FortiClient VulnerabilitySecurity Vulnerabilities fixed in jquery RHSA-2020:4847
Description
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System. Security Fix(es): * jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251) * bootstrap: XSS in the data-target attribute (CVE-2016-10735) * bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040) * bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042) * bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331) * jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358) * jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022) * jquery: Passing HTML containing
Affected Applications
jquery
CVE References
CVE-2015-9251 CVE-2016-10735 CVE-2018-14040 CVE-2018-14042 CVE-2019-10146 CVE-2019-10179 CVE-2019-10221 CVE-2019-11358 CVE-2019-8331 CVE-2020-11022 CVE-2020-11023 CVE-2020-15720 CVE-2020-1721Other References
https://access.redhat.com/errata/RHSA-2020:4847| ID | 65415 |
| Created | Nov 07, 2020 |
| Description Updated |
Dec 20, 2023 |
| Risk |
|
| Coverage | FortiClient |
| OS | Linux |
| Vendor | RedHat |
| Patch | auto |
| Application | jquery |