CVE-2019-11358: XSS

First published: Wed Mar 27 2019(Updated: )

A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.

Credit: cve@mitre.org cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
maven/org.webjars.npm:jquery	>=1.1.4<3.4.0	3.4.0
nuget/jQuery	>=1.1.4<3.4.0	3.4.0
npm/jquery	>=1.1.4<3.4.0	3.4.0
pip/django	>=2.2a1<2.2.2	2.2.2
pip/django	>=2.0a1<2.1.9	2.1.9
rubygems/jquery-rails	<4.3.4	4.3.4
redhat/ansible-tower	<0:3.5.2-1.el7a	0:3.5.2-1.el7a
redhat/cfme	<0:5.10.9.1-1.el7cf	0:5.10.9.1-1.el7cf
redhat/cfme-amazon-smartstate	<0:5.10.9.1-1.el7cf	0:5.10.9.1-1.el7cf
redhat/cfme-appliance	<0:5.10.9.1-1.el7cf	0:5.10.9.1-1.el7cf
redhat/cfme-gemset	<0:5.10.9.1-1.el7cf	0:5.10.9.1-1.el7cf
redhat/ovirt-ansible-hosted-engine-setup	<0:1.0.23-1.el7e	0:1.0.23-1.el7e
redhat/ovirt-ansible-roles	<0:1.1.7-1.el7e	0:1.1.7-1.el7e
redhat/ovirt-ansible-vm-infra	<0:1.1.19-1.el7e	0:1.1.19-1.el7e
redhat/v2v-conversion-host	<0:1.14.2-1.el7e	0:1.14.2-1.el7e
redhat/ipa	<0:4.6.8-5.el7	0:4.6.8-5.el7
redhat/pcs	<0:0.9.169-3.el7_9.3	0:0.9.169-3.el7_9.3
redhat/pcs	<0:0.10.10-4.el8	0:0.10.10-4.el8
redhat/eap7-hal-console	<0:3.3.16-1.Final_redhat_00001.1.el8ea	0:3.3.16-1.Final_redhat_00001.1.el8ea
redhat/eap7-hal-console	<0:3.3.16-1.Final_redhat_00001.1.el9ea	0:3.3.16-1.Final_redhat_00001.1.el9ea
redhat/eap7-hal-console	<0:3.3.16-1.Final_redhat_00001.1.el7ea	0:3.3.16-1.Final_redhat_00001.1.el7ea
redhat/atomic-enterprise-service-catalog	<1:3.11.170-1.git.1.91db82e.el7	1:3.11.170-1.git.1.91db82e.el7
redhat/atomic-openshift	<0:3.11.170-1.git.0.00cac56.el7	0:3.11.170-1.git.0.00cac56.el7
redhat/atomic-openshift-cluster-autoscaler	<0:3.11.170-1.git.1.0a0df6a.el7	0:3.11.170-1.git.1.0a0df6a.el7
redhat/atomic-openshift-descheduler	<0:3.11.170-1.git.1.9ad83f2.el7	0:3.11.170-1.git.1.9ad83f2.el7
redhat/atomic-openshift-dockerregistry	<0:3.11.170-1.git.1.55fab05.el7	0:3.11.170-1.git.1.55fab05.el7
redhat/atomic-openshift-metrics-server	<0:3.11.170-1.git.1.357f177.el7	0:3.11.170-1.git.1.357f177.el7
redhat/atomic-openshift-node-problem-detector	<0:3.11.170-1.git.1.b1f90a6.el7	0:3.11.170-1.git.1.b1f90a6.el7
redhat/atomic-openshift-service-idler	<0:3.11.170-1.git.1.8328979.el7	0:3.11.170-1.git.1.8328979.el7
redhat/atomic-openshift-web-console	<0:3.11.170-1.git.1.3d64e8b.el7	0:3.11.170-1.git.1.3d64e8b.el7
redhat/cri-o	<0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7	0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7
redhat/golang-github-openshift-oauth-proxy	<0:3.11.170-1.git.1.b49be83.el7	0:3.11.170-1.git.1.b49be83.el7
redhat/golang-github-prometheus-alertmanager	<0:3.11.170-1.git.1.61d7960.el7	0:3.11.170-1.git.1.61d7960.el7
redhat/golang-github-prometheus-prometheus	<0:3.11.170-1.git.1.227bc98.el7	0:3.11.170-1.git.1.227bc98.el7
redhat/jenkins	<0:2.204.2.1580891656-1.el7	0:2.204.2.1580891656-1.el7
redhat/jenkins	<2-plugins-0:3.11.1579107288-1.el7	2-plugins-0:3.11.1579107288-1.el7
redhat/openshift-ansible	<0:3.11.170-2.git.5.8802564.el7	0:3.11.170-2.git.5.8802564.el7
redhat/openshift-enterprise-autoheal	<0:3.11.170-1.git.1.dfe6c52.el7	0:3.11.170-1.git.1.dfe6c52.el7
redhat/openshift-enterprise-cluster-capacity	<0:3.11.170-1.git.1.661684b.el7	0:3.11.170-1.git.1.661684b.el7
redhat/openshift-kuryr	<0:3.11.170-1.git.1.7265da1.el7	0:3.11.170-1.git.1.7265da1.el7
redhat/rh-sso7-keycloak	<0:18.0.6-1.redhat_00001.1.el7	0:18.0.6-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak	<0:18.0.6-1.redhat_00001.1.el8	0:18.0.6-1.redhat_00001.1.el8
redhat/rh-sso7-keycloak	<0:18.0.6-1.redhat_00001.1.el9	0:18.0.6-1.redhat_00001.1.el9
redhat/ovirt-engine-api-explorer	<0:0.0.5-1.el7e	0:0.0.5-1.el7e
redhat/ovirt-engine-ui-extensions	<0:1.0.10-1.el7e	0:1.0.10-1.el7e
redhat/ovirt-web-ui	<0:1.6.0-1.el7e	0:1.6.0-1.el7e
Jquery Jquery	<3.4.0
Debian Debian Linux	=8.0
Debian Debian Linux	=9.0
Drupal Drupal	>=7.0<7.66
Drupal Drupal	>=8.5.0<8.5.15
Drupal Drupal	>=8.6.0<8.6.15
Backdropcms Backdrop	>=1.11.0<1.11.9
Backdropcms Backdrop	>=1.12.0<1.12.6
Fedoraproject Fedora	=28
Fedoraproject Fedora	=29
Fedoraproject Fedora	=30
openSUSE Backports SLE	=15.0-sp1
openSUSE Leap	=15.1
NetApp OnCommand System Manager	>=3.0<=3.1.3
Netapp Snapcenter
Redhat Cloudforms	=4.7
Redhat Virtualization Manager	=4.3
Oracle Agile Product Lifecycle Management for Process	=6.1
Oracle Agile Product Lifecycle Management for Process	=6.2.0.0
Oracle Agile Product Lifecycle Management for Process	=6.2.1.0
