Movatterモバイル変換

[0]ホーム
URL:

You are viewing this page in an unauthorized frame window.

This is a potential security issue, you are being redirected tohttps://nvd.nist.gov

U.S. flag  An official website of the United States government
Dot gov

Official websites use .gov
A.gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
Alock (Dot gov) orhttps:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

  • VulnerabilitiesExpand or Collapse
  • Vulnerability MetricsExpand or Collapse
  • ProductsExpand or Collapse

    CPE Dictionary

    CPE Search

    CPE Statistics

    SWID

  • DevelopersExpand or Collapse

    Start Here

    Request an API Key

    Vulnerabilities

    Products

    Data Sources

    Terms of Use

  • Contact NVD
  • Other SitesExpand or Collapse

    Checklist (NCP) Repository

    Configurations (CCE)

    800-53 Controls

    SCAPValidated Tools

    SCAP

    USGCB

  • SearchExpand or Collapse

    Vulnerability Search

    CPE Search

    • Information Technology Laboratory

    National Vulnerability Database

    National Vulnerability Database

    NVD

    National Vulnerability Database
    1. Vulnerabilities
    AddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReferenceAddedReference

    CVE-2020-11022 Detail

    Modified

    This CVE record has been updated after NVD enrichment efforts were completed. Enrichment data supplied by the NVD may require amendment due to these changes.

    Description

    In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.


    Metrics

    NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
    CVSS 4.0 Severity and Vector Strings:

    NIST CVSS score
    NIST: NVD
    NVD assessment not yet provided.
    CVSS 3.x Severity and Vector Strings:

    NIST CVSS score
    NIST: NVD
    BaseScore: 6.1 MEDIUM
    Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

    Nist CVSS score does not match with CNA score
    CNA: GitHub, Inc.
    BaseScore: 6.9 MEDIUM
    Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
    CVSS 2.0 Severity and Vector Strings:

    National Institute of Standards and Technology
    NIST: NVD
    BaseScore: 4.3 MEDIUM
    Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

    References to Advisories, Solutions, and Tools

    By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to[email protected].

    URLSource(s)Tag(s)
    http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.htmlCVE, GitHub, Inc.Broken Link 
    http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.htmlCVE, GitHub, Inc.Broken Link 
    http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.htmlCVE, GitHub, Inc.Broken Link 
    http://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.htmlCVE, GitHub, Inc.Exploit Third Party Advisory VDB Entry 
    https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/CVE, GitHub, Inc.Release Notes Vendor Advisory 
    https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77CVE, GitHub, Inc.Patch Third Party Advisory 
    https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2CVE, GitHub, Inc.Mitigation Third Party Advisory 
    https://jquery.com/upgrade-guide/3.5/CVE, GitHub, Inc.Mitigation Vendor Advisory 
    https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3ECVE, GitHub, Inc.
    https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3ECVE, GitHub, Inc.
    https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3ECVE, GitHub, Inc.
    https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3ECVE, GitHub, Inc.
    https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3ECVE, GitHub, Inc.
    https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3ECVE, GitHub, Inc.
    https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3ECVE, GitHub, Inc.
    https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133%40%3Ccommits.airflow.apache.org%3ECVE, GitHub, Inc.
    https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3ECVE, GitHub, Inc.
    https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3ECVE, GitHub, Inc.
    https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3ECVE, GitHub, Inc.
    https://lists.debian.org/debian-lts-announce/2021/03/msg00033.htmlCVE, GitHub, Inc.Mailing List Third Party Advisory 
    https://lists.debian.org/debian-lts-announce/2023/08/msg00040.htmlCVE, GitHub, Inc.
    https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/CVE, GitHub, Inc.
    https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/CVE, GitHub, Inc.
    https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/CVE, GitHub, Inc.
    https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/CVE, GitHub, Inc.
    https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W/CVE, GitHub, Inc.
    https://security.gentoo.org/glsa/202007-03CVE, GitHub, Inc.Third Party Advisory 
    https://security.netapp.com/advisory/ntap-20200511-0006/CVE, GitHub, Inc.Third Party Advisory 
    https://www.debian.org/security/2020/dsa-4693CVE, GitHub, Inc.Third Party Advisory 
    https://www.drupal.org/sa-core-2020-002CVE, GitHub, Inc.Third Party Advisory 
    https://www.oracle.com//security-alerts/cpujul2021.htmlCVE, GitHub, Inc.Patch Third Party Advisory 
    https://www.oracle.com/security-alerts/cpuApr2021.htmlCVE, GitHub, Inc.Patch Third Party Advisory 
    https://www.oracle.com/security-alerts/cpuapr2022.htmlCVE, GitHub, Inc.Patch Third Party Advisory 
    https://www.oracle.com/security-alerts/cpujan2021.htmlCVE, GitHub, Inc.Third Party Advisory 
    https://www.oracle.com/security-alerts/cpujan2022.htmlCVE, GitHub, Inc.Patch Third Party Advisory 
    https://www.oracle.com/security-alerts/cpujul2020.htmlCVE, GitHub, Inc.Third Party Advisory 
    https://www.oracle.com/security-alerts/cpujul2022.htmlCVE, GitHub, Inc.
    https://www.oracle.com/security-alerts/cpuoct2020.htmlCVE, GitHub, Inc.Third Party Advisory 
    https://www.oracle.com/security-alerts/cpuoct2021.htmlCVE, GitHub, Inc.Patch Third Party Advisory 
    https://www.tenable.com/security/tns-2020-10CVE, GitHub, Inc.Third Party Advisory 
    https://www.tenable.com/security/tns-2020-11CVE, GitHub, Inc.Third Party Advisory 
    https://www.tenable.com/security/tns-2021-02CVE, GitHub, Inc.Third Party Advisory 
    https://www.tenable.com/security/tns-2021-10CVE, GitHub, Inc.Third Party Advisory 

    Weakness Enumeration

    CWE-IDCWE NameSource
    CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')cwe source acceptance levelNIST  GitHub, Inc.  

    Known Affected Software ConfigurationsSwitch to CPE 2.2

    CPEs loading, please wait.

    Denotes Vulnerable Software
    Are we missing a CPE here? Please let us know.

    Change History

    51 change records foundshow changes

    CVE Modified by CVE11/20/2024 11:56:36 PM

    ActionTypeOld ValueNew Value
    http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html


    http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html


    http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html


    http://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html


    https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/


    https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77


    https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2


    https://jquery.com/upgrade-guide/3.5/


    https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E


    https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E


    https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E


    https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E


    https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E


    https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E


    https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E


    https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133%40%3Ccommits.airflow.apache.org%3E


    https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E


    https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E


    https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E


    https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html


    https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html


    https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/


    https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/


    https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/


    https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/


    https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W/


    https://security.gentoo.org/glsa/202007-03


    https://security.netapp.com/advisory/ntap-20200511-0006/


    https://www.debian.org/security/2020/dsa-4693


    https://www.drupal.org/sa-core-2020-002


    https://www.oracle.com//security-alerts/cpujul2021.html


    https://www.oracle.com/security-alerts/cpuApr2021.html


    https://www.oracle.com/security-alerts/cpuapr2022.html


    https://www.oracle.com/security-alerts/cpujan2021.html


    https://www.oracle.com/security-alerts/cpujan2022.html


    https://www.oracle.com/security-alerts/cpujul2020.html


    https://www.oracle.com/security-alerts/cpujul2022.html


    https://www.oracle.com/security-alerts/cpuoct2020.html


    https://www.oracle.com/security-alerts/cpuoct2021.html


    https://www.tenable.com/security/tns-2020-10


    https://www.tenable.com/security/tns-2020-11


    https://www.tenable.com/security/tns-2021-02


    https://www.tenable.com/security/tns-2021-10


    CVE Modified by GitHub, Inc.5/14/2024 2:16:44 AM

    ActionTypeOld ValueNew Value

    CVE Modified by GitHub, Inc.11/06/2023 10:14:27 PM

    ActionTypeOld ValueNew ValueAddedReference
    GitHub, Inc. https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E [No types assigned]


    AddedReference
    GitHub, Inc. https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E [No types assigned]


    AddedReference
    GitHub, Inc. https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E [No types assigned]


    AddedReference
    GitHub, Inc. https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E [No types assigned]


    AddedReference
    GitHub, Inc. https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E [No types assigned]


    AddedReference
    GitHub, Inc. https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E [No types assigned]


    AddedReference
    GitHub, Inc. https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E [No types assigned]


    AddedReference
    GitHub, Inc. https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133%40%3Ccommits.airflow.apache.org%3E [No types assigned]


    AddedReference
    GitHub, Inc. https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E [No types assigned]


    AddedReference
    GitHub, Inc. https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E [No types assigned]


    AddedReference
    GitHub, Inc. https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E [No types assigned]


    AddedReference
    GitHub, Inc. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/ [No types assigned]


    AddedReference
    GitHub, Inc. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/ [No types assigned]


    AddedReference
    GitHub, Inc. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/ [No types assigned]


    AddedReference
    GitHub, Inc. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/ [No types assigned]


    AddedReference
    GitHub, Inc. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W/ [No types assigned]


    RemovedReference
    GitHub, Inc. https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E


    RemovedReference
    GitHub, Inc. https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E


    RemovedReference
    GitHub, Inc. https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E


    RemovedReference
    GitHub, Inc. https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E


    RemovedReference
    GitHub, Inc. https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E


    RemovedReference
    GitHub, Inc. https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E


    RemovedReference
    GitHub, Inc. https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E


    RemovedReference
    GitHub, Inc. https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133@%3Ccommits.airflow.apache.org%3E


    RemovedReference
    GitHub, Inc. https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E


    RemovedReference
    GitHub, Inc. https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E


    RemovedReference
    GitHub, Inc. https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E


    RemovedReference
    GitHub, Inc. https://lists.fedoraproject.org/archives/list/[email protected]/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/


    RemovedReference
    GitHub, Inc. https://lists.fedoraproject.org/archives/list/[email protected]/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/


    RemovedReference
    GitHub, Inc. https://lists.fedoraproject.org/archives/list/[email protected]/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/


    RemovedReference
    GitHub, Inc. https://lists.fedoraproject.org/archives/list/[email protected]/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/


    RemovedReference
    GitHub, Inc. https://lists.fedoraproject.org/archives/list/[email protected]/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W/


    CVE Modified by GitHub, Inc.8/30/2023 11:15:10 PM

    ActionTypeOld ValueNew ValueAddedReference
    https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html [No Types Assigned]


    CVE Modified by GitHub, Inc.7/25/2022 2:15:18 PM

    ActionTypeOld ValueNew ValueAddedReference
    https://www.oracle.com/security-alerts/cpujul2022.html [No Types Assigned]


    Modified Analysis by NIST5/12/2022 11:00:25 AM

    ActionTypeOld ValueNew ValueChangedCPE ConfigurationRecord truncated, showing 2048 of 8406 characters.
    View Entire Change Record
    OR     *cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\::*:*:*:*:*:*:*:* versions from (including) 8.0.0 up to (including) 8.2.2     *cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:* versions from (including) 16.1.0 up to (including) 16.4.0     *cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.6.0.0 up to (including) 8.1.0.0.0     *cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:* versions from (including) 8.0.6 up to (including) 8.0.8     *cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.6:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_asset_liability_management:8.
    Record truncated, showing 2048 of 8559 characters.
    View Entire Change Record
    OR     *cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:* versions up to (excluding) 21.1.2     *cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\::*:*:*:*:*:*:*:* versions from (including) 8.0.0 up to (including) 8.2.2     *cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:* versions from (including) 16.1.0 up to (including) 16.4.0     *cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.6.0.0 up to (including) 8.1.0.0.0     *cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:* versions from (including) 8.0.6 up to (including) 8.0.8     *cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_asset_liability_managemen
    ChangedReference Type
    https://www.oracle.com/security-alerts/cpuapr2022.html No Types Assigned


    https://www.oracle.com/security-alerts/cpuapr2022.html Patch, Third Party Advisory


    CVE Modified by GitHub, Inc.4/19/2022 8:15:21 PM

    ActionTypeOld ValueNew ValueAddedReference
    https://www.oracle.com/security-alerts/cpuapr2022.html [No Types Assigned]


    Modified Analysis by NIST4/04/2022 9:31:07 AM

    ActionTypeOld ValueNew ValueChangedCPE ConfigurationRecord truncated, showing 2048 of 8190 characters.
    View Entire Change Record
    OR     *cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\::*:*:*:*:*:*:*:* versions from (including) 8.0.0 up to (including) 8.2.2     *cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.6.0.0 up to (including) 8.1.0.0.0     *cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:* versions from (including) 8.0.6 up to (including) 8.0.8     *cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.6:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:f
    Record truncated, showing 2048 of 8406 characters.
    View Entire Change Record
    OR     *cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\::*:*:*:*:*:*:*:* versions from (including) 8.0.0 up to (including) 8.2.2     *cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:* versions from (including) 16.1.0 up to (including) 16.4.0     *cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.6.0.0 up to (including) 8.1.0.0.0     *cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:* versions from (including) 8.0.6 up to (including) 8.0.8     *cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.6:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_asset_liability_management:8.
    ChangedReference Type
    https://www.oracle.com/security-alerts/cpujan2022.html No Types Assigned


    https://www.oracle.com/security-alerts/cpujan2022.html Patch, Third Party Advisory


    CVE Modified by GitHub, Inc.2/07/2022 11:15:15 AM

    ActionTypeOld ValueNew ValueAddedReference
    https://www.oracle.com/security-alerts/cpujan2022.html [No Types Assigned]


    Modified Analysis by NIST11/29/2021 12:28:31 PM

    ActionTypeOld ValueNew ValueAddedCPE ConfigurationRecord truncated, showing 2048 of 7726 characters.
    View Entire Change Record
    OR     *cpe:2.3:a:oracle:agile_product_supplier_collaboration_for_process:6.2.0.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:*:*:*:*:*:*:*:* versions from (including) 18.1 up to (including) 20.1     *cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\::*:*:*:*:*:*:*:* versions from (including) 8.0.0 up to (including) 8.2.2     *cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.6 up to (including) 8.1.0     *cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:* versions from (including) 8.0.6 up to (including) 8.0.8     *cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.6:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:*:*:*:*:*:*:*:* versions from (including) 8.0.6 up to (including) 8.0.8     *cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:*:*:*:*:*:*:*:* versions from (including) 8.0.6 up to (incl
    AddedCPE Configuration
    OR     *cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:* versions up to (excluding) 6.0.9


    ChangedReference Type
    https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E No Types Assigned


    https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E Mailing List, Third Party Advisory


    ChangedReference Type
    https://www.oracle.com//security-alerts/cpujul2021.html No Types Assigned


    https://www.oracle.com//security-alerts/cpujul2021.html Patch, Third Party Advisory


    ChangedReference Type
    https://www.oracle.com/security-alerts/cpuApr2021.html No Types Assigned


    https://www.oracle.com/security-alerts/cpuApr2021.html Patch, Third Party Advisory


    ChangedReference Type
    https://www.oracle.com/security-alerts/cpuoct2021.html No Types Assigned


    https://www.oracle.com/security-alerts/cpuoct2021.html Patch, Third Party Advisory


    ChangedReference Type
    https://www.tenable.com/security/tns-2021-10 No Types Assigned


    https://www.tenable.com/security/tns-2021-10 Third Party Advisory


    CVE Modified by GitHub, Inc.11/17/2021 5:17:04 PM

    ActionTypeOld ValueNew ValueAddedReference
    https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E [No Types Assigned]


    CVE Modified by GitHub, Inc.11/09/2021 8:15:51 PM

    ActionTypeOld ValueNew ValueRemovedReference
    https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E [No Types Assigned]


    CVE Modified by GitHub, Inc.10/31/2021 9:15:07 PM

    ActionTypeOld ValueNew ValueAddedReference
    https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E [No Types Assigned]


    CVE Modified by GitHub, Inc.10/20/2021 7:15:33 AM

    ActionTypeOld ValueNew ValueAddedReference
    https://www.oracle.com/security-alerts/cpuoct2021.html [No Types Assigned]


    CVE Modified by GitHub, Inc.7/20/2021 7:15:16 PM

    ActionTypeOld ValueNew ValueAddedReference
    https://www.oracle.com//security-alerts/cpujul2021.html [No Types Assigned]


    CPE Deprecation Remap by NIST7/06/2021 9:26:11 AM

    ActionTypeOld ValueNew ValueChangedCPE Configuration
    OR     *cpe:2.3:a:oracle:agile_product_supplier_collaboration_for_process:6.2.0.0:*:*:*:*:*:*:*


    OR     *cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:*


    CVE Modified by GitHub, Inc.6/14/2021 2:15:21 PM

    ActionTypeOld ValueNew ValueAddedReference
    https://www.oracle.com/security-alerts/cpuApr2021.html [No Types Assigned]


    CVE Modified by GitHub, Inc.6/02/2021 3:15:07 PM

    ActionTypeOld ValueNew ValueAddedReference
    https://www.tenable.com/security/tns-2021-10 [No Types Assigned]


    Modified Analysis by NIST5/05/2021 9:40:14 AM

    ActionTypeOld ValueNew ValueChangedCPE Configuration
    OR     *cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*     *cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:* versions from (including) 3.0 up to (including) 3.1.3     *cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*     *cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*


    OR     *cpe:2.3:a:netapp:max_data:-:*:*:*:*:*:*:*     *cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*     *cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:* versions from (including) 3.0 up to (including) 3.1.3     *cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*     *cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*


    ChangedCPE ConfigurationRecord truncated, showing 2048 of 8120 characters.
    View Entire Change Record
    OR     *cpe:2.3:a:oracle:agile_product_supplier_collaboration_for_process:6.2.0.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\::*:*:*:*:*:*:*:* versions from (including) 8.0.0 up to (including) 8.2.2     *cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.6.0.0 up to (including) 8.1.0.0.0     *cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:* versions from (including) 8.0.6 up to (including) 8.0.8     *cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.6:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:*:*:*:*:*:*:*:* versi
    Record truncated, showing 2048 of 8192 characters.
    View Entire Change Record
    OR     *cpe:2.3:a:oracle:agile_product_supplier_collaboration_for_process:6.2.0.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\::*:*:*:*:*:*:*:* versions from (including) 8.0.0 up to (including) 8.2.2     *cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.6.0.0 up to (including) 8.1.0.0.0     *cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:* versions from (including) 8.0.6 up to (including) 8.0.8     *cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.6:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:*     *cpe:2.3:a:oracle
    ChangedCPE Configuration
    OR     *cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*     *cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*     *cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*


    OR     *cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*     *cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*


    RemovedCPE Configuration
    OR     *cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*


    ChangedReference Type
    https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E No Types Assigned


    https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E Mailing List, Third Party Advisory


    ChangedReference Type
    https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E No Types Assigned


    https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E Mailing List, Third Party Advisory


    ChangedReference Type
    https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E No Types Assigned


    https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E Mailing List, Third Party Advisory


    ChangedReference Type
    https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E No Types Assigned


    https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E Mailing List, Third Party Advisory


    CVE Modified by GitHub, Inc.4/29/2021 9:15:07 PM

    ActionTypeOld ValueNew ValueAddedReference
    https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E [No Types Assigned]


    AddedReference
    https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E [No Types Assigned]


    CVE Modified by GitHub, Inc.4/22/2021 10:15:08 AM

    ActionTypeOld ValueNew ValueAddedReference
    https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E [No Types Assigned]


    AddedReference
    https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E [No Types Assigned]


    Modified Analysis by NIST4/19/2021 4:50:30 PM

    ActionTypeOld ValueNew ValueChangedCPE Configuration
    OR     *cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*


    OR     *cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*     *cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*     *cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*


    RemovedCPE Configuration
    OR     *cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*     *cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*     *cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*     *cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*


    ChangedReference Type
    http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html Mailing List, Third Party Advisory


    http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html Broken Link


    ChangedReference Type
    http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html Mailing List, Third Party Advisory


    http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html Broken Link


    ChangedReference Type
    http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html Mailing List, Third Party Advisory


    http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html Broken Link


    ChangedReference Type
    http://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html No Types Assigned


    http://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html Exploit, Third Party Advisory, VDB Entry


    CVE Modified by GitHub, Inc.4/14/2021 2:15:13 PM

    ActionTypeOld ValueNew ValueAddedReference
    http://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html [No Types Assigned]


    Modified Analysis by NIST3/30/2021 12:46:05 PM

    ActionTypeOld ValueNew ValueAddedCPE Configuration
    OR     *cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*


    ChangedReference Type
    https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html No Types Assigned


    https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html Mailing List, Third Party Advisory


    CVE Modified by GitHub, Inc.3/26/2021 12:15:14 AM

    ActionTypeOld ValueNew ValueAddedReference
    https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html [No Types Assigned]


    Modified Analysis by NIST2/18/2021 8:44:34 AM

    ActionTypeOld ValueNew ValueChangedReference Type
    https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E No Types Assigned


    https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E Mailing List, Third Party Advisory


    ChangedReference Type
    https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E No Types Assigned


    https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E Mailing List, Third Party Advisory


    ChangedReference Type
    https://www.tenable.com/security/tns-2021-02 No Types Assigned


    https://www.tenable.com/security/tns-2021-02 Third Party Advisory


    CVE Modified by GitHub, Inc.2/17/2021 6:15:13 PM

    ActionTypeOld ValueNew ValueAddedReference
    https://www.tenable.com/security/tns-2021-02 [No Types Assigned]


    CVE Modified by GitHub, Inc.2/10/2021 12:15:13 AM

    ActionTypeOld ValueNew ValueAddedReference
    https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E [No Types Assigned]


    AddedReference
    https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E [No Types Assigned]


    Modified Analysis by NIST1/29/2021 9:31:17 PM

    ActionTypeOld ValueNew ValueAddedCPE Configuration
    OR     *cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*


    ChangedReference Type
    https://www.oracle.com/security-alerts/cpujan2021.html No Types Assigned


    https://www.oracle.com/security-alerts/cpujan2021.html Third Party Advisory


    CVE Modified by GitHub, Inc.1/20/2021 10:15:35 AM

    ActionTypeOld ValueNew ValueAddedReference
    https://www.oracle.com/security-alerts/cpujan2021.html [No Types Assigned]


    Modified Analysis by NIST12/22/2020 12:10:58 PM

    ActionTypeOld ValueNew ValueAddedCPE Configuration
    AND     OR          *cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*     OR          cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*


    AddedCPE Configuration
    AND     OR          *cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*     OR          cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*


    AddedCPE Configuration
    AND     OR          *cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*     OR          cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*


    AddedCPE Configuration
    AND     OR          *cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*     OR          cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*


    AddedCPE Configuration
    AND     OR          *cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*     OR          cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*


    AddedCPE Configuration
    AND     OR          *cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*     OR          cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*


    AddedCPE Configuration
    AND     OR          *cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*     OR          cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*


    AddedCPE Configuration
    AND     OR          *cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*     OR          cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*


    AddedCPE Configuration
    OR     *cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0 up to (excluding) 7.70     *cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.7.0 up to (excluding) 8.7.14     *cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.8.0 up to (excluding) 8.8.6


    AddedCPE Configuration
    OR     *cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*     *cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:* versions from (including) 3.0 up to (including) 3.1.3     *cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*     *cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*


    AddedCPE Configuration
    OR     *cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*     *cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*     *cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*     *cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*


    AddedCPE ConfigurationRecord truncated, showing 2048 of 8120 characters.
    View Entire Change Record
    OR     *cpe:2.3:a:oracle:agile_product_supplier_collaboration_for_process:6.2.0.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\::*:*:*:*:*:*:*:* versions from (including) 8.0.0 up to (including) 8.2.2     *cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.6.0.0 up to (including) 8.1.0.0.0     *cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:* versions from (including) 8.0.6 up to (including) 8.0.8     *cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.6:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:*     *cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:*:*:*:*:*:*:*:* versi
    AddedCPE Configuration
    OR     *cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*


    AddedCPE Configuration
    OR     *cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*     *cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*     *cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*


    ChangedReference Type
    http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html No Types Assigned


    http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html Mailing List, Third Party Advisory


    ChangedReference Type
    http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html No Types Assigned


    http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html Mailing List, Third Party Advisory


    ChangedReference Type
    http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html No Types Assigned


    http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html Mailing List, Third Party Advisory


    ChangedReference Type
    https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E No Types Assigned


    https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E Mailing List, Third Party Advisory


    ChangedReference Type
    https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E No Types Assigned


    https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E Mailing List, Third Party Advisory


    ChangedReference Type
    https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E No Types Assigned


    https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E Mailing List, Third Party Advisory


    ChangedReference Type
    https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133@%3Ccommits.airflow.apache.org%3E No Types Assigned


    https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133@%3Ccommits.airflow.apache.org%3E Mailing List, Third Party Advisory


    ChangedReference Type
    https://lists.fedoraproject.org/archives/list/[email protected]/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/ No Types Assigned


    https://lists.fedoraproject.org/archives/list/[email protected]/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/ Third Party Advisory


    ChangedReference Type
    https://lists.fedoraproject.org/archives/list/[email protected]/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/ No Types Assigned


    https://lists.fedoraproject.org/archives/list/[email protected]/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/ Third Party Advisory


    ChangedReference Type
    https://lists.fedoraproject.org/archives/list/[email protected]/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/ No Types Assigned


    https://lists.fedoraproject.org/archives/list/[email protected]/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/ Third Party Advisory


    ChangedReference Type
    https://lists.fedoraproject.org/archives/list/[email protected]/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/ No Types Assigned


    https://lists.fedoraproject.org/archives/list/[email protected]/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/ Third Party Advisory


    ChangedReference Type
    https://lists.fedoraproject.org/archives/list/[email protected]/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W/ No Types Assigned


    https://lists.fedoraproject.org/archives/list/[email protected]/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W/ Third Party Advisory


    ChangedReference Type
    https://security.gentoo.org/glsa/202007-03 No Types Assigned


    https://security.gentoo.org/glsa/202007-03 Third Party Advisory


    ChangedReference Type
    https://security.netapp.com/advisory/ntap-20200511-0006/ No Types Assigned


    https://security.netapp.com/advisory/ntap-20200511-0006/ Third Party Advisory


    ChangedReference Type
    https://www.debian.org/security/2020/dsa-4693 No Types Assigned


    https://www.debian.org/security/2020/dsa-4693 Third Party Advisory


    ChangedReference Type
    https://www.drupal.org/sa-core-2020-002 No Types Assigned


    https://www.drupal.org/sa-core-2020-002 Third Party Advisory


    ChangedReference Type
    https://www.oracle.com/security-alerts/cpujul2020.html No Types Assigned


    https://www.oracle.com/security-alerts/cpujul2020.html Third Party Advisory


    ChangedReference Type
    https://www.oracle.com/security-alerts/cpuoct2020.html No Types Assigned


    https://www.oracle.com/security-alerts/cpuoct2020.html Third Party Advisory


    ChangedReference Type
    https://www.tenable.com/security/tns-2020-10 No Types Assigned


    https://www.tenable.com/security/tns-2020-10 Third Party Advisory


    ChangedReference Type
    https://www.tenable.com/security/tns-2020-11 No Types Assigned


    https://www.tenable.com/security/tns-2020-11 Third Party Advisory


    CVE Modified by GitHub, Inc.12/21/2020 1:15:14 PM

    ActionTypeOld ValueNew ValueAddedReference
    https://www.tenable.com/security/tns-2020-11 [No Types Assigned]


    CVE Modified by GitHub, Inc.12/07/2020 6:15:10 PM

    ActionTypeOld ValueNew ValueAddedReference
    https://www.tenable.com/security/tns-2020-10 [No Types Assigned]


    CVE Modified by GitHub, Inc.11/29/2020 9:15:12 PM

    ActionTypeOld ValueNew ValueAddedReference
    https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E [No Types Assigned]


    CVE Modified by GitHub, Inc.11/09/2020 8:15:12 PM

    ActionTypeOld ValueNew ValueAddedReference
    http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html [No Types Assigned]


    CVE Modified by GitHub, Inc.11/06/2020 2:15:12 AM

    ActionTypeOld ValueNew ValueAddedReference
    https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E [No Types Assigned]


    AddedReference
    https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E [No Types Assigned]


    CVE Modified by GitHub, Inc.10/20/2020 6:15:37 PM

    ActionTypeOld ValueNew ValueAddedReference
    https://www.oracle.com/security-alerts/cpuoct2020.html [No Types Assigned]


    CVE Modified by GitHub, Inc.9/25/2020 4:15:13 PM

    ActionTypeOld ValueNew ValueAddedReference
    https://lists.fedoraproject.org/archives/list/[email protected]/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/ [No Types Assigned]


    CVE Modified by GitHub, Inc.9/13/2020 12:15:09 PM

    ActionTypeOld ValueNew ValueAddedReference
    https://lists.fedoraproject.org/archives/list/[email protected]/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/ [No Types Assigned]


    AddedReference
    https://lists.fedoraproject.org/archives/list/[email protected]/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/ [No Types Assigned]


    CVE Modified by GitHub, Inc.8/20/2020 4:15:11 PM

    ActionTypeOld ValueNew ValueAddedReference
    https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133@%3Ccommits.airflow.apache.org%3E [No Types Assigned]


    CVE Modified by GitHub, Inc.7/27/2020 11:15:11 PM

    ActionTypeOld ValueNew ValueAddedReference
    http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html [No Types Assigned]


    CVE Modified by GitHub, Inc.7/26/2020 9:15:13 PM

    ActionTypeOld ValueNew ValueAddedReference
    https://security.gentoo.org/glsa/202007-03 [No Types Assigned]


    CVE Modified by GitHub, Inc.7/25/2020 8:15:12 PM

    ActionTypeOld ValueNew ValueAddedReference
    http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html [No Types Assigned]


    CVE Modified by GitHub, Inc.7/14/2020 11:15:49 PM

    ActionTypeOld ValueNew ValueAddedReference
    https://www.oracle.com/security-alerts/cpujul2020.html [No Types Assigned]


    CVE Modified by GitHub, Inc.6/16/2020 12:15:11 AM

    ActionTypeOld ValueNew ValueAddedReference
    https://lists.fedoraproject.org/archives/list/[email protected]/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/ [No Types Assigned]


    CVE Modified by GitHub, Inc.5/31/2020 2:15:10 AM

    ActionTypeOld ValueNew ValueAddedReference
    https://lists.fedoraproject.org/archives/list/[email protected]/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W/ [No Types Assigned]


    CVE Modified by GitHub, Inc.5/27/2020 9:15:11 AM

    ActionTypeOld ValueNew ValueAddedReference
    https://www.debian.org/security/2020/dsa-4693 [No Types Assigned]


    CVE Modified by GitHub, Inc.5/22/2020 3:15:15 PM

    ActionTypeOld ValueNew ValueAddedReference
    https://www.drupal.org/sa-core-2020-002 [No Types Assigned]


    CVE Modified by GitHub, Inc.5/11/2020 6:15:11 AM

    ActionTypeOld ValueNew ValueAddedReference
    https://security.netapp.com/advisory/ntap-20200511-0006/ [No Types Assigned]


    Initial Analysis by NIST5/06/2020 3:07:14 PM

    ActionTypeOld ValueNew ValueAddedCVSS V3.1
    NIST AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N


    AddedCVSS V2
    NIST (AV:N/AC:M/Au:N/C:N/I:P/A:N)


    AddedCWE
    NIST CWE-79


    AddedCPE Configuration
    OR     *cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions from (including) 1.2 up to (excluding) 3.5.0


    ChangedReference Type
    https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/ No Types Assigned


    https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/ Release Notes, Vendor Advisory


    ChangedReference Type
    https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77 No Types Assigned


    https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77 Patch, Third Party Advisory


    ChangedReference Type
    https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2 No Types Assigned


    https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2 Mitigation, Third Party Advisory


    ChangedReference Type
    https://jquery.com/upgrade-guide/3.5/ No Types Assigned


    https://jquery.com/upgrade-guide/3.5/ Mitigation, Vendor Advisory


    AddedCVSS V2 Metadata
    Victim must voluntarily interact with attack mechanism


    CVE Modified by GitHub, Inc.4/30/2020 1:15:12 PM

    ActionTypeOld ValueNew ValueChangedDescription
    In jQuery before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.


    In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.


    Quick Info

    CVE Dictionary Entry:
    CVE-2020-11022
    NVD Published Date:
    04/29/2020
    NVD Last Modified:
    11/20/2024
    Source:
    GitHub, Inc.
    [8]ページ先頭
    ©2009-2025 Movatter.jp