Download
| Alert*
oval:org.secpod.oval:def:1504088
[4.6.8-5.0.1] - Blank out header-logo.png product-name.png - Replace login-screen-logo.png [Orabug: 20362818] [4.6.8-5.el7] - Resolves: #1826659 IPA: Ldap authentication failure due to Kerberos principal expiration UTC timestamp - ipa-pwd-extop: use timegm instead of mktime to preserve timezone offs ... oval:org.secpod.oval:def:1700459 jQuery before 3.0.0 is vulnerable to Cross-site Scripting attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute ... oval:org.secpod.oval:def:68021 Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. The following packages have been upgraded to a later upstream version: ipa , softhsm , opendnssec . Security Fix: * js-jquery: ... oval:org.secpod.oval:def:1505191 bind-dyndb-ldap [11.3-1] - New upstream release - Resolves: rhbz#1845211 ipa [4.8.7-12.0.1] - Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674] [4.8.7-12] - Require selinux sub package in the proper version Related: RHBZ#1868432 - SELinux: do not double-define node_t and pki_tomcat_ ... oval:org.secpod.oval:def:66420 The host is installed with Oracle WebLogic Server component in Oracle WebLogic Server through 12.1.3.0, 12.2.1.3, 12.2.1.4 or 14.1.1.0 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle Console (jQuery). Successful exploitation can caus ... oval:org.secpod.oval:def:66410 The host is installed with Oracle WebLogic Server component in Oracle WebLogic Server through 12.1.3.0, 12.2.1.3, 12.2.1.4 or 14.1.1.0 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle Console (jQuery). Successful exploitation can caus ... oval:org.secpod.oval:def:504711 Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. The following packages have been upgraded to a later upstream version: ipa , softhsm , opendnssec . Security Fix: * js-jquery: ... oval:org.secpod.oval:def:2500214 AlmaLinux Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. oval:org.secpod.oval:def:205618 Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. The following packages have been upgraded to a later upstream version: ipa . Security Fix: * js-jquery: Cross-site scripting vi ... oval:org.secpod.oval:def:66399 The host is installed with Oracle WebLogic Server component in Oracle WebLogic Server through 12.1.3.0, 12.2.1.3, 12.2.1.4 or 14.1.1.0 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle Console (jQuery). Successful exploitation can caus ... oval:org.secpod.oval:def:504340 Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. The following packages have been upgraded to a later upstream version: ipa . Security Fix: * js-jquery: Cross-site scripting vi ... oval:org.secpod.oval:def:68019 The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System. Security Fix: * jquery: Cross-site scripting via cross-domain ajax requests * bootstrap: XSS in the data-target attribute * bootstrap: Cross-site Scripting in the collapse data-parent attribu ... oval:org.secpod.oval:def:604867 Several vulnerabilities were discovered in Drupal, a fully-featured content management framework, which could result in an open redirect or cross-site scripting. oval:org.secpod.oval:def:2106105 Oracle Solaris 11 - ( CVE-2020-11022 ) oval:org.secpod.oval:def:504689 The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System. Security Fix: * jquery: Cross-site scripting via cross-domain ajax requests * bootstrap: XSS in the data-target attribute * bootstrap: Cross-site Scripting in the collapse data-parent attribu ... oval:org.secpod.oval:def:2500205 The Public Key Infrastructure Core contains fundamental packages required by AlmaLinux Certificate System. oval:org.secpod.oval:def:1505309 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:118705 Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. oval:org.secpod.oval:def:118704 Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. oval:org.secpod.oval:def:1505554 [1.10.4.custom-4.0.1] - Backport jQuery CVE-2020-11022 and CVE-2020-11023 fixes to bundled jQuery v1.10.2 [Orabug: 33869588] [1.10.4.custom-4] - removed %%defattr from specfile - removed Group from specfile - removed BuildRoot from specfiles * Tue May 10 2016 Grant Gainey 1.10.4.custom-3 - jquery-ui ... oval:org.secpod.oval:def:64148 Several vulnerabilities were discovered in Drupal, a fully-featured content management framework, which could result in an open redirect or cross-site scripting. oval:org.secpod.oval:def:118285 Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. |