Oracle Agile Product Lifecycle Management for Process	=6.2.2.0
Oracle Agile Product Lifecycle Management for Process	=6.2.3.0
Oracle Application Express	<19.1
Oracle Application Service Level Management	=13.2.0.0
Oracle Application Service Level Management	=13.3.0.0
Oracle Application Testing Suite	=12.5.0.3
Oracle Application Testing Suite	=13.1.0.1
Oracle Application Testing Suite	=13.2
Oracle Application Testing Suite	=13.2.0.1
Oracle Application Testing Suite	=13.3
Oracle Application Testing Suite	=13.3.0.1
Oracle Banking Digital Experience	=18.1
Oracle Banking Digital Experience	=18.2
Oracle Banking Digital Experience	=18.3
Oracle Banking Digital Experience	=19.1
Oracle Banking Digital Experience	=19.2
Oracle Banking Digital Experience	=20.1
Oracle Banking Enterprise Collections	>=2.7.0<=2.8.0
Oracle Banking Platform	>=2.4.0<=2.10.0
Oracle BI Publisher	=5.5.0.0.0
Oracle BI Publisher	=12.2.1.3.0
Oracle BI Publisher	=12.2.1.4.0
Oracle Big Data Discovery	=1.6
Oracle Business Process Management Suite	=12.2.1.3.0
Oracle Business Process Management Suite	=12.2.1.4.0
Oracle Communications Analytics	=12.1.1
Oracle Communications Application Session Controller	=3.8m0
Oracle Communications Billing and Revenue Management	=7.5
Oracle Communications Billing and Revenue Management	=7.5.0.23.0
Oracle Communications Billing and Revenue Management	=12.0
Oracle Communications Billing and Revenue Management	=12.0.0.3.0
Oracle Communications Diameter Signaling Router	=8.0.0
Oracle Communications Diameter Signaling Router	=8.1
Oracle Communications Diameter Signaling Router	=8.2
Oracle Communications Diameter Signaling Router	=8.2.1
Oracle Communications EAGLE Application Processor	>=16.1.0<=16.4.0
Oracle Communications Element Manager	=8.1.1
Oracle Communications Element Manager	=8.2.0
Oracle Communications Element Manager	=8.2.1
Oracle Communications Interactive Session Recorder	>=6.0<=6.4
Oracle Communications Operations Monitor	>=4.1<=4.3
Oracle Communications Operations Monitor	=3.4
Oracle Communications Operations Monitor	=4.0
Oracle Communications Operations Monitor	=4.1.0
Oracle Communications Services Gatekeeper	=7.0
Oracle Communications Session Report Manager	=8.1.1
Oracle Communications Session Report Manager	=8.2.0
Oracle Communications Session Report Manager	=8.2.1
Oracle Communications Session Route Manager	=8.1.1
Oracle Communications Session Route Manager	=8.2.0
Oracle Communications Session Route Manager	=8.2.1
Oracle Communications Unified Inventory Management	=7.3
Oracle Communications Unified Inventory Management	=7.4.0
Oracle Communications WebRTC Session Controller	=7.2
Oracle Diagnostic Assistant	=2.12.36
Oracle Enterprise Manager Ops Center	=12.3.3
Oracle Enterprise Manager Ops Center	=12.4.0
Oracle Enterprise Manager Ops Center	=12.4.0.0
Oracle Enterprise Session Border Controller	=8.4
Oracle Financial Services Analytical Applications Infrastructure	>=7.3.3<=7.3.5
Oracle Financial Services Analytical Applications Infrastructure	>=8.0.2<=8.1.0
Oracle Financial Services Analytical Applications Reconciliation Framework	>=8.0.4<=8.0.7
Oracle Financial Services Analytical Applications Reconciliation Framework	=8.1.0
Oracle Financial Services Asset Liability Management	>=8.0.4<=8.0.7
Oracle Financial Services Asset Liability Management	=8.1.0
Oracle Financial Services Balance Sheet Planning	=8.0.8
Oracle Financial Services Basel Regulatory Capital Basic	>=8.0.4<=8.0.7
Oracle Financial Services Basel Regulatory Capital Basic	=8.1.0
Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach	>=8.0.4<=8.0.7
Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach	=8.1.0
Oracle Financial Services Data Foundation	>=8.0.4<=8.0.8
Oracle Financial Services Data Governance For Us Regulatory Reporting	>=8.0.6<=8.0.9
Oracle Financial Services Data Integration Hub	>=8.0.5<=8.0.7
Oracle Financial Services Data Integration Hub	=8.1.0
Oracle Financial Services Enterprise Financial Performance Analytics	=8.0.6
Oracle Financial Services Enterprise Financial Performance Analytics	=8.0.7
Oracle Financial Services Funds Transfer Pricing	>=8.0.4<=8.0.7
Oracle Financial Services Funds Transfer Pricing	=8.1.0
Oracle Financial Services Hedge Management and IFRS Valuations	>=8.0.4<=8.0.7
Oracle Financial Services Hedge Management and IFRS Valuations	=8.1.0
Oracle Financial Services Institutional Performance Analytics	>=8.0.4<=8.0.7
Oracle Financial Services Institutional Performance Analytics	=8.1.0
