*", matchCriteriaId: "B1F726C6-EA5A-40FF-8809-4F48E4AE6976", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:healthcare_translational_research:3.3.1:*:*:*:*:*:*:*", matchCriteriaId: "CD7C26E3-BB0D-4218-8176-319AEA2925C8", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:healthcare_translational_research:3.3.2:*:*:*:*:*:*:*", matchCriteriaId: "DD67072F-3CFC-480D-9360-81A05D523318", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:healthcare_translational_research:3.4.0:*:*:*:*:*:*:*", matchCriteriaId: "652E762A-BCDD-451E-9DE3-F1555C1E4B16", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*", matchCriteriaId: "1A3DC116-2844-47A1-BEC2-D0675DD97148", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*", matchCriteriaId: "E0F1DF3E-0F2D-4EFC-9A3E-F72149C8AE94", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*", matchCriteriaId: "2AC63D10-2326-4542-B345-31D45B9A7408", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_simphony:*:*:*:*:*:*:*:*", matchCriteriaId: "7BFD7783-BE15-421C-A550-7FE15AB53ABF", versionEndIncluding: "19.1.2", versionStartIncluding: "19.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_simphony:18.1:*:*:*:*:*:*:*", matchCriteriaId: "1F7BF047-03C5-4A60-B718-E222B16DBF41", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_simphony:18.2:*:*:*:*:*:*:*", matchCriteriaId: "E3A73D81-3E1A-42E6-AB96-835CDD5905F2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:identity_manager:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "AA10CA55-C155-4DAD-A109-87A80116F1A1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9:*:*:*:*:*:*:*", matchCriteriaId: "66136D6D-FC52-40DB-B7B6-BA8B7758CE16", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8:*:*:*:*:*:*:*", matchCriteriaId: "06514F46-544B-4404-B45C-C9584EBC3131", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0:*:*:*:*:*:*:*", matchCriteriaId: "3BD4BF9A-BF38-460D-974D-5B3255AAF946", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:insurance_data_foundation:*:*:*:*:*:*:*:*", matchCriteriaId: "92D538A5-819D-4DF7-85FE-4D4EB6E230E0", versionEndIncluding: "8.0.7", versionStartIncluding: "8.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:insurance_ifrs_17_analyzer:8.0.6:*:*:*:*:*:*:*", matchCriteriaId: "AEDA3A88-002B-4700-9277-3187C0A3E4B4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:insurance_ifrs_17_analyzer:8.0.7:*:*:*:*:*:*:*", matchCriteriaId: "BE886BC5-F807-4627-8233-2290817FE205", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:*:*:*:*:*:*:*:*", matchCriteriaId: "B47C73D0-BE89-4D87-8765-12C507F13AFF", versionEndIncluding: "5.6.0.0", versionStartIncluding: "5.0.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:*:*:*:*:*:*:*", matchCriteriaId: "5B8AA91A-1880-43CD-938D-48EF58ACF2CF", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:insurance_performance_insight:8.0.7:*:*:*:*:*:*:*", matchCriteriaId: "E6B5D7DB-C70E-4926-819F-E39B79F4D0C5", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*", matchCriteriaId: "41684398-18A4-4DC6-B8A2-3EBAA0CBF9A6", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*", matchCriteriaId: "A7506589-9B3B-49BA-B826-774BFDCC45B8", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "228DA523-4D6D-48C5-BDB0-DB1A60F23F8B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "335AB6A7-3B1F-4FA8-AF08-7D64C16C4B04", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jdeveloper_and_adf:11.1.1.9.0:*:*:*:*:*:*:*", matchCriteriaId: "37EB4A1D-A875-46B7-BEB0-694D1F400CF7", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jdeveloper_and_adf:12.1.3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "2233F287-6B9F-4C8A-A724-959DD3AD29AF", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jdeveloper_and_adf:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "2381FAB6-8D36-4389-98E4-74F3462654BA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:knowledge:*:*:*:*:*:*:*:*", matchCriteriaId: "9E587602-BA7D-4087-BE29-ACE0B01BD590", versionEndIncluding: "8.6.3", versionStartIncluding: "8.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*", matchCriteriaId: "45CB30A1-B2C9-4BF5-B510-1F2F18B60C64", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*", matchCriteriaId: "D0A735B4-4F3C-416B-8C08-9CB21BAD2889", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*", matchCriteriaId: "7E1E416B-920B-49A0-9523-382898C2979D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", matchCriteriaId: "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:*", matchCriteriaId: "84668F58-6511-4E53-8213-13B440F454C1", versionEndIncluding: "12.2.15", versionStartIncluding: "12.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:policy_automation:10.4.7:*:*:*:*:*:*:*", matchCriteriaId: "9D8B3B57-73D6-4402-987F-8AE723D52F94", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:policy_automation:12.1.0:*:*:*:*:*:*:*", matchCriteriaId: "62BF043E-BCB9-433D-BA09-7357853EE127", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:policy_automation:12.1.1:*:*:*:*:*:*:*", matchCriteriaId: "3F26FB80-F541-4B59-AC3C-633F49388B59", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*", matchCriteriaId: "0DB5E2C7-9C68-4D3B-95AD-9CBF65DE1E94", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:*", matchCriteriaId: "12D3B2F0-E9C7-432B-91C6-A6C329A84B78", versionEndIncluding: "12.2.15", versionStartIncluding: "12.