First published: Tue Nov 03 2020(Updated: )
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.<br>Security Fix(es):<br><li> jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)</li> <li> bootstrap: XSS in the data-target attribute (CVE-2016-10735)</li> <li> bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)</li> <li> bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)</li> <li> bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)</li> <li> jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)</li> <li> jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)</li> <li> jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)</li> <li> pki: Dogtag's python client does not validate certificates (CVE-2020-15720)</li> <li> pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)</li> <li> pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)</li> <li> pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)</li> <li> pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Additional Changes:<br>For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/apache-commons-collections | <3.2.2-10.module+el8.1.0+3366+6dfb954c | 3.2.2-10.module+el8.1.0+3366+6dfb954c |
redhat/apache-commons-lang | <2.6-21.module+el8.1.0+3366+6dfb954c | 2.6-21.module+el8.1.0+3366+6dfb954c |
redhat/apache-commons-net | <3.6-3.module+el8.3.0+6805+72837426 | 3.6-3.module+el8.3.0+6805+72837426 |
redhat/bea-stax | <1.2.0-16.module+el8.1.0+3366+6dfb954c | 1.2.0-16.module+el8.1.0+3366+6dfb954c |
redhat/glassfish-fastinfoset | <1.2.13-9.module+el8.1.0+3366+6dfb954c | 1.2.13-9.module+el8.1.0+3366+6dfb954c |
redhat/glassfish-jaxb | <2.2.11-11.module+el8.1.0+3366+6dfb954c | 2.2.11-11.module+el8.1.0+3366+6dfb954c |
redhat/glassfish-jaxb-api | <2.2.12-8.module+el8.1.0+3366+6dfb954c | 2.2.12-8.module+el8.1.0+3366+6dfb954c |
redhat/jackson-annotations | <2.10.0-1.module+el8.2.0+5059+3eb3af25 | 2.10.0-1.module+el8.2.0+5059+3eb3af25 |
redhat/jackson-core | <2.10.0-1.module+el8.2.0+5059+3eb3af25 | 2.10.0-1.module+el8.2.0+5059+3eb3af25 |
redhat/jackson-databind | <2.10.0-1.module+el8.2.0+5059+3eb3af25 | 2.10.0-1.module+el8.2.0+5059+3eb3af25 |
redhat/jackson-jaxrs-providers | <2.9.9-1.module+el8.1.0+3832+9784644d | 2.9.9-1.module+el8.1.0+3832+9784644d |
redhat/jackson-module-jaxb-annotations | <2.7.6-4.module+el8.1.0+3366+6dfb954c | 2.7.6-4.module+el8.1.0+3366+6dfb954c |
redhat/jakarta-commons-httpclient | <3.1-28.module+el8.1.0+3366+6dfb954c | 3.1-28.module+el8.1.0+3366+6dfb954c |
redhat/javassist | <3.18.1-8.module+el8.1.0+3366+6dfb954c | 3.18.1-8.module+el8.1.0+3366+6dfb954c |
redhat/pki-servlet-engine | <9.0.30-1.module+el8.3.0+6730+8f9c6254 | 9.0.30-1.module+el8.3.0+6730+8f9c6254 |
redhat/python-nss | <1.0.1-10.module+el8.1.0+3366+6dfb954c | 1.0.1-10.module+el8.1.0+3366+6dfb954c |
redhat/resteasy | <3.0.26-3.module+el8.2.0+5723+4574fbff | 3.0.26-3.module+el8.2.0+5723+4574fbff |
redhat/slf4j | <1.7.25-4.module+el8.1.0+3366+6dfb954c | 1.7.25-4.module+el8.1.0+3366+6dfb954c |
redhat/stax-ex | <1.7.7-8.module+el8.2.0+5723+4574fbff | 1.7.7-8.module+el8.2.0+5723+4574fbff |
redhat/velocity | <1.7-24.module+el8.1.0+3366+6dfb954c | 1.7-24.module+el8.1.0+3366+6dfb954c |
redhat/xalan-j2 | <2.7.1-38.module+el8.1.0+3366+6dfb954c | 2.7.1-38.module+el8.1.0+3366+6dfb954c |
redhat/xerces-j2 | <2.11.0-34.module+el8.1.0+3366+6dfb954c | 2.11.0-34.module+el8.1.0+3366+6dfb954c |
redhat/xml-commons-apis | <1.4.01-25.module+el8.1.0+3366+6dfb954c | 1.4.01-25.module+el8.1.0+3366+6dfb954c |
redhat/xml-commons-resolver | <1.2-26.module+el8.1.0+3366+6dfb954c | 1.2-26.module+el8.1.0+3366+6dfb954c |
redhat/xmlstreambuffer | <1.5.4-8.module+el8.2.0+5723+4574fbff | 1.5.4-8.module+el8.2.0+5723+4574fbff |
redhat/xsom | <0-19.20110809svn.module+el8.1.0+3366+6dfb954c | 0-19.20110809svn.module+el8.1.0+3366+6dfb954c |
redhat/jss | <4.7.3-1.module+el8.3.0+8058+d5cd4219 | 4.7.3-1.module+el8.3.0+8058+d5cd4219 |
redhat/ldapjdk | <4.22.0-1.module+el8.3.0+6784+6e1e4c62 | 4.22.0-1.module+el8.3.0+6784+6e1e4c62 |
redhat/pki-core | <10.9.4-1.module+el8.3.0+8058+d5cd4219 | 10.9.4-1.module+el8.3.0+8058+d5cd4219 |
redhat/tomcatjss | <7.5.0-1.module+el8.3.0+7355+c59bcbd9 | 7.5.0-1.module+el8.3.0+7355+c59bcbd9 |
redhat/apache-commons-collections | <3.2.2-10.module+el8.1.0+3366+6dfb954c | 3.2.2-10.module+el8.1.0+3366+6dfb954c |
redhat/apache-commons-lang | <2.6-21.module+el8.1.0+3366+6dfb954c | 2.6-21.module+el8.1.0+3366+6dfb954c |
redhat/apache-commons-net | <3.6-3.module+el8.3.0+6805+72837426 | 3.6-3.module+el8.3.0+6805+72837426 |
redhat/bea-stax-api | <1.2.0-16.module+el8.1.0+3366+6dfb954c | 1.2.0-16.module+el8.1.0+3366+6dfb954c |
redhat/glassfish-fastinfoset | <1.2.13-9.module+el8.1.0+3366+6dfb954c | 1.2.13-9.module+el8.1.0+3366+6dfb954c |
redhat/glassfish-jaxb-api | <2.2.12-8.module+el8.1.0+3366+6dfb954c | 2.2.12-8.module+el8.1.0+3366+6dfb954c |
redhat/glassfish-jaxb-core | <2.2.11-11.module+el8.1.0+3366+6dfb954c | 2.2.11-11.module+el8.1.0+3366+6dfb954c |
redhat/glassfish-jaxb-runtime | <2.2.11-11.module+el8.1.0+3366+6dfb954c | 2.2.11-11.module+el8.1.0+3366+6dfb954c |
redhat/glassfish-jaxb-txw2 | <2.2.11-11.module+el8.1.0+3366+6dfb954c | 2.2.11-11.module+el8.1.0+3366+6dfb954c |
redhat/jackson-annotations | <2.10.0-1.module+el8.2.0+5059+3eb3af25 | 2.10.0-1.module+el8.2.0+5059+3eb3af25 |
redhat/jackson-core | <2.10.0-1.module+el8.2.0+5059+3eb3af25 | 2.10.0-1.module+el8.2.0+5059+3eb3af25 |
redhat/jackson-databind | <2.10.0-1.module+el8.2.0+5059+3eb3af25 | 2.10.0-1.module+el8.2.0+5059+3eb3af25 |
redhat/jackson-jaxrs-json-provider | <2.9.9-1.module+el8.1.0+3832+9784644d | 2.9.9-1.module+el8.1.0+3832+9784644d |
redhat/jackson-jaxrs-providers | <2.9.9-1.module+el8.1.0+3832+9784644d | 2.9.9-1.module+el8.1.0+3832+9784644d |
redhat/jackson-module-jaxb-annotations | <2.7.6-4.module+el8.1.0+3366+6dfb954c | 2.7.6-4.module+el8.1.0+3366+6dfb954c |
redhat/jakarta-commons-httpclient | <3.1-28.module+el8.1.0+3366+6dfb954c | 3.1-28.module+el8.1.0+3366+6dfb954c |
redhat/javassist | <3.18.1-8.module+el8.1.0+3366+6dfb954c | 3.18.1-8.module+el8.1.0+3366+6dfb954c |
redhat/javassist-javadoc | <3.18.1-8.module+el8.1.0+3366+6dfb954c | 3.18.1-8.module+el8.1.0+3366+6dfb954c |
redhat/pki-servlet | <4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254 | 4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254 |
redhat/pki-servlet-engine | <9.0.30-1.module+el8.3.0+6730+8f9c6254 | 9.0.30-1.module+el8.3.0+6730+8f9c6254 |
redhat/resteasy | <3.0.26-3.module+el8.2.0+5723+4574fbff | 3.0.26-3.module+el8.2.0+5723+4574fbff |
redhat/slf4j | <1.7.25-4.module+el8.1.0+3366+6dfb954c | 1.7.25-4.module+el8.1.0+3366+6dfb954c |
redhat/slf4j-jdk14 | <1.7.25-4.module+el8.1.0+3366+6dfb954c | 1.7.25-4.module+el8.1.0+3366+6dfb954c |
redhat/stax-ex | <1.7.7-8.module+el8.2.0+5723+4574fbff | 1.7.7-8.module+el8.2.0+5723+4574fbff |
redhat/velocity | <1.7-24.module+el8.1.0+3366+6dfb954c | 1.7-24.module+el8.1.0+3366+6dfb954c |
redhat/xalan-j2 | <2.7.1-38.module+el8.1.0+3366+6dfb954c | 2.7.1-38.module+el8.1.0+3366+6dfb954c |
redhat/xerces-j2 | <2.11.0-34.module+el8.1.0+3366+6dfb954c | 2.11.0-34.module+el8.1.0+3366+6dfb954c |
redhat/xml-commons-apis | <1.4.01-25.module+el8.1.0+3366+6dfb954c | 1.4.01-25.module+el8.1.0+3366+6dfb954c |
redhat/xml-commons-resolver | <1.2-26.module+el8.1.0+3366+6dfb954c | 1.2-26.module+el8.1.0+3366+6dfb954c |
redhat/xmlstreambuffer | <1.5.4-8.module+el8.2.0+5723+4574fbff | 1.5.4-8.module+el8.2.0+5723+4574fbff |
redhat/xsom | <0-19.20110809svn.module+el8.1.0+3366+6dfb954c | 0-19.20110809svn.module+el8.1.0+3366+6dfb954c |
redhat/ldapjdk | <4.22.0-1.module+el8.3.0+6784+6e1e4c62 | 4.22.0-1.module+el8.3.0+6784+6e1e4c62 |
redhat/ldapjdk-javadoc | <4.22.0-1.module+el8.3.0+6784+6e1e4c62 | 4.22.0-1.module+el8.3.0+6784+6e1e4c62 |
redhat/pki-base | <10.9.4-1.module+el8.3.0+8058+d5cd4219 | 10.9.4-1.module+el8.3.0+8058+d5cd4219 |
redhat/pki-base-java | <10.9.4-1.module+el8.3.0+8058+d5cd4219 | 10.9.4-1.module+el8.3.0+8058+d5cd4219 |
redhat/pki-ca | <10.9.4-1.module+el8.3.0+8058+d5cd4219 | 10.9.4-1.module+el8.3.0+8058+d5cd4219 |
redhat/pki-kra | <10.9.4-1.module+el8.3.0+8058+d5cd4219 | 10.9.4-1.module+el8.3.0+8058+d5cd4219 |
redhat/pki-server | <10.9.4-1.module+el8.3.0+8058+d5cd4219 | 10.9.4-1.module+el8.3.0+8058+d5cd4219 |
redhat/python3-pki | <10.9.4-1.module+el8.3.0+8058+d5cd4219 | 10.9.4-1.module+el8.3.0+8058+d5cd4219 |
redhat/tomcatjss | <7.5.0-1.module+el8.3.0+7355+c59bcbd9 | 7.5.0-1.module+el8.3.0+7355+c59bcbd9 |
redhat/jss | <4.7.3-1.module+el8.3.0+8058+d5cd4219 | 4.7.3-1.module+el8.3.0+8058+d5cd4219 |
redhat/jss-debuginfo | <4.7.3-1.module+el8.3.0+8058+d5cd4219 | 4.7.3-1.module+el8.3.0+8058+d5cd4219 |
redhat/jss-debugsource | <4.7.3-1.module+el8.3.0+8058+d5cd4219 | 4.7.3-1.module+el8.3.0+8058+d5cd4219 |
redhat/jss-javadoc | <4.7.3-1.module+el8.3.0+8058+d5cd4219 | 4.7.3-1.module+el8.3.0+8058+d5cd4219 |
redhat/pki-core-debuginfo | <10.9.4-1.module+el8.3.0+8058+d5cd4219 | 10.9.4-1.module+el8.3.0+8058+d5cd4219 |
redhat/pki-core-debugsource | <10.9.4-1.module+el8.3.0+8058+d5cd4219 | 10.9.4-1.module+el8.3.0+8058+d5cd4219 |
redhat/pki-symkey | <10.9.4-1.module+el8.3.0+8058+d5cd4219 | 10.9.4-1.module+el8.3.0+8058+d5cd4219 |
redhat/pki-symkey-debuginfo | <10.9.4-1.module+el8.3.0+8058+d5cd4219 | 10.9.4-1.module+el8.3.0+8058+d5cd4219 |
redhat/pki-tools | <10.9.4-1.module+el8.3.0+8058+d5cd4219 | 10.9.4-1.module+el8.3.0+8058+d5cd4219 |
redhat/pki-tools-debuginfo | <10.9.4-1.module+el8.3.0+8058+d5cd4219 | 10.9.4-1.module+el8.3.0+8058+d5cd4219 |
redhat/python-nss-debugsource | <1.0.1-10.module+el8.1.0+3366+6dfb954c | 1.0.1-10.module+el8.1.0+3366+6dfb954c |
redhat/python-nss-doc | <1.0.1-10.module+el8.1.0+3366+6dfb954c | 1.0.1-10.module+el8.1.0+3366+6dfb954c |
redhat/python3-nss | <1.0.1-10.module+el8.1.0+3366+6dfb954c | 1.0.1-10.module+el8.1.0+3366+6dfb954c |
redhat/python3-nss-debuginfo | <1.0.1-10.module+el8.1.0+3366+6dfb954c | 1.0.1-10.module+el8.1.0+3366+6dfb954c |
redhat/python-nss-debugsource | <1.0.1-10.module+el8.1.0+3366+6dfb954c | 1.0.1-10.module+el8.1.0+3366+6dfb954c |
redhat/python-nss-doc | <1.0.1-10.module+el8.1.0+3366+6dfb954c | 1.0.1-10.module+el8.1.0+3366+6dfb954c |
redhat/python3-nss | <1.0.1-10.module+el8.1.0+3366+6dfb954c | 1.0.1-10.module+el8.1.0+3366+6dfb954c |
redhat/python3-nss-debuginfo | <1.0.1-10.module+el8.1.0+3366+6dfb954c | 1.0.1-10.module+el8.1.0+3366+6dfb954c |
redhat/jss-debuginfo | <4.7.3-1.module+el8.3.0+8058+d5cd4219 | 4.7.3-1.module+el8.3.0+8058+d5cd4219 |
redhat/jss-debugsource | <4.7.3-1.module+el8.3.0+8058+d5cd4219 | 4.7.3-1.module+el8.3.0+8058+d5cd4219 |
redhat/jss-javadoc | <4.7.3-1.module+el8.3.0+8058+d5cd4219 | 4.7.3-1.module+el8.3.0+8058+d5cd4219 |
redhat/pki-core-debuginfo | <10.9.4-1.module+el8.3.0+8058+d5cd4219 | 10.9.4-1.module+el8.3.0+8058+d5cd4219 |
redhat/pki-core-debugsource | <10.9.4-1.module+el8.3.0+8058+d5cd4219 | 10.9.4-1.module+el8.3.0+8058+d5cd4219 |
redhat/pki-symkey | <10.9.4-1.module+el8.3.0+8058+d5cd4219 | 10.9.4-1.module+el8.3.0+8058+d5cd4219 |
redhat/pki-symkey-debuginfo | <10.9.4-1.module+el8.3.0+8058+d5cd4219 | 10.9.4-1.module+el8.3.0+8058+d5cd4219 |
redhat/pki-tools | <10.9.4-1.module+el8.3.0+8058+d5cd4219 | 10.9.4-1.module+el8.3.0+8058+d5cd4219 |
redhat/pki-tools-debuginfo | <10.9.4-1.module+el8.3.0+8058+d5cd4219 | 10.9.4-1.module+el8.3.0+8058+d5cd4219 |
redhat/jss | <4.7.3-1.module+el8.3.0+8058+d5cd4219 | 4.7.3-1.module+el8.3.0+8058+d5cd4219 |
redhat/jss-debuginfo | <4.7.3-1.module+el8.3.0+8058+d5cd4219 | 4.7.3-1.module+el8.3.0+8058+d5cd4219 |
redhat/jss-debugsource | <4.7.3-1.module+el8.3.0+8058+d5cd4219 | 4.7.3-1.module+el8.3.0+8058+d5cd4219 |
redhat/jss-javadoc | <4.7.3-1.module+el8.3.0+8058+d5cd4219 | 4.7.3-1.module+el8.3.0+8058+d5cd4219 |
redhat/pki-core-debuginfo | <10.9.4-1.module+el8.3.0+8058+d5cd4219 | 10.9.4-1.module+el8.3.0+8058+d5cd4219 |
redhat/pki-core-debugsource | <10.9.4-1.module+el8.3.0+8058+d5cd4219 | 10.9.4-1.module+el8.3.0+8058+d5cd4219 |
redhat/pki-symkey | <10.9.4-1.module+el8.3.0+8058+d5cd4219 | 10.9.4-1.module+el8.3.0+8058+d5cd4219 |
redhat/pki-symkey-debuginfo | <10.9.4-1.module+el8.3.0+8058+d5cd4219 | 10.9.4-1.module+el8.3.0+8058+d5cd4219 |
redhat/pki-tools | <10.9.4-1.module+el8.3.0+8058+d5cd4219 | 10.9.4-1.module+el8.3.0+8058+d5cd4219 |
redhat/pki-tools-debuginfo | <10.9.4-1.module+el8.3.0+8058+d5cd4219 | 10.9.4-1.module+el8.3.0+8058+d5cd4219 |
redhat/python-nss-debugsource | <1.0.1-10.module+el8.1.0+3366+6dfb954c | 1.0.1-10.module+el8.1.0+3366+6dfb954c |
redhat/python-nss-doc | <1.0.1-10.module+el8.1.0+3366+6dfb954c | 1.0.1-10.module+el8.1.0+3366+6dfb954c |
redhat/python3-nss | <1.0.1-10.module+el8.1.0+3366+6dfb954c | 1.0.1-10.module+el8.1.0+3366+6dfb954c |
redhat/python3-nss-debuginfo | <1.0.1-10.module+el8.1.0+3366+6dfb954c | 1.0.1-10.module+el8.1.0+3366+6dfb954c |
redhat/python-nss-debugsource | <1.0.1-10.module+el8.1.0+3366+6dfb954c.aa | 1.0.1-10.module+el8.1.0+3366+6dfb954c.aa |
redhat/python-nss-doc | <1.0.1-10.module+el8.1.0+3366+6dfb954c.aa | 1.0.1-10.module+el8.1.0+3366+6dfb954c.aa |
redhat/python3-nss | <1.0.1-10.module+el8.1.0+3366+6dfb954c.aa | 1.0.1-10.module+el8.1.0+3366+6dfb954c.aa |
redhat/python3-nss-debuginfo | <1.0.1-10.module+el8.1.0+3366+6dfb954c.aa | 1.0.1-10.module+el8.1.0+3366+6dfb954c.aa |
redhat/jss | <4.7.3-1.module+el8.3.0+8058+d5cd4219.aa | 4.7.3-1.module+el8.3.0+8058+d5cd4219.aa |
redhat/jss-debuginfo | <4.7.3-1.module+el8.3.0+8058+d5cd4219.aa | 4.7.3-1.module+el8.3.0+8058+d5cd4219.aa |
redhat/jss-debugsource | <4.7.3-1.module+el8.3.0+8058+d5cd4219.aa | 4.7.3-1.module+el8.3.0+8058+d5cd4219.aa |
redhat/jss-javadoc | <4.7.3-1.module+el8.3.0+8058+d5cd4219.aa | 4.7.3-1.module+el8.3.0+8058+d5cd4219.aa |
redhat/pki-core-debuginfo | <10.9.4-1.module+el8.3.0+8058+d5cd4219.aa | 10.9.4-1.module+el8.3.0+8058+d5cd4219.aa |
redhat/pki-core-debugsource | <10.9.4-1.module+el8.3.0+8058+d5cd4219.aa | 10.9.4-1.module+el8.3.0+8058+d5cd4219.aa |
redhat/pki-symkey | <10.9.4-1.module+el8.3.0+8058+d5cd4219.aa | 10.9.4-1.module+el8.3.0+8058+d5cd4219.aa |
redhat/pki-symkey-debuginfo | <10.9.4-1.module+el8.3.0+8058+d5cd4219.aa | 10.9.4-1.module+el8.3.0+8058+d5cd4219.aa |
redhat/pki-tools | <10.9.4-1.module+el8.3.0+8058+d5cd4219.aa | 10.9.4-1.module+el8.3.0+8058+d5cd4219.aa |
redhat/pki-tools-debuginfo | <10.9.4-1.module+el8.3.0+8058+d5cd4219.aa | 10.9.4-1.module+el8.3.0+8058+d5cd4219.aa |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.