Oracle Financial Services Liquidity Risk Management	=8.0.0.1.0
Oracle Financial Services Liquidity Risk Management	=8.0.2
Oracle Financial Services Liquidity Risk Management	=8.0.4.0.0
Oracle Financial Services Liquidity Risk Management	=8.0.5.0.0
Oracle Financial Services Liquidity Risk Management	=8.0.6
Oracle Financial Services Liquidity Risk Measurement and Management	=8.0.7
Oracle Financial Services Liquidity Risk Measurement and Management	=8.0.8
Oracle Financial Services Liquidity Risk Measurement and Management	=8.1.0
Oracle Financial Services Loan Loss Forecasting and Provisioning	>=8.0.2<=8.0.7
Oracle Financial Services Loan Loss Forecasting and Provisioning	=8.1.0
Oracle Financial Services Market Risk Measurement and Management	=8.0.5
Oracle Financial Services Market Risk Measurement and Management	=8.0.6
Oracle Financial Services Market Risk Measurement and Management	=8.0.8
Oracle Financial Services Price Creation and Discovery	>=8.0.4<=8.0.7
Oracle Financial Services Profitability Management	>=8.0.4<=8.0.7
Oracle Financial Services Profitability Management	=8.1.0
Oracle Financial Services Regulatory Reporting For De Nederlandsche Bank	=8.0.4
Oracle Financial Services Regulatory Reporting For European Banking Authority	=8.0.6
Oracle Financial Services Regulatory Reporting For European Banking Authority	=8.0.7
Oracle Financial Services Regulatory Reporting For Us Federal Reserve	>=8.0.4<=8.0.7
Oracle Financial Services Retail Customer Analytics	>=8.0.4<=8.0.6
Oracle Financial Services Retail Performance Analytics	=8.0.6
Oracle Financial Services Retail Performance Analytics	=8.0.7
Oracle Financial Services Revenue Management and Billing	=2.4.0.0
Oracle Financial Services Revenue Management and Billing	=2.4.0.1
Oracle Fusion Middleware MapViewer	=12.2.1.3.0
Oracle Healthcare Foundation	=7.1.1
Oracle Healthcare Foundation	=7.2.0
Oracle Healthcare Foundation	=7.2.2
Oracle Healthcare Foundation	=7.3.0
Oracle Healthcare Translational Research	=3.1.0
Oracle Healthcare Translational Research	=3.2.1
Oracle Healthcare Translational Research	=3.3.1
Oracle Healthcare Translational Research	=3.3.2
Oracle Healthcare Translational Research	=3.4.0
Oracle Hospitality Guest Access	=4.2.0
Oracle Hospitality Guest Access	=4.2.1
Oracle Hospitality Materials Control	=18.1
Oracle Hospitality Simphony	>=19.1.0<=19.1.2
Oracle Hospitality Simphony	=18.1
Oracle Hospitality Simphony	=18.2
Oracle Identity Manager	=12.2.1.3.0
Oracle Insurance Accounting Analyzer	=8.0.9
Oracle Insurance Allocation Manager For Enterprise Profitability	=8.0.8
Oracle Insurance Allocation Manager For Enterprise Profitability	=8.1.0
Oracle Insurance Data Foundation	>=8.0.4<=8.0.7
Oracle Insurance Ifrs 17 Analyzer	=8.0.6
Oracle Insurance Ifrs 17 Analyzer	=8.0.7
Oracle Insurance Insbridge Rating And Underwriting	>=5.0.0.0<=5.6.0.0
Oracle Insurance Insbridge Rating And Underwriting	=5.6.1.0
Oracle Insurance Performance Insight	=8.0.7
Oracle Jd Edwards Enterpriseone Tools	=9.2
Oracle JDeveloper	=11.1.1.9.0
Oracle JDeveloper	=12.2.1.3.0
Oracle JDeveloper	=12.2.1.4.0
Oracle Jdeveloper And Adf	=11.1.1.9.0
Oracle Jdeveloper And Adf	=12.1.3.0.0
Oracle Jdeveloper And Adf	=12.2.1.3.0
Oracle Knowledge	>=8.6.0<=8.6.3
Oracle PeopleSoft Enterprise PeopleTools	=8.55
Oracle PeopleSoft Enterprise PeopleTools	=8.56
Oracle PeopleSoft Enterprise PeopleTools	=8.57
Oracle PeopleSoft Enterprise PeopleTools	=8.58
Oracle Policy Automation	>=12.2.0<=12.2.15
Oracle Policy Automation	=10.4.7
Oracle Policy Automation	=12.1.0
Oracle Policy Automation	=12.1.1
Oracle Policy Automation Connector For Siebel	=10.4.6
Oracle Policy Automation For Mobile Devices	>=12.2.0<=12.2.15
Oracle Primavera Gateway	>=16.2.0<=16.2.11
Oracle Primavera Gateway	>=17.12.0<=17.12.7
Oracle Primavera Gateway	>=18.8.0<=18.8.9
Oracle Primavera Gateway	>=19.12.0<=19.12.4
Oracle Primavera Gateway	=15.2.18
Oracle Primavera Unifier	>=17.7<=17.12
Oracle Primavera Unifier	=16.1
Oracle Primavera Unifier	=16.2
Oracle Primavera Unifier	=18.8
Oracle Real-Time Scheduler	>=2.3.0.1<=2.3.0.3
Oracle REST Data Services	=11.2.0.4
Oracle REST Data Services	=12.1.0.2
Oracle REST Data Services	=12.2.0.1
Oracle REST Data Services	=18c
Oracle REST Data Services	=19c
Oracle Retail Back Office	=14.0
Oracle Retail Back Office	=14.1
Oracle Retail Central Office	=14.0
Oracle Retail Central Office	=14.1
Oracle Retail Customer Insights	=15.0