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "06CF27F6-ADC1-480C-9D2E-2BD1E7330C32", versionEndIncluding: "16.2.11", versionStartIncluding: "16.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "E4AA3854-C9FD-4287-85A0-EE7907D1E1ED", versionEndIncluding: "17.12.7", versionStartIncluding: "17.12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "E8CD4002-F310-4BE4-AF7B-4BCCB17DA6FF", versionEndIncluding: "18.8.9", versionStartIncluding: "18.8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "69112C56-7747-4E11-A938-85A481529F58", versionEndIncluding: "19.12.4", versionStartIncluding: "19.12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:15.2.18:*:*:*:*:*:*:*", matchCriteriaId: "D9E628E7-6CC5-418C-939F-8EEA69B222A0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*", matchCriteriaId: "08FA59A8-6A62-4B33-8952-D6E658F8DAC9", versionEndIncluding: "17.12", versionStartIncluding: "17.7", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*", matchCriteriaId: "D55A54FD-7DD1-49CD-BE81-0BE73990943C", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*", matchCriteriaId: "82EB08C0-2D46-4635-88DF-E54F6452D3A3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*", matchCriteriaId: "202AD518-2E9B-4062-B063-9858AE1F9CE2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:real-time_scheduler:*:*:*:*:*:*:*:*", matchCriteriaId: "99579D88-27C0-4B93-B2F4-69B6781BC4BD", versionEndIncluding: "2.3.0.3", versionStartIncluding: "2.3.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:*", matchCriteriaId: "36FC547E-861A-418C-A314-DA09A457B13A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:*", matchCriteriaId: "DF9FEE51-50E3-41E9-AA0D-272A640F85CC", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:*", matchCriteriaId: "E69E905F-2E1A-4462-9082-FF7B10474496", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:*", matchCriteriaId: "0F9B692C-8986-4F91-9EF4-2BB1E3B5C133", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:rest_data_services:19c:*:*:*:-:*:*:*", matchCriteriaId: "C5F4C40E-3ABC-4C59-B226-224262DCFF37", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_back_office:14.0:*:*:*:*:*:*:*", matchCriteriaId: "31C7EEA3-AA72-48DA-A112-2923DBB37773", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:*", matchCriteriaId: "F0735989-13BD-40B3-B954-AC0529C5B53D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_central_office:14.0:*:*:*:*:*:*:*", matchCriteriaId: "83B5F416-56AE-4DC5-BCFF-49702463E716", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_central_office:14.1:*:*:*:*:*:*:*", matchCriteriaId: "58405263-E84C-4071-BB23-165D49034A00", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_customer_insights:15.0:*:*:*:*:*:*:*", matchCriteriaId: "AD4AB77A-E829-4603-AF6A-97B9CD0D687F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_customer_insights:16.0:*:*:*:*:*:*:*", matchCriteriaId: "6DE15D64-6F49-4F43-8079-0C7827384C86", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:*", matchCriteriaId: "36E16AEF-ACEB-413C-888C-8D250F65C180", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*", matchCriteriaId: "9EFAEA84-E376-40A2-8C9F-3E0676FEC527", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_point-of-service:14.0:*:*:*:*:*:*:*", matchCriteriaId: "237968A4-AE89-44DC-8BA3-D9651F88883D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_point-of-service:14.1:*:*:*:*:*:*:*", matchCriteriaId: "E13DF2AE-F315-4085-9172-6C8B21AF1C9E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_returns_management:14.0:*:*:*:*:*:*:*", matchCriteriaId: "959316A8-C3AF-4126-A242-3835ED0AD1E8", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:*", matchCriteriaId: "BDB925C6-2CBC-4D88-B9EA-F246F4F7A206", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:service_bus:11.1.1.9.0:*:*:*:*:*:*:*", matchCriteriaId: "1E2B6C75-3EB5-4BCE-B5D1-39DD3DE94139", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:service_bus:12.1.3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "70BEF219-45EC-4A53-A815-42FBE20FC300", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:service_bus:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "1EA2023A-1AD6-41FE-A214-9D1F6021D6B6", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:siebel_mobile_applications:*:*:*:*:*:*:*:*", matchCriteriaId: "2AA4E307-D5FA-461D-9809-BDD123AE7B74", versionEndIncluding: "19.8", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:siebel_ui_framework:20.8:*:*:*:*:*:*:*", matchCriteriaId: "98B9198C-11DF-4E80-ACFC-DC719CED8C7E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3.0:*:*:*:*:*:*:*", matchCriteriaId: "587EE4F3-E7AC-4A69-9476-0E71E75EE7A4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:system_utilities:19.1:*:*:*:*:*:*:*", matchCriteriaId: "A7961BBD-6411-4D32-947D-3940221C235B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:tape_library_acsls:8.5:*:*:*:*:*:*:*", matchCriteriaId: "162C6FD9-AEC2-4EBA-A163-3054840B8ACE", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:tape_library_acsls:8.5.1:*:*:*:*:*:*:*", matchCriteriaId: "A6879D52-A44E-4DF8-8A3A-3613822EB469", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:transportation_management:1.4.3:*:*:*:*:*:*:*", matchCriteriaId: "5AAF89C1-AAC2-449C-90C1-895F5F8843B4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:utilities_mobile_workforce_management:*:*:*:*:*:*:*:*", matchCriteriaId: "2F2D3FA0-BD9D-4828-AE36-1CE43D9B07D1", versionEndIncluding: "2.3.0.3", versionStartIncluding: "2.3.