CVE-2019-11358

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.

CVSS v3 6.1 MEDIUM
CVSS v2.0 4.3 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html	Mailing List Third Party Advisory
http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html	Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html	Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html	Third Party Advisory VDB Entry
http://seclists.org/fulldisclosure/2019/May/10	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2019/May/11	Mailing List Patch Third Party Advisory
http://seclists.org/fulldisclosure/2019/May/13	Mailing List Patch Third Party Advisory
http://www.openwall.com/lists/oss-security/2019/06/03/2	Mailing List Patch Third Party Advisory
http://www.securityfocus.com/bid/108023	Broken Link Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHBA-2019:1570	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:1456	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2587	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3023	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3024	Third Party Advisory
https://backdropcms.org/security/backdrop-sa-core-2019-009	Third Party Advisory
https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/	Release Notes Vendor Advisory
https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b	Patch Third Party Advisory
https://github.com/jquery/jquery/pull/4333	Patch Third Party Advisory
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601	Third Party Advisory
https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E	Issue Tracking
https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E	Issue Tracking
https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E	Issue Tracking
https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E	Issue Tracking
https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E	Issue Tracking
https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E	Issue Tracking
https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E	Issue Tracking
https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E	Issue Tracking
https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E	Issue Tracking
https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E	Issue Tracking
https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E	Issue Tracking
https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E	Issue Tracking
https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E	Issue Tracking
https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E	Issue Tracking
https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E	Issue Tracking
https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E	Issue Tracking
https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E	Issue Tracking
https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E	Issue Tracking
https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E	Issue Tracking
https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html	Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html	Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html	Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/	Mailing List Third Party Advisory
https://seclists.org/bugtraq/2019/Apr/32	Mailing List Third Party Advisory
https://seclists.org/bugtraq/2019/Jun/12	Issue Tracking Mailing List Third Party Advisory
https://seclists.org/bugtraq/2019/May/18	Mailing List Patch Third Party Advisory
https://security.netapp.com/advisory/ntap-20190919-0001/	Third Party Advisory
https://snyk.io/vuln/SNYK-JS-JQUERY-174006	Exploit Third Party Advisory
https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1	Third Party Advisory
https://www.debian.org/security/2019/dsa-4434	Third Party Advisory
https://www.debian.org/security/2019/dsa-4460	Third Party Advisory
https://www.drupal.org/sa-core-2019-006	Patch Third Party Advisory
https://www.oracle.com//security-alerts/cpujul2021.html	Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuApr2021.html	Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2020.html	Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2020.html	Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2021.html	Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2022.html	Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2020.html	Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2020.html	Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html	Patch Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html	Patch Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html	Patch Third Party Advisory
https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/	Patch Third Party Advisory
https://www.synology.com/security/advisory/Synology_SA_19_19	Third Party Advisory
https://www.tenable.com/security/tns-2019-08	Third Party Advisory
https://www.tenable.com/security/tns-2020-02	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:9.0:::::::*
	cpe:2.3:o:debian:debian_linux:10.0:::::::*

Configuration 3 (hide)

OR	cpe:2.3:a:drupal:drupal::::::::
	cpe:2.3:a:drupal:drupal::::::::
	cpe:2.3:a:drupal:drupal::::::::

Configuration 4 (hide)

OR	cpe:2.3:a:backdropcms:backdrop::::::::
	cpe:2.3:a:backdropcms:backdrop::::::::

Configuration 5 (hide)

OR	cpe:2.3:o:fedoraproject:fedora:28:::::::*
	cpe:2.3:o:fedoraproject:fedora:29:::::::*
	cpe:2.3:o:fedoraproject:fedora:30:::::::*

Configuration 6 (hide)

OR	cpe:2.3:a:opensuse:backports_sle:15.0:sp1::::::
	cpe:2.3:o:opensuse:leap:15.1:::::::*

Configuration 7 (hide)

OR	cpe:2.3:a:netapp:oncommand_system_manager::::::::
	cpe:2.3:a:netapp:snapcenter:-:::::::*