Oracle Retail Customer Insights	=16.0
Oracle Retail Customer Management and Segmentation Foundation	=18.0
Oracle Retail Customer Management and Segmentation Foundation	=19.0
Oracle Retail Point-of-Service	=14.0
Oracle Retail Point-of-Service	=14.1
Oracle Retail Returns Management	=14.0
Oracle Retail Returns Management	=14.1
Oracle Service Bus	=11.1.1.9.0
Oracle Service Bus	=12.1.3.0.0
Oracle Service Bus	=12.2.1.3.0
Oracle Siebel Mobile Applications	<=19.8
Oracle Siebel Ui Framework	=20.8
Oracle Storagetek Tape Analytics Sw Tool	=2.3.0
Oracle System Utilities	=19.1
Oracle Tape Library Acsls	=8.5
Oracle Tape Library Acsls	=8.5.1
Oracle Transportation Management	=1.4.3
Oracle Utilities Mobile Workforce Management	>=2.3.0.1<=2.3.0.3
Oracle WebCenter Sites	=12.2.1.3.0
Oracle WebLogic Server	=10.3.6.0.0
Oracle WebLogic Server	=12.1.3.0.0
Oracle WebLogic Server	=12.2.1.3.0
Oracle WebLogic Server	=12.2.1.4.0
Oracle WebLogic Server	=14.1.1.0.0
Joomla Joomla\!	>=3.0.0<=3.9.4
Juniper JUNOS	=21.2
jQuery JavaScript library	=3.4.0
debian/jquery	<=3.1.1-2<=3.3.1~dfsg-1	3.3.1~dfsg-2 3.1.1-2+deb9u1
Debian Debian Linux	=10.0
redhat/jquery	<3.4.0	3.4.0
redhat/drupal	<7.66	7.66
IBM Security Verify Governance - Identity Manager, Software component	<=ISVG 10.0.2
debian/jquery		3.3.1~dfsg-3+deb10u1
debian/mediawiki		1:1.31.16-1+deb10u2 1:1.31.16-1+deb10u7 1:1.35.13-1~deb11u1 1:1.35.13-1+deb11u2 1:1.39.5-1~deb12u1 1:1.39.7-1~deb12u1 1:1.39.7-1
debian/node-jquery		2.2.4+dfsg-4 3.5.1+dfsg+~3.5.5-7 3.6.1+dfsg+~3.5.14-1
debian/otrs2	<=6.0.16-2	6.0.16-2+deb10u1 6.0.32-6

Never miss a vulnerability like this again

Reference Links

collector/redhat-cve
collector/nvd-index
agent/type
agent/first-publish-date
agent/severity
agent/weakness
agent/author
collector/debian-bugs
source/Debian
alias/CVE-2019-11358
agent/software-canonical-lookup
collector/zdnet-article
source/ZDNet
agent/description
agent/event
collector/nvd-api
source/NVD
agent/remedy
collector/redhat-bugzilla
source/Red Hat
collector/ibm-support
source/IBM
agent/software-canonical-lookup-request
collector/security-tracker-debian
agent/softwarecombine
collector/github-advisory-latest
source/GitHub
alias/GHSA-6c3j-c64m-qhgq
agent/last-modified-date
agent/references
collector/nvd-cve
agent/tags
collector/github-advisory
package-manager/redhat
vendor/jquery
canonical/jquery jquery
vendor/debian
canonical/debian debian linux
version/debian debian linux/8.0
version/debian debian linux/9.0
vendor/drupal
canonical/drupal drupal
version/drupal drupal/7.0
version/drupal drupal/8.5.0
version/drupal drupal/8.6.0
vendor/backdropcms
canonical/backdropcms backdrop
version/backdropcms backdrop/1.11.0
version/backdropcms backdrop/1.12.0
vendor/fedoraproject
canonical/fedoraproject fedora
version/fedoraproject fedora/28
version/fedoraproject fedora/29
version/fedoraproject fedora/30
vendor/opensuse
canonical/opensuse backports sle
version/opensuse backports sle/15.0-sp1
canonical/opensuse leap
version/opensuse leap/15.1
vendor/netapp
canonical/netapp oncommand system manager
version/netapp oncommand system manager/3.0
version/netapp oncommand system manager/3.1.3
canonical/netapp snapcenter
vendor/redhat
canonical/redhat cloudforms
version/redhat cloudforms/4.7
canonical/redhat virtualization manager
version/redhat virtualization manager/4.3
vendor/oracle
canonical/oracle agile product lifecycle management for process
version/oracle agile product lifecycle management for process/6.1
version/oracle agile product lifecycle management for process/6.2.0.0
version/oracle agile product lifecycle management for process/6.2.1.0
version/oracle agile product lifecycle management for process/6.2.2.0
version/oracle agile product lifecycle management for process/6.2.3.0
canonical/oracle application express
canonical/oracle application service level management
version/oracle application service level management/13.2.0.0
version/oracle application service level management/13.3.0.0
canonical/oracle application testing suite
version/oracle application testing suite/12.5.0.3
version/oracle application testing suite/13.1.0.1
version/oracle application testing suite/13.2
version/oracle application testing suite/13.2.0.1
version/oracle application testing suite/13.3
version/oracle application testing suite/13.3.0.1
canonical/oracle banking digital experience
version/oracle banking digital experience/18.1
version/oracle banking digital experience/18.2
version/oracle banking digital experience/18.3
version/oracle banking digital experience/19.1
version/oracle banking digital experience/19.2
version/oracle banking digital experience/20.1
canonical/oracle banking enterprise collections
version/oracle banking enterprise collections/2.7.0
version/oracle banking enterprise collections/2.8.0
canonical/oracle banking platform
version/oracle banking platform/2.4.0
version/oracle banking platform/2.10.0
canonical/oracle bi publisher
version/oracle bi publisher/5.5.0.0.0
version/oracle bi publisher/12.2.1.3.0
version/oracle bi publisher/12.2.1.4.0
canonical/oracle big data discovery
version/oracle big data discovery/1.6
canonical/oracle business process management suite
version/oracle business process management suite/12.2.1.3.0
version/oracle business process management suite/12.2.1.4.0
canonical/oracle communications analytics
version/oracle communications analytics/12.1.1
canonical/oracle communications application session controller
version/oracle communications application session controller/3.8m0
canonical/oracle communications billing and revenue management
version/oracle communications billing and revenue management/7.5
version/oracle communications billing and revenue management/7.5.0.23.0
version/oracle communications billing and revenue management/12.0
version/oracle communications billing and revenue management/12.0.0.3.0
canonical/oracle communications diameter signaling router
version/oracle communications diameter signaling router/8.0.0
version/oracle communications diameter signaling router/8.1
version/oracle communications diameter signaling router/8.2
version/oracle communications diameter signaling router/8.2.1
canonical/oracle communications eagle application processor
version/oracle communications eagle application processor/16.1.0
version/oracle communications eagle application processor/16.4.0
canonical/oracle communications element manager
version/oracle communications element manager/8.1.1
version/oracle communications element manager/8.2.0
version/oracle communications element manager/8.2.1
canonical/oracle communications interactive session recorder
version/oracle communications interactive session recorder/6.0
version/oracle communications interactive session recorder/6.4
canonical/oracle communications operations monitor
version/oracle communications operations monitor/4.1
version/oracle communications operations monitor/4.3
version/oracle communications operations monitor/3.4
version/oracle communications operations monitor/4.0
version/oracle communications operations monitor/4.1.0
canonical/oracle communications services gatekeeper
version/oracle communications services gatekeeper/7.0
canonical/oracle communications session report manager
version/oracle communications session report manager/8.1.1
version/oracle communications session report manager/8.2.0
version/oracle communications session report manager/8.2.1
canonical/oracle communications session route manager
version/oracle communications session route manager/8.1.1
version/oracle communications session route manager/8.2.0
version/oracle communications session route manager/8.2.1
canonical/oracle communications unified inventory management
version/oracle communications unified inventory management/7.3
version/oracle communications unified inventory management/7.4.0
canonical/oracle communications webrtc session controller
version/oracle communications webrtc session controller/7.2
canonical/oracle diagnostic assistant
version/oracle diagnostic assistant/2.12.36
canonical/oracle enterprise manager ops center
version/oracle enterprise manager ops center/12.3.3
version/oracle enterprise manager ops center/12.4.0
version/oracle enterprise manager ops center/12.4.0.0
canonical/oracle enterprise session border controller
version/oracle enterprise session border controller/8.4
canonical/oracle financial services analytical applications infrastructure
version/oracle financial services analytical applications infrastructure/7.3.3
version/oracle financial services analytical applications infrastructure/7.3.5
version/oracle financial services analytical applications infrastructure/8.0.2
version/oracle financial services analytical applications infrastructure/8.1.0
canonical/oracle financial services analytical applications reconciliation framework
version/oracle financial services analytical applications reconciliation framework/8.0.4
version/oracle financial services analytical applications reconciliation framework/8.0.7
version/oracle financial services analytical applications reconciliation framework/8.1.0
canonical/oracle financial services asset liability management
version/oracle financial services asset liability management/8.0.4
version/oracle financial services asset liability management/8.0.7
version/oracle financial services asset liability management/8.1.0
canonical/oracle financial services balance sheet planning
version/oracle financial services balance sheet planning/8.0.8
canonical/oracle financial services basel regulatory capital basic
version/oracle financial services basel regulatory capital basic/8.0.4
version/oracle financial services basel regulatory capital basic/8.0.7
version/oracle financial services basel regulatory capital basic/8.1.0
canonical/oracle financial services basel regulatory capital internal ratings based approach
version/oracle financial services basel regulatory capital internal ratings based approach/8.0.4
version/oracle financial services basel regulatory capital internal ratings based approach/8.0.7
version/oracle financial services basel regulatory capital internal ratings based approach/8.1.0
canonical/oracle financial services data foundation
version/oracle financial services data foundation/8.0.4
version/oracle financial services data foundation/8.0.8
canonical/oracle financial services data governance for us regulatory reporting
version/oracle financial services data governance for us regulatory reporting/8.0.6
version/oracle financial services data governance for us regulatory reporting/8.0.9
canonical/oracle financial services data integration hub
version/oracle financial services data integration hub/8.0.5
version/oracle financial services data integration hub/8.0.7
version/oracle financial services data integration hub/8.1.0
canonical/oracle financial services enterprise financial performance analytics
version/oracle financial services enterprise financial performance analytics/8.0.6
version/oracle financial services enterprise financial performance analytics/8.0.7
canonical/oracle financial services funds transfer pricing
version/oracle financial services funds transfer pricing/8.0.4
version/oracle financial services funds transfer pricing/8.0.7
version/oracle financial services funds transfer pricing/8.1.0
canonical/oracle financial services hedge management and ifrs valuations
version/oracle financial services hedge management and ifrs valuations/8.0.4
version/oracle financial services hedge management and ifrs valuations/8.0.7
version/oracle financial services hedge management and ifrs valuations/8.1.0
canonical/oracle financial services institutional performance analytics
version/oracle financial services institutional performance analytics/8.0.4
version/oracle financial services institutional performance analytics/8.0.7
version/oracle financial services institutional performance analytics/8.1.0
canonical/oracle financial services liquidity risk management
version/oracle financial services liquidity risk management/8.0.0.1.0
version/oracle financial services liquidity risk management/8.0.2
version/oracle financial services liquidity risk management/8.0.4.0.0
version/oracle financial services liquidity risk management/8.0.5.0.0
version/oracle financial services liquidity risk management/8.0.6
canonical/oracle financial services liquidity risk measurement and management
version/oracle financial services liquidity risk measurement and management/8.0.7
version/oracle financial services liquidity risk measurement and management/8.0.8
version/oracle financial services liquidity risk measurement and management/8.1.0
canonical/oracle financial services loan loss forecasting and provisioning
version/oracle financial services loan loss forecasting and provisioning/8.0.2
version/oracle financial services loan loss forecasting and provisioning/8.0.7
version/oracle financial services loan loss forecasting and provisioning/8.1.0
canonical/oracle financial services market risk measurement and management
version/oracle financial services market risk measurement and management/8.0.5
version/oracle financial services market risk measurement and management/8.0.6
version/oracle financial services market risk measurement and management/8.0.8
canonical/oracle financial services price creation and discovery
version/oracle financial services price creation and discovery/8.0.4
version/oracle financial services price creation and discovery/8.0.7
canonical/oracle financial services profitability management
version/oracle financial services profitability management/8.0.4
version/oracle financial services profitability management/8.0.7
version/oracle financial services profitability management/8.1.0
canonical/oracle financial services regulatory reporting for de nederlandsche bank
version/oracle financial services regulatory reporting for de nederlandsche bank/8.0.4
canonical/oracle financial services regulatory reporting for european banking authority
version/oracle financial services regulatory reporting for european banking authority/8.0.6
version/oracle financial services regulatory reporting for european banking authority/8.0.7
canonical/oracle financial services regulatory reporting for us federal reserve
version/oracle financial services regulatory reporting for us federal reserve/8.0.4
version/oracle financial services regulatory reporting for us federal reserve/8.0.7
canonical/oracle financial services retail customer analytics
version/oracle financial services retail customer analytics/8.0.4
version/oracle financial services retail customer analytics/8.0.6
canonical/oracle financial services retail performance analytics
version/oracle financial services retail performance analytics/8.0.6
version/oracle financial services retail performance analytics/8.0.7
canonical/oracle financial services revenue management and billing
version/oracle financial services revenue management and billing/2.4.0.0
version/oracle financial services revenue management and billing/2.4.0.1
canonical/oracle fusion middleware mapviewer
version/oracle fusion middleware mapviewer/12.2.1.3.0
canonical/oracle healthcare foundation
version/oracle healthcare foundation/7.1.1
version/oracle healthcare foundation/7.2.0
version/oracle healthcare foundation/7.2.2
version/oracle healthcare foundation/7.3.0
canonical/oracle healthcare translational research
version/oracle healthcare translational research/3.1.0
version/oracle healthcare translational research/3.2.1
version/oracle healthcare translational research/3.3.1
version/oracle healthcare translational research/3.3.2
version/oracle healthcare translational research/3.4.0
canonical/oracle hospitality guest access
version/oracle hospitality guest access/4.2.0
version/oracle hospitality guest access/4.2.1
canonical/oracle hospitality materials control
version/oracle hospitality materials control/18.1
canonical/oracle hospitality simphony
version/oracle hospitality simphony/19.1.0
version/oracle hospitality simphony/19.1.2
version/oracle hospitality simphony/18.1
version/oracle hospitality simphony/18.2
canonical/oracle identity manager
version/oracle identity manager/12.2.1.3.0
canonical/oracle insurance accounting analyzer
version/oracle insurance accounting analyzer/8.0.9
canonical/oracle insurance allocation manager for enterprise profitability
version/oracle insurance allocation manager for enterprise profitability/8.0.8
version/oracle insurance allocation manager for enterprise profitability/8.1.0
canonical/oracle insurance data foundation
version/oracle insurance data foundation/8.0.4
version/oracle insurance data foundation/8.0.7
canonical/oracle insurance ifrs 17 analyzer
version/oracle insurance ifrs 17 analyzer/8.0.6
version/oracle insurance ifrs 17 analyzer/8.0.7
canonical/oracle insurance insbridge rating and underwriting
version/oracle insurance insbridge rating and underwriting/5.0.0.0
version/oracle insurance insbridge rating and underwriting/5.6.0.0
version/oracle insurance insbridge rating and underwriting/5.6.1.0
canonical/oracle insurance performance insight
version/oracle insurance performance insight/8.0.7
canonical/oracle jd edwards enterpriseone tools
version/oracle jd edwards enterpriseone tools/9.2
canonical/oracle jdeveloper
version/oracle jdeveloper/11.1.1.9.0
version/oracle jdeveloper/12.2.1.3.0
version/oracle jdeveloper/12.2.1.4.0
canonical/oracle jdeveloper and adf
version/oracle jdeveloper and adf/11.1.1.9.0
version/oracle jdeveloper and adf/12.1.3.0.0
version/oracle jdeveloper and adf/12.2.1.3.0
canonical/oracle knowledge
version/oracle knowledge/8.6.0
version/oracle knowledge/8.6.3
canonical/oracle peoplesoft enterprise peopletools
version/oracle peoplesoft enterprise peopletools/8.55