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "D551CAB1-4312-44AA-BDA8-A030817E153A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B40B13B7-68B3-4510-968C-6A730EB46462", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*", matchCriteriaId: "C93CC705-1F8C-4870-99E6-14BF264C3811", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "F14A818F-AA16-4438-A3E4-E64C9287AC66", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "04BCDC24-4A21-473C-8733-0D9CFB38A752", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*", matchCriteriaId: "C63557DE-E65B-46F4-99C4-247EACCB7BBA", versionEndIncluding: "3.9.4", versionStartIncluding: "3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*", matchCriteriaId: "216E7DDE-453D-481F-92E2-9F8466CDDA3F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.", }, { lang: "es", value: "jQuery, en versiones anteriores a 3.4.0, como es usado en Drupal, Backdrop CMS, y otros productos, maneja mal jQuery.extend(true, {}, ...) debido a la contaminación de Object.prototype. Si un objeto fuente no sanitizado contenía una propiedad enumerable __proto__, podría extender el Object.prototype nativo.", }, ], id: "CVE-2019-11358", lastModified: "2024-11-21T04:20:56.320", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-04-20T00:29:00.247", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/May/10", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/May/11", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/May/13", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/06/03/2", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108023", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHBA-2019:1570", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1456", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2587", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3023", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3024", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://backdropcms.org/security/backdrop-sa-core-2019-009", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/jquery/jquery/pull/4333", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Apr/32", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Jun/12", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/May/18", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190919-0001/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JS-JQUERY-174006", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4434", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4460", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.drupal.org/sa-core-2019-006", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2020.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.synology.com/security/advisory/Synology_SA_19_19", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2019-08", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2020-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/May/10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/May/11", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/May/13", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/06/03/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHBA-2019:1570", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1456", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2587", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://backdropcms.org/security/backdrop-sa-core-2019-009", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/jquery/jquery/pull/4333", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Apr/32", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Jun/12", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/May/18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190919-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JS-JQUERY-174006", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4434", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4460", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.drupal.org/sa-core-2019-006", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.synology.com/security/advisory/Synology_SA_19_19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2019-08", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2020-02", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-1321", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }