alsa-2025:1346
Vulnerability from osv_almalinux
Published
2025-02-12 00:00
Modified
2025-02-14 07:49
Summary
Moderate: gcc security update
Details
The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries.
Security Fix(es):
- jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods (CVE-2020-11023)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "cpp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0-5.el9_5.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "gcc"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0-5.el9_5.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "gcc-c++"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0-5.el9_5.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "gcc-gfortran"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0-5.el9_5.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "gcc-offload-nvptx"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0-5.el9_5.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "gcc-plugin-annobin"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0-5.el9_5.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "gcc-plugin-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0-5.el9_5.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "libasan"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0-5.el9_5.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "libatomic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0-5.el9_5.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "libgcc"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0-5.el9_5.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "libgccjit"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0-5.el9_5.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "libgccjit-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0-5.el9_5.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "libgfortran"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0-5.el9_5.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "libgomp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0-5.el9_5.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "libgomp-offload-nvptx"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0-5.el9_5.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "libitm"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0-5.el9_5.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "libitm-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0-5.el9_5.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "liblsan"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0-5.el9_5.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "libquadmath"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0-5.el9_5.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "libquadmath-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0-5.el9_5.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "libstdc++"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0-5.el9_5.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "libstdc++-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0-5.el9_5.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "libstdc++-docs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0-5.el9_5.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "libstdc++-static"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0-5.el9_5.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "libtsan"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0-5.el9_5.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "libubsan"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.5.0-5.el9_5.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. \n\nSecurity Fix(es): \n\n * jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods (CVE-2020-11023)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
"id": "ALSA-2025:1346",
"modified": "2025-02-14T07:49:42Z",
"published": "2025-02-12T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2025:1346"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/1850004"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/9/ALSA-2025-1346.html"
}
],
"related": [
"CVE-2020-11023"
],
"summary": "Moderate: gcc security update"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…