CVE-2020-11022

6.9

MEDIUM

HTTPoxy in jQuery XSS

Description

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

INFO

Published Date :

April 29, 2020, 10:15 p.m.

Last Modified :

Nov. 7, 2023, 3:14 a.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

4.7

Exploitability Score :

1.6 Public PoC/Exploit Available at Github

CVE-2020-11022 has a 30 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2020-11022 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID	Vendor	Product
1	Oracle	weblogic_server
2	Oracle	communications_webrtc_session_controller
3	Oracle	peoplesoft_enterprise_peopletools
4	Oracle	siebel_ui_framework
5	Oracle	retail_customer_management_and_segmentation_foundation
6	Oracle	application_testing_suite
7	Oracle	enterprise_manager_ops_center
8	Oracle	hospitality_simphony
9	Oracle	financial_services_data_integration_hub
10	Oracle	retail_back_office
11	Oracle	communications_billing_and_revenue_management
12	Oracle	agile_product_lifecycle_management_for_process
13	Oracle	blockchain_platform
14	Oracle	communications_services_gatekeeper
15	Oracle	communications_application_session_controller
16	Oracle	jdeveloper
17	Oracle	financial_services_analytical_applications_infrastructure
18	Oracle	financial_services_funds_transfer_pricing
19	Oracle	policy_automation_connector_for_siebel
20	Oracle	financial_services_hedge_management_and_ifrs_valuations
21	Oracle	financial_services_market_risk_measurement_and_management
22	Oracle	financial_services_liquidity_risk_management
23	Oracle	financial_services_balance_sheet_planning
24	Oracle	insurance_accounting_analyzer
25	Oracle	financial_services_loan_loss_forecasting_and_provisioning
26	Oracle	financial_services_asset_liability_management
27	Oracle	financial_services_profitability_management
28	Oracle	financial_services_price_creation_and_discovery
29	Oracle	financial_services_liquidity_risk_measurement_and_management
30	Oracle	financial_services_data_foundation
31	Oracle	banking_digital_experience
32	Oracle	communications_eagle_application_processor
33	Oracle	enterprise_session_border_controller
34	Oracle	healthcare_foundation
35	Oracle	insurance_insbridge_rating_and_underwriting
36	Oracle	policy_automation
37	Oracle	retail_returns_management
38	Oracle	financial_services_institutional_performance_analytics
39	Oracle	policy_automation_for_mobile_devices
40	Oracle	storagetek_acsls
41	Oracle	communications_diameter_signaling_router_idih\
42	Oracle	financial_services_analytical_applications_reconciliation_framework
43	Oracle	financial_services_basel_regulatory_capital_basic
44	Oracle	financial_services_basel_regulatory_capital_internal_ratings_based_approach
45	Oracle	financial_services_data_governance_for_us_regulatory_reporting
46	Oracle	financial_services_regulatory_reporting_for_european_banking_authority
47	Oracle	financial_services_regulatory_reporting_for_us_federal_reserve
48	Oracle	hospitality_materials_control
49	Oracle	insurance_allocation_manager_for_enterprise_profitability
50	Oracle	insurance_data_foundation
51	Oracle	agile_product_supplier_collaboration_for_process
1	Netapp	h410c_firmware
2	Netapp	oncommand_insight
3	Netapp	snapcenter
4	Netapp	h300s_firmware
5	Netapp	h500s_firmware
6	Netapp	h700s_firmware
7	Netapp	h410s_firmware
8	Netapp	snap_creator_framework
9	Netapp	oncommand_system_manager
10	Netapp	h300e_firmware
11	Netapp	h500e_firmware
12	Netapp	h700e_firmware
13	Netapp	max_data
1	Fedoraproject	fedora
1	Debian	debian_linux
1	Drupal	drupal
1	Opensuse	leap
1	Tenable	log_correlation_engine
1	Jquery	jquery

: Total Affected Vendor : 8 | Products : 70

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2020-11022.