Configuration 8 (hide)

OR	cpe:2.3:a:redhat:cloudforms:4.7:::::::*
	cpe:2.3:a:redhat:virtualization_manager:4.3:::::::*

Configuration 9 (hide)

OR	cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.1:::::::*
	cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:::::::*
	cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.1.0:::::::*
	cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.2.0:::::::*
	cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.3.0:::::::*
	cpe:2.3:a:oracle:application_express::::::::
	cpe:2.3:a:oracle:application_service_level_management:13.2.0.0:::::::*
	cpe:2.3:a:oracle:application_service_level_management:13.3.0.0:::::::*
	cpe:2.3:a:oracle:application_testing_suite:12.5.0.3:::::::*
	cpe:2.3:a:oracle:application_testing_suite:13.1.0.1:::::::*
	cpe:2.3:a:oracle:application_testing_suite:13.2:::::::*
	cpe:2.3:a:oracle:application_testing_suite:13.2.0.1:::::::*
	cpe:2.3:a:oracle:application_testing_suite:13.3:::::::*
	cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:::::::*
	cpe:2.3:a:oracle:banking_digital_experience:18.1:::::::*
	cpe:2.3:a:oracle:banking_digital_experience:18.2:::::::*
	cpe:2.3:a:oracle:banking_digital_experience:18.3:::::::*
	cpe:2.3:a:oracle:banking_digital_experience:19.1:::::::*
	cpe:2.3:a:oracle:banking_digital_experience:19.2:::::::*
	cpe:2.3:a:oracle:banking_digital_experience:20.1:::::::*
	cpe:2.3:a:oracle:banking_enterprise_collections::::::::
	cpe:2.3:a:oracle:banking_platform::::::::
	cpe:2.3:a:oracle:bi_publisher:5.5.0.0.0:::::::*
	cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:::::::*
	cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*
	cpe:2.3:a:oracle:big_data_discovery:1.6:::::::*
	cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:::::::*
	cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:::::::*
	cpe:2.3:a:oracle:communications_analytics:12.1.1:::::::*
	cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:::::::*
	cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:::::::*
	cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:::::::*
	cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:::::::*
	cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:::::::*
	cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0:::::::*
	cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:::::::*
	cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:::::::*
	cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:::::::*
	cpe:2.3:a:oracle:communications_eagle_application_processor::::::::
	cpe:2.3:a:oracle:communications_element_manager:8.1.1:::::::*
	cpe:2.3:a:oracle:communications_element_manager:8.2.0:::::::*
	cpe:2.3:a:oracle:communications_element_manager:8.2.1:::::::*
	cpe:2.3:a:oracle:communications_interactive_session_recorder::::::::
	cpe:2.3:a:oracle:communications_operations_monitor::::::::
	cpe:2.3:a:oracle:communications_operations_monitor:3.4:::::::*
	cpe:2.3:a:oracle:communications_operations_monitor:4.0:::::::*
	cpe:2.3:a:oracle:communications_operations_monitor:4.1.0:::::::*
	cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:::::::*
	cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:::::::*
	cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:::::::*
	cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:::::::*
	cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:::::::*
	cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:::::::*
	cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:::::::*
	cpe:2.3:a:oracle:communications_unified_inventory_management:7.3:::::::*
	cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:::::::*
	cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:::::::*
	cpe:2.3:a:oracle:diagnostic_assistant:2.12.36:::::::*
	cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*
	cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:::::::*
	cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:::::::*
	cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:::::::*
	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure::::::::
	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure::::::::
cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework::::::::
cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:::::::*
cpe:2.3:a:oracle:financial_services_asset_liability_management::::::::
cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:::::::*
cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:::::::*
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic::::::::
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0:::::::*
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach::::::::
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0:::::::*
cpe:2.3:a:oracle:financial_services_data_foundation::::::::
cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting::::::::
cpe:2.3:a:oracle:financial_services_data_integration_hub::::::::
cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0:::::::*
cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.6:::::::*
cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.7:::::::*
cpe:2.3:a:oracle:financial_services_funds_transfer_pricing::::::::
cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0:::::::*
cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations::::::::
cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0:::::::*
cpe:2.3:a:oracle:financial_services_institutional_performance_analytics::::::::
cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:::::::*
cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.0.1.0:::::::*
cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.2:::::::*
cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.4.0.0:::::::*
cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.5.0.0:::::::*
cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6:::::::*
cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7:::::::*
cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8:::::::*
cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0:::::::*
cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning::::::::
cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0:::::::*
cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.5:::::::*
cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:::::::*
cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:::::::*
cpe:2.3:a:oracle:financial_services_price_creation_and_discovery::::::::
cpe:2.3:a:oracle:financial_services_profitability_management::::::::
cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0:::::::*
cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_de_nederlandsche_bank:8.0.4:::::::*
cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:8.0.6:::::::*
cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:8.0.7:::::::*
cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve::::::::
cpe:2.3:a:oracle:financial_services_retail_customer_analytics::::::::
cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.6:::::::*
cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.7:::::::*
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.4.0.0:::::::*
cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.4.0.1:::::::*
cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3.0:::::::*
cpe:2.3:a:oracle:healthcare_foundation:7.1.1:::::::*
cpe:2.3:a:oracle:healthcare_foundation:7.2.0:::::::*
cpe:2.3:a:oracle:healthcare_foundation:7.2.2:::::::*
cpe:2.3:a:oracle:healthcare_foundation:7.3.0:::::::*
cpe:2.3:a:oracle:healthcare_translational_research:3.1.0:::::::*
cpe:2.3:a:oracle:healthcare_translational_research:3.2.1:::::::*
cpe:2.3:a:oracle:healthcare_translational_research:3.3.1:::::::*
cpe:2.3:a:oracle:healthcare_translational_research:3.3.2:::::::*
cpe:2.3:a:oracle:healthcare_translational_research:3.4.0:::::::*
cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:::::::*
cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:::::::*
cpe:2.3:a:oracle:hospitality_materials_control:18.1:::::::*
cpe:2.3:a:oracle:hospitality_simphony::::::::
cpe:2.3:a:oracle:hospitality_simphony:18.1:::::::*
cpe:2.3:a:oracle:hospitality_simphony:18.2:::::::*
cpe:2.3:a:oracle:identity_manager:12.2.1.3.0:::::::*
cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9:::::::*
cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8:::::::*
cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0:::::::*
cpe:2.3:a:oracle:insurance_data_foundation::::::::
cpe:2.3:a:oracle:insurance_ifrs_17_analyzer:8.0.6:::::::*
cpe:2.3:a:oracle:insurance_ifrs_17_analyzer:8.0.7:::::::*
cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting::::::::
cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:::::::*
cpe:2.3:a:oracle:insurance_performance_insight:8.0.7:::::::*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:::::::*
cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:::::::*
cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:::::::*
cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:::::::*
cpe:2.3:a:oracle:jdeveloper_and_adf:11.1.1.9.0:::::::*
cpe:2.3:a:oracle:jdeveloper_and_adf:12.1.3.0.0:::::::*
cpe:2.3:a:oracle:jdeveloper_and_adf:12.2.1.3.0:::::::*
cpe:2.3:a:oracle:knowledge::::::::
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:::::::*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:::::::*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:::::::*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:::::::*
cpe:2.3:a:oracle:policy_automation::::::::
cpe:2.3:a:oracle:policy_automation:10.4.7:::::::*
cpe:2.3:a:oracle:policy_automation:12.1.0:::::::*
cpe:2.3:a:oracle:policy_automation:12.1.1:::::::*
cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:::::::*
cpe:2.3:a:oracle:policy_automation_for_mobile_devices::::::::
cpe:2.3:a:oracle:primavera_gateway::::::::
cpe:2.3:a:oracle:primavera_gateway::::::::
cpe:2.3:a:oracle:primavera_gateway::::::::
cpe:2.3:a:oracle:primavera_gateway::::::::
cpe:2.3:a:oracle:primavera_gateway:15.2.18:::::::*
cpe:2.3:a:oracle:primavera_unifier::::::::
cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*
cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*
cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*
cpe:2.3:a:oracle:real-time_scheduler::::::::
cpe:2.3:a:oracle:rest_data_services:11.2.0.4::::-:::
cpe:2.3:a:oracle:rest_data_services:12.1.0.2::::-:::
cpe:2.3:a:oracle:rest_data_services:12.2.0.1::::-:::
cpe:2.3:a:oracle:rest_data_services:18c::::-:::
cpe:2.3:a:oracle:rest_data_services:19c::::-:::
cpe:2.3:a:oracle:retail_back_office:14.0:::::::*
cpe:2.3:a:oracle:retail_back_office:14.1:::::::*
cpe:2.3:a:oracle:retail_central_office:14.0:::::::*
cpe:2.3:a:oracle:retail_central_office:14.1:::::::*
cpe:2.3:a:oracle:retail_customer_insights:15.0:::::::*
cpe:2.3:a:oracle:retail_customer_insights:16.0:::::::*
cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:18.0:::::::*
cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:::::::*
cpe:2.3:a:oracle:retail_point-of-service:14.0:::::::*
cpe:2.3:a:oracle:retail_point-of-service:14.1:::::::*
cpe:2.3:a:oracle:retail_returns_management:14.0:::::::*
cpe:2.3:a:oracle:retail_returns_management:14.1:::::::*
cpe:2.3:a:oracle:service_bus:11.1.1.9.0:::::::*
cpe:2.3:a:oracle:service_bus:12.1.3.0.0:::::::*
cpe:2.3:a:oracle:service_bus:12.2.1.3.0:::::::*
cpe:2.3:a:oracle:siebel_mobile_applications::::::::
cpe:2.3:a:oracle:siebel_ui_framework:20.8:::::::*
cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3.0:::::::*
cpe:2.3:a:oracle:system_utilities:19.1:::::::*
cpe:2.3:a:oracle:tape_library_acsls:8.5:::::::*
cpe:2.3:a:oracle:tape_library_acsls:8.5.1:::::::*
cpe:2.3:a:oracle:transportation_management:1.4.3:::::::*
cpe:2.3:a:oracle:utilities_mobile_workforce_management::::::::
cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:::::::*
cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:::::::*
cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:::::::*
cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*
cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*
cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*

Configuration 10 (hide)

cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*

Configuration 11 (hide)

cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*

History

16 Feb 2024, 16:32

07 Nov 2023, 03:02

Type	Values Removed	Values Added
References	{'url': 'https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E', 'name': '[nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E', 'name': '[roller-commits] 20190820 [jira] [Created] (ROL-2150) Fix Js security vulnerabilities detected using retire js', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/', 'name': 'FEDORA-2019-eba8e44ee6', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'} {'url': 'https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205@%3Ccommits.airflow.apache.org%3E', 'name': '[airflow-commits] 20190428 [GitHub] [airflow] feng-tao opened a new pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73@%3Cissues.flink.apache.org%3E', 'name': '[flink-issues] 20200518 [jira] [Updated] (FLINK-17675) Resolve CVE-2019-11358 from jquery', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/', 'name': 'FEDORA-2019-1a3edd7e8a', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'} {'url': 'https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9@%3Cissues.flink.apache.org%3E', 'name': '[flink-issues] 20200518 [jira] [Commented] (FLINK-17675) Resolve CVE-2019-11358 from jquery', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa@%3Cissues.flink.apache.org%3E', 'name': '[flink-issues] 20200520 [jira] [Closed] (FLINK-17675) Resolve CVE-2019-11358 from jquery', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08@%3Cissues.flink.apache.org%3E', 'name': '[flink-issues] 20200518 [jira] [Assigned] (FLINK-17675) Resolve CVE-2019-11358 from jquery', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/', 'name': 'FEDORA-2019-7eaf0bbe7c', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'} {'url': 'https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7@%3Ccommits.airflow.apache.org%3E', 'name': '[airflow-commits] 20190428 [GitHub] [airflow] codecov-io commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844@%3Ccommits.airflow.apache.org%3E', 'name': '[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG merged pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E', 'name': '[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f@%3Ccommits.airflow.apache.org%3E', 'name': '[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766@%3Cdev.syncope.apache.org%3E', 'name': '[syncope-dev] 20200423 Jquery version on 2.1.x/2.0.x', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/', 'name': 'FEDORA-2019-f563e66380', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'} {'url': 'https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E', 'name': '[nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/', 'name': 'FEDORA-2019-2a0ce0c58c', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'} {'url': 'https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E', 'name': '[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355@%3Cdev.flink.apache.org%3E', 'name': '[flink-dev] 20200513 [jira] [Created] (FLINK-17675) Resolve CVE-2019-11358 from jquery', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d@%3Cissues.flink.apache.org%3E', 'name': '[flink-issues] 20200513 [jira] [Created] (FLINK-17675) Resolve CVE-2019-11358 from jquery', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc@%3Ccommits.airflow.apache.org%3E', 'name': '[airflow-commits] 20190428 [GitHub] [airflow] feng-tao commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E', 'name': '[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/', 'name': 'FEDORA-2019-a06dffab1c', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'} {'url': 'https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734@%3Cdev.storm.apache.org%3E', 'name': '[storm-dev] 20200708 [GitHub] [storm] Crim opened a new pull request #3305: [STORM-3553] Upgrade jQuery from 1.11.1 to 3.5.1', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'}	() https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E - () https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E - () https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E - () https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E - () https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/ - () https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/ - () https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E - () https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E - () https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E - () https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E - () https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E - () https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/ - () https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E - () https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E - () https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/ - () https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E - () https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E - () https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/ - () https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/ -

31 Aug 2023, 03:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html -

22 Jun 2023, 19:50

Type	Values Removed	Values Added
CPE		cpe:2.3:o:juniper:junos:21.2:-::::::
First Time		Juniper junos Juniper
References	~~(MISC) https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1 -~~	(MISC) https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1 - Third Party Advisory
References	~~(BID) http://www.securityfocus.com/bid/108023 - Broken Link~~	(BID) http://www.securityfocus.com/bid/108023 - Broken Link, Third Party Advisory, VDB Entry

13 Jun 2023, 21:15

Type	Values Removed	Values Added
References		(MISC) https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1 -

06 Apr 2022, 18:07

07 Feb 2022, 16:15

Type	Values Removed	Values Added
References		(MISC) https://www.oracle.com/security-alerts/cpujan2022.html -

20 Oct 2021, 11:15

Type	Values Removed	Values Added
References		(MISC) https://www.oracle.com/security-alerts/cpuoct2021.html -

01 Oct 2021, 15:30

Type	Values Removed	Values Added
CPE		cpe:2.3:a:oracle:identity_manager:12.2.1.3.0:::::::* cpe:2.3:a:joomla:joomla\!::::::::
References		(N/A) https://www.oracle.com//security-alerts/cpujul2021.html - Third Party Advisory
References	~~(MISC) https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html - Third Party Advisory~~	(MISC) https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html - Patch, Third Party Advisory
References	~~(MISC) https://www.oracle.com/security-alerts/cpuApr2021.html -~~	(MISC) https://www.oracle.com/security-alerts/cpuApr2021.html - Third Party Advisory
References	~~(MISC) https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html - Third Party Advisory~~	(MISC) https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html - Patch, Third Party Advisory

14 Jun 2021, 18:15

Type	Values Removed	Values Added
References		(MISC) https://www.oracle.com/security-alerts/cpuApr2021.html -