version/oracle peoplesoft enterprise peopletools/8.56
version/oracle peoplesoft enterprise peopletools/8.57
version/oracle peoplesoft enterprise peopletools/8.58
canonical/oracle policy automation
version/oracle policy automation/12.2.0
version/oracle policy automation/12.2.15
version/oracle policy automation/10.4.7
version/oracle policy automation/12.1.0
version/oracle policy automation/12.1.1
canonical/oracle policy automation connector for siebel
version/oracle policy automation connector for siebel/10.4.6
canonical/oracle policy automation for mobile devices
version/oracle policy automation for mobile devices/12.2.0
version/oracle policy automation for mobile devices/12.2.15
canonical/oracle primavera gateway
version/oracle primavera gateway/16.2.0
version/oracle primavera gateway/16.2.11
version/oracle primavera gateway/17.12.0
version/oracle primavera gateway/17.12.7
version/oracle primavera gateway/18.8.0
version/oracle primavera gateway/18.8.9
version/oracle primavera gateway/19.12.0
version/oracle primavera gateway/19.12.4
version/oracle primavera gateway/15.2.18
canonical/oracle primavera unifier
version/oracle primavera unifier/17.7
version/oracle primavera unifier/17.12
version/oracle primavera unifier/16.1
version/oracle primavera unifier/16.2
version/oracle primavera unifier/18.8
canonical/oracle real-time scheduler
version/oracle real-time scheduler/2.3.0.1
version/oracle real-time scheduler/2.3.0.3
canonical/oracle rest data services
version/oracle rest data services/11.2.0.4
version/oracle rest data services/12.1.0.2
version/oracle rest data services/12.2.0.1
version/oracle rest data services/18c
version/oracle rest data services/19c
canonical/oracle retail back office
version/oracle retail back office/14.0
version/oracle retail back office/14.1
canonical/oracle retail central office
version/oracle retail central office/14.0
version/oracle retail central office/14.1
canonical/oracle retail customer insights
version/oracle retail customer insights/15.0
version/oracle retail customer insights/16.0
canonical/oracle retail customer management and segmentation foundation
version/oracle retail customer management and segmentation foundation/18.0
version/oracle retail customer management and segmentation foundation/19.0
canonical/oracle retail point-of-service
version/oracle retail point-of-service/14.0
version/oracle retail point-of-service/14.1
canonical/oracle retail returns management
version/oracle retail returns management/14.0
version/oracle retail returns management/14.1
canonical/oracle service bus
version/oracle service bus/11.1.1.9.0
version/oracle service bus/12.1.3.0.0
version/oracle service bus/12.2.1.3.0
canonical/oracle siebel mobile applications
version/oracle siebel mobile applications/19.8
canonical/oracle siebel ui framework
version/oracle siebel ui framework/20.8
canonical/oracle storagetek tape analytics sw tool
version/oracle storagetek tape analytics sw tool/2.3.0
canonical/oracle system utilities
version/oracle system utilities/19.1
canonical/oracle tape library acsls
version/oracle tape library acsls/8.5
version/oracle tape library acsls/8.5.1
canonical/oracle transportation management
version/oracle transportation management/1.4.3
canonical/oracle utilities mobile workforce management
version/oracle utilities mobile workforce management/2.3.0.1
version/oracle utilities mobile workforce management/2.3.0.3
canonical/oracle webcenter sites
version/oracle webcenter sites/12.2.1.3.0
canonical/oracle weblogic server
version/oracle weblogic server/10.3.6.0.0
version/oracle weblogic server/12.1.3.0.0
version/oracle weblogic server/12.2.1.3.0
version/oracle weblogic server/12.2.1.4.0
version/oracle weblogic server/14.1.1.0.0
vendor/joomla
canonical/joomla joomla\!
version/joomla joomla\!/3.0.0
version/joomla joomla\!/3.9.4
vendor/juniper
canonical/juniper junos
version/juniper junos/21.2
canonical/jquery javascript library
version/jquery javascript library/3.4.0
package-manager/debian
version/debian debian linux/10.0
vendor/ibm
canonical/ibm security verify governance - identity manager, software component
version/ibm security verify governance - identity manager, software component/isvg 10.0.2
package-manager/maven
package-manager/nuget
package-manager/npm
package-manager/pip
package-manager/rubygems

CVE-2019-11358: XSS

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Company

Resources

Contact