URL	Resource
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html	Broken Link
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html	Broken Link
http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html	Broken Link
http://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html	Exploit Third Party Advisory VDB Entry
https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/	Release Notes Vendor Advisory
https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77	Patch Third Party Advisory
https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2	Mitigation Third Party Advisory
https://jquery.com/upgrade-guide/3.5/	Mitigation Vendor Advisory
https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E
https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133%40%3Ccommits.airflow.apache.org%3E
https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html	Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W/
https://security.gentoo.org/glsa/202007-03	Third Party Advisory
https://security.netapp.com/advisory/ntap-20200511-0006/	Third Party Advisory
https://www.debian.org/security/2020/dsa-4693	Third Party Advisory
https://www.drupal.org/sa-core-2020-002	Third Party Advisory
https://www.oracle.com//security-alerts/cpujul2021.html	Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuApr2021.html	Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html	Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2021.html	Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2022.html	Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2020.html	Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2022.html
https://www.oracle.com/security-alerts/cpuoct2020.html	Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html	Patch Third Party Advisory
https://www.tenable.com/security/tns-2020-10	Third Party Advisory
https://www.tenable.com/security/tns-2020-11	Third Party Advisory
https://www.tenable.com/security/tns-2021-02	Third Party Advisory
https://www.tenable.com/security/tns-2021-10	Third Party Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

pilot114/jquery-cve

None

HTML

Updated: 3 weeks ago

0 stars 0 fork 0 watcher

Born at : Aug. 28, 2024, 2:40 p.m. This repo has been linked 3 different CVEs too.

jev770/badmoodle-scan

Сканування за допомогою ПЗ Badmoodle системи дистанційного навчання ДУІТЗ

Updated: 2 months, 4 weeks ago

0 stars 0 fork 0 watcher

Born at : June 19, 2024, 7:56 a.m. This repo has been linked 181 different CVEs too.

ctcpip/jquery-security

EOL jQuery versions with security patches

JavaScript HTML CSS Shell

Updated: 4 months, 4 weeks ago

4 stars 0 fork 0 watcher

Born at : Feb. 19, 2024, 11:34 p.m. This repo has been linked 8 different CVEs too.

d4n-sec/d4n-sec.github.io

None

CSS HTML JavaScript

Updated: 7 months, 2 weeks ago

0 stars 0 fork 0 watcher

Born at : Feb. 2, 2024, 2:11 p.m. This repo has been linked 494 different CVEs too.

captcha-n00b/CVEcrystalyer

None

Crystal Python

Updated: 1 year ago

1 stars 0 fork 0 watcher

Born at : Sept. 5, 2023, 3:47 p.m. This repo has been linked 3 different CVEs too.

ArrestX/--POC

poc集合(持续更新ing)

Updated: 4 months, 1 week ago

4 stars 0 fork 0 watcher

Born at : July 30, 2023, 1:30 a.m. This repo has been linked 154 different CVEs too.

marksowell/retire-html-parser

A Python script to parse Retire.js HTML scan results and extract vulnerability information from the table for AppSec reports.

retirejs appsec appsec-testing appsec-tools insecure-libraries reporting vulnerabilities vulnerabilities-check vulnerable-libraries vulnerable-library-detection

Python

Updated: 1 year, 1 month ago

0 stars 0 fork 0 watcher

Born at : July 26, 2023, 5:55 a.m. This repo has been linked 7 different CVEs too.

0day404/vulnerability-poc

A Common Vulnerability PoC Knowledge Base一个普遍漏洞POC知识库

vulnerability

Updated: 2 months ago

17 stars 6 fork 6 watcher

Born at : June 24, 2023, 3:12 p.m. This repo has been linked 232 different CVEs too.

faizhaffizudin/Case-Study-Hamsa

None

Updated: 1 year, 4 months ago

1 stars 1 fork 1 watcher

Born at : May 8, 2023, 3:50 a.m. This repo has been linked 7 different CVEs too.

elifesciences/github-repo-security-alerts

Prints a list of summarised Dependabot security alerts that are open, grouped by repository name.

Go Shell

Updated: 1 year, 4 months ago

0 stars 1 fork 1 watcher

Born at : May 5, 2023, 5:13 a.m. This repo has been linked 5 different CVEs too.

octane23/CASE-STUDY-1

None

Updated: 1 year, 5 months ago

0 stars 0 fork 0 watcher

Born at : April 13, 2023, 7:02 a.m. This repo has been linked 20 different CVEs too.

johnrearden/strings_attached

None

Python HTML CSS JavaScript Procfile

Updated: 8 months, 3 weeks ago

1 stars 3 fork 3 watcher

Born at : Jan. 5, 2023, 3:49 p.m. This repo has been linked 3 different CVEs too.

cve-sandbox/jquery

CVE Collection of jQuery XSS Payloads

HTML

Updated: 2 weeks, 5 days ago

64 stars 10 fork 10 watcher

Born at : Oct. 10, 2022, 5:32 p.m. This repo has been linked 3 different CVEs too.

soosmile/POC

None

Updated: 2 months, 3 weeks ago

8 stars 1 fork 1 watcher

Born at : June 21, 2022, 7:45 a.m. This repo has been linked 943 different CVEs too.

Snorlyd/https-nj.gov---CVE-2020-11022

Vulnearability Report of the New Jersey official site

Updated: 2 years, 3 months ago

0 stars 0 fork 0 watcher

Born at : May 23, 2022, 10:26 a.m. This repo has been linked 1 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2020-11022 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2020-11022 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

CVE Modified by [email protected]

May. 14, 2024

Action Type Old Value New Value

CVE Modified by [email protected]

Nov. 07, 2023

Action	Type	Old Value	New Value
Added	Reference		GitHub, Inc. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W/ [No types assigned]
Added	Reference		GitHub, Inc. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/ [No types assigned]
Added	Reference		GitHub, Inc. https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133%40%3Ccommits.airflow.apache.org%3E [No types assigned]
Added	Reference		GitHub, Inc. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/ [No types assigned]
Added	Reference		GitHub, Inc. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/ [No types assigned]
Added	Reference		GitHub, Inc. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/ [No types assigned]
Added	Reference		GitHub, Inc. https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E [No types assigned]
Added	Reference		GitHub, Inc. https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E [No types assigned]
Added	Reference		GitHub, Inc. https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E [No types assigned]
Added	Reference		GitHub, Inc. https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E [No types assigned]
Added	Reference		GitHub, Inc. https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E [No types assigned]
Added	Reference		GitHub, Inc. https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E [No types assigned]
Added	Reference		GitHub, Inc. https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E [No types assigned]
Added	Reference		GitHub, Inc. https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E [No types assigned]
Added	Reference		GitHub, Inc. https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E [No types assigned]
Added	Reference		GitHub, Inc. https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E [No types assigned]
Removed	Reference	GitHub, Inc. https://lists.fedoraproject.org/archives/list/[email protected]/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W/
Removed	Reference	GitHub, Inc. https://lists.fedoraproject.org/archives/list/[email protected]/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/
Removed	Reference	GitHub, Inc. https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133@%3Ccommits.airflow.apache.org%3E
Removed	Reference	GitHub, Inc. https://lists.fedoraproject.org/archives/list/[email protected]/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/
Removed	Reference	GitHub, Inc. https://lists.fedoraproject.org/archives/list/[email protected]/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/
Removed	Reference	GitHub, Inc. https://lists.fedoraproject.org/archives/list/[email protected]/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/
Removed	Reference	GitHub, Inc. https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E
Removed	Reference	GitHub, Inc. https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E
Removed	Reference	GitHub, Inc. https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E
Removed	Reference	GitHub, Inc. https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E
Removed	Reference	GitHub, Inc. https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E
Removed	Reference	GitHub, Inc. https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E
Removed	Reference	GitHub, Inc. https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E
Removed	Reference	GitHub, Inc. https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E
Removed	Reference	GitHub, Inc. https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E
Removed	Reference	GitHub, Inc. https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E

CVE Modified by [email protected]

Aug. 31, 2023

Action Type Old Value New Value

Added Reference https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html [No Types Assigned]
CVE Modified by [email protected]

Jul. 25, 2022

Action Type Old Value New Value

Added Reference https://www.oracle.com/security-alerts/cpujul2022.html [No Types Assigned]

Action	Type	Old Value	New Value
Added	Reference		https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html [No Types Assigned]

Action	Type	Old Value	New Value
Added	Reference		https://www.oracle.com/security-alerts/cpujul2022.html [No Types Assigned]

Modified Analysis by [email protected]

May. 12, 2022

Action	Type	Old Value	New Value
Changed	Reference Type	https://www.oracle.com/security-alerts/cpuapr2022.html No Types Assigned	https://www.oracle.com/security-alerts/cpuapr2022.html Patch, Third Party Advisory
Changed	CPE Configuration	OR cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0::::::: cpe:2.3:a:oracle:application_testing_suite:13.3.0.1::::::: cpe:2.3:a:oracle:banking_digital_experience:18.1::::::: cpe:2.3:a:oracle:banking_digital_experience:18.2::::::: cpe:2.3:a:oracle:banking_digital_experience:18.3::::::: cpe:2.3:a:oracle:banking_digital_experience:19.1::::::: cpe:2.3:a:oracle:banking_digital_experience:19.2::::::: cpe:2.3:a:oracle:banking_digital_experience:20.1::::::: cpe:2.3:a:oracle:communications_application_session_controller:3.8m0::::::: cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0::::::: cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0::::::: cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\:::::::::* versions from (including) 8.0.0 up to (including) 8.2.2 cpe:2.3:a:oracle:communications_eagle_application_processor::::::::* versions from (including) 16.1.0 up to (including) 16.4.0 cpe:2.3:a:oracle:communications_services_gatekeeper:7.0::::::: cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2::::::: cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0::::::: cpe:2.3:a:oracle:enterprise_session_border_controller:8.4::::::: cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure::::::::* versions from (including) 8.0.6.0.0 up to (including) 8.1.0.0.0 cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0::::::: cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7::::::: cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0::::::: cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8::::::: cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0::::::: cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0::::::: cpe:2.3:a:oracle:financial_services_data_foundation::::::::* versions from (including) 8.0.6 up to (including) 8.1.0 cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting::::::::* versions from (including) 8.0.6 up to (including) 8.0.9 cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.6::::::: cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.7::::::: cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0::::::: cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.6::::::: cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.7::::::: cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0::::::: cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0::::::: cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6::::::: cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7::::::: cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0::::::: cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0::::::: cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8::::::: cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6::::::: cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7::::::: cpe:2.3:a:oracle:financial_services_profitability_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7::::::: cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0::::::: cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority::::::::* versions from (including) 8.0.6 up to (including) 8.1.0 cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve::::::::* versions from (including) 8.0.6 up to (including) 8.0.9 cpe:2.3:a:oracle:healthcare_foundation:7.1.1::::::: cpe:2.3:a:oracle:healthcare_foundation:7.2.0::::::: cpe:2.3:a:oracle:healthcare_foundation:7.2.1::::::: cpe:2.3:a:oracle:healthcare_foundation:7.3.0::::::: cpe:2.3:a:oracle:hospitality_materials_control:18.1::::::: cpe:2.3:a:oracle:hospitality_simphony:18.1::::::: cpe:2.3:a:oracle:hospitality_simphony:18.2::::::: cpe:2.3:a:oracle:hospitality_simphony::::::::* versions from (including) 19.1.0 up to (including) 19.1.2 cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9::::::: cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8::::::: cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0::::::: cpe:2.3:a:oracle:insurance_data_foundation::::::::* versions from (including) 8.0.6 up to (including) 8.1.0 cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting::::::::* versions from (including) 5.0.0.0 up to (including) 5.6.0.0 cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0::::::: cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0::::::: cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0::::::: cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0::::::: cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56::::::: cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57::::::: cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58::::::: cpe:2.3:a:oracle:policy_automation::::::::* versions from (including) 12.2.0 up to (including) 12.2.20 cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6::::::: cpe:2.3:a:oracle:policy_automation_for_mobile_devices::::::::* versions from (including) 12.2.0 up to (including) 12.2.20 cpe:2.3:a:oracle:retail_back_office:14.0::::::: cpe:2.3:a:oracle:retail_back_office:14.1::::::: cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0::::::: cpe:2.3:a:oracle:retail_returns_management:14.0::::::: cpe:2.3:a:oracle:retail_returns_management:14.1::::::: cpe:2.3:a:oracle:siebel_ui_framework:20.8::::::: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0::::::: cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0::::::: cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0::::::: cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0::::::: cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::	OR cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0::::::: cpe:2.3:a:oracle:application_testing_suite:13.3.0.1::::::: cpe:2.3:a:oracle:banking_digital_experience:18.1::::::: cpe:2.3:a:oracle:banking_digital_experience:18.2::::::: cpe:2.3:a:oracle:banking_digital_experience:18.3::::::: cpe:2.3:a:oracle:banking_digital_experience:19.1::::::: cpe:2.3:a:oracle:banking_digital_experience:19.2::::::: cpe:2.3:a:oracle:banking_digital_experience:20.1::::::: cpe:2.3:a:oracle:blockchain_platform::::::::* versions up to (excluding) 21.1.2 cpe:2.3:a:oracle:communications_application_session_controller:3.8m0::::::: cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0::::::: cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0::::::: cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\:::::::::* versions from (including) 8.0.0 up to (including) 8.2.2 cpe:2.3:a:oracle:communications_eagle_application_processor::::::::* versions from (including) 16.1.0 up to (including) 16.4.0 cpe:2.3:a:oracle:communications_services_gatekeeper:7.0::::::: cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2::::::: cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0::::::: cpe:2.3:a:oracle:enterprise_session_border_controller:8.4::::::: cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure::::::::* versions from (including) 8.0.6.0.0 up to (including) 8.1.0.0.0 cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0::::::: cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7::::::: cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0::::::: cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8::::::: cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0::::::: cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0::::::: cpe:2.3:a:oracle:financial_services_data_foundation::::::::* versions from (including) 8.0.6 up to (including) 8.1.0 cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting::::::::* versions from (including) 8.0.6 up to (including) 8.0.9 cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.6::::::: cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.7::::::: cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0::::::: cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.6::::::: cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.7::::::: cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0::::::: cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0::::::: cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6::::::: cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7::::::: cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0::::::: cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0::::::: cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8::::::: cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6::::::: cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7::::::: cpe:2.3:a:oracle:financial_services_profitability_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7::::::: cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0::::::: cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority::::::::* versions from (including) 8.0.6 up to (including) 8.1.0 cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve::::::::* versions from (including) 8.0.6 up to (including) 8.0.9 cpe:2.3:a:oracle:healthcare_foundation:7.1.1::::::: cpe:2.3:a:oracle:healthcare_foundation:7.2.0::::::: cpe:2.3:a:oracle:healthcare_foundation:7.2.1::::::: cpe:2.3:a:oracle:healthcare_foundation:7.3.0::::::: cpe:2.3:a:oracle:hospitality_materials_control:18.1::::::: cpe:2.3:a:oracle:hospitality_simphony:18.1::::::: cpe:2.3:a:oracle:hospitality_simphony:18.2::::::: cpe:2.3:a:oracle:hospitality_simphony::::::::* versions from (including) 19.1.0 up to (including) 19.1.2 cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9::::::: cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8::::::: cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0::::::: cpe:2.3:a:oracle:insurance_data_foundation::::::::* versions from (including) 8.0.6 up to (including) 8.1.0 cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting::::::::* versions from (including) 5.0.0.0 up to (including) 5.6.0.0 cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0::::::: cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0::::::: cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0::::::: cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0::::::: cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56::::::: cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57::::::: cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58::::::: cpe:2.3:a:oracle:policy_automation::::::::* versions from (including) 12.2.0 up to (including) 12.2.20 cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6::::::: cpe:2.3:a:oracle:policy_automation_for_mobile_devices::::::::* versions from (including) 12.2.0 up to (including) 12.2.20 cpe:2.3:a:oracle:retail_back_office:14.0::::::: cpe:2.3:a:oracle:retail_back_office:14.1::::::: cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0::::::: cpe:2.3:a:oracle:retail_returns_management:14.0::::::: cpe:2.3:a:oracle:retail_returns_management:14.1::::::: cpe:2.3:a:oracle:siebel_ui_framework:20.8::::::: cpe:2.3:a:oracle:storagetek_acsls:8.5.1::::::: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0::::::: cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0::::::: cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0::::::: cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0::::::: cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::

CVE Modified by [email protected]

Apr. 20, 2022

Action Type Old Value New Value

Added Reference https://www.oracle.com/security-alerts/cpuapr2022.html [No Types Assigned]

Action	Type	Old Value	New Value
Added	Reference		https://www.oracle.com/security-alerts/cpuapr2022.html [No Types Assigned]

Modified Analysis by [email protected]

Apr. 04, 2022

Action	Type	Old Value	New Value
Changed	Reference Type	https://www.oracle.com/security-alerts/cpujan2022.html No Types Assigned	https://www.oracle.com/security-alerts/cpujan2022.html Patch, Third Party Advisory
Changed	CPE Configuration	OR cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0::::::: cpe:2.3:a:oracle:application_testing_suite:13.3.0.1::::::: cpe:2.3:a:oracle:banking_digital_experience:18.1::::::: cpe:2.3:a:oracle:banking_digital_experience:18.2::::::: cpe:2.3:a:oracle:banking_digital_experience:18.3::::::: cpe:2.3:a:oracle:banking_digital_experience:19.1::::::: cpe:2.3:a:oracle:banking_digital_experience:19.2::::::: cpe:2.3:a:oracle:banking_digital_experience:20.1::::::: cpe:2.3:a:oracle:communications_application_session_controller:3.8m0::::::: cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0::::::: cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0::::::: cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\:::::::::* versions from (including) 8.0.0 up to (including) 8.2.2 cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2::::::: cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0::::::: cpe:2.3:a:oracle:enterprise_session_border_controller:8.4::::::: cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure::::::::* versions from (including) 8.0.6.0.0 up to (including) 8.1.0.0.0 cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0::::::: cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7::::::: cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0::::::: cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8::::::: cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0::::::: cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0::::::: cpe:2.3:a:oracle:financial_services_data_foundation::::::::* versions from (including) 8.0.6 up to (including) 8.1.0 cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting::::::::* versions from (including) 8.0.6 up to (including) 8.0.9 cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.6::::::: cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.7::::::: cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0::::::: cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.6::::::: cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.7::::::: cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0::::::: cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0::::::: cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6::::::: cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7::::::: cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0::::::: cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0::::::: cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8::::::: cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6::::::: cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7::::::: cpe:2.3:a:oracle:financial_services_profitability_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7::::::: cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0::::::: cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority::::::::* versions from (including) 8.0.6 up to (including) 8.1.0 cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve::::::::* versions from (including) 8.0.6 up to (including) 8.0.9 cpe:2.3:a:oracle:healthcare_foundation:7.1.1::::::: cpe:2.3:a:oracle:healthcare_foundation:7.2.0::::::: cpe:2.3:a:oracle:healthcare_foundation:7.2.1::::::: cpe:2.3:a:oracle:healthcare_foundation:7.3.0::::::: cpe:2.3:a:oracle:hospitality_materials_control:18.1::::::: cpe:2.3:a:oracle:hospitality_simphony:18.1::::::: cpe:2.3:a:oracle:hospitality_simphony:18.2::::::: cpe:2.3:a:oracle:hospitality_simphony::::::::* versions from (including) 19.1.0 up to (including) 19.1.2 cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9::::::: cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8::::::: cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0::::::: cpe:2.3:a:oracle:insurance_data_foundation::::::::* versions from (including) 8.0.6 up to (including) 8.1.0 cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting::::::::* versions from (including) 5.0.0.0 up to (including) 5.6.0.0 cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0::::::: cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0::::::: cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0::::::: cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0::::::: cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56::::::: cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57::::::: cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58::::::: cpe:2.3:a:oracle:policy_automation::::::::* versions from (including) 12.2.0 up to (including) 12.2.20 cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6::::::: cpe:2.3:a:oracle:policy_automation_for_mobile_devices::::::::* versions from (including) 12.2.0 up to (including) 12.2.20 cpe:2.3:a:oracle:retail_back_office:14.0::::::: cpe:2.3:a:oracle:retail_back_office:14.1::::::: cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0::::::: cpe:2.3:a:oracle:retail_returns_management:14.0::::::: cpe:2.3:a:oracle:retail_returns_management:14.1::::::: cpe:2.3:a:oracle:siebel_ui_framework:20.8::::::: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0::::::: cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0::::::: cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0::::::: cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0::::::: cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::	OR cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0::::::: cpe:2.3:a:oracle:application_testing_suite:13.3.0.1::::::: cpe:2.3:a:oracle:banking_digital_experience:18.1::::::: cpe:2.3:a:oracle:banking_digital_experience:18.2::::::: cpe:2.3:a:oracle:banking_digital_experience:18.3::::::: cpe:2.3:a:oracle:banking_digital_experience:19.1::::::: cpe:2.3:a:oracle:banking_digital_experience:19.2::::::: cpe:2.3:a:oracle:banking_digital_experience:20.1::::::: cpe:2.3:a:oracle:communications_application_session_controller:3.8m0::::