16 Mar 2021, 14:12

20 Jan 2021, 15:15

Type	Values Removed	Values Added
References		(MISC) https://www.oracle.com/security-alerts/cpujan2021.html -

Information

Published : 2019-04-20 00:29

Updated : 2024-02-16 16:32

NVD link : CVE-2019-11358

Mitre link : CVE-2019-11358

CVE.ORG link : CVE-2019-11358

JSON object : View

Products Affected

oracle

insurance_insbridge_rating_and_underwriting
hospitality_simphony
retail_central_office
banking_platform
primavera_gateway
financial_services_liquidity_risk_management
financial_services_enterprise_financial_performance_analytics
financial_services_analytical_applications_reconciliation_framework
communications_analytics
financial_services_retail_customer_analytics
siebel_mobile_applications
jdeveloper_and_adf
communications_unified_inventory_management
financial_services_data_foundation
insurance_data_foundation
peoplesoft_enterprise_peopletools
communications_interactive_session_recorder
retail_customer_insights
application_testing_suite
big_data_discovery
communications_eagle_application_processor
system_utilities
fusion_middleware_mapviewer
rest_data_services
utilities_mobile_workforce_management
financial_services_basel_regulatory_capital_internal_ratings_based_approach
financial_services_regulatory_reporting_for_de_nederlandsche_bank
tape_library_acsls
financial_services_loan_loss_forecasting_and_provisioning
policy_automation_for_mobile_devices
communications_webrtc_session_controller
primavera_unifier
financial_services_liquidity_risk_measurement_and_management
jd_edwards_enterpriseone_tools
financial_services_balance_sheet_planning
communications_application_session_controller
diagnostic_assistant
insurance_accounting_analyzer
financial_services_profitability_management
insurance_allocation_manager_for_enterprise_profitability
communications_billing_and_revenue_management
application_express
banking_digital_experience
bi_publisher
communications_session_route_manager
insurance_ifrs_17_analyzer
financial_services_market_risk_measurement_and_management
healthcare_translational_research
communications_diameter_signaling_router
retail_point-of-service
business_process_management_suite
financial_services_funds_transfer_pricing
healthcare_foundation
hospitality_materials_control
identity_manager
enterprise_manager_ops_center
financial_services_regulatory_reporting_for_us_federal_reserve
financial_services_regulatory_reporting_for_european_banking_authority
financial_services_hedge_management_and_ifrs_valuations
retail_back_office
transportation_management
communications_session_report_manager
insurance_performance_insight
financial_services_basel_regulatory_capital_basic
storagetek_tape_analytics_sw_tool
financial_services_data_governance_for_us_regulatory_reporting
banking_enterprise_collections
webcenter_sites
siebel_ui_framework
retail_customer_management_and_segmentation_foundation
financial_services_institutional_performance_analytics
jdeveloper
weblogic_server
communications_services_gatekeeper
hospitality_guest_access
financial_services_revenue_management_and_billing
communications_element_manager
communications_operations_monitor
knowledge
financial_services_analytical_applications_infrastructure
enterprise_session_border_controller
service_bus
financial_services_price_creation_and_discovery
agile_product_lifecycle_management_for_process
financial_services_asset_liability_management
application_service_level_management
policy_automation
real-time_scheduler
financial_services_retail_performance_analytics
policy_automation_connector_for_siebel
retail_returns_management
financial_services_data_integration_hub

joomla

joomla\!

backdropcms

backdrop

juniper

junos

jquery

jquery

debian

debian_linux

opensuse

backports_sle
leap

fedoraproject

fedora

drupal

drupal

netapp

snapcenter
oncommand_system_manager

redhat

cloudforms
virtualization_manager

CWE

CWE-1321

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

6.1 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

4.3 /10

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

JSON object

Attach tags to CVE-2019-11358

6.1^/10

4.3^/10

Attach tags to `CVE-2019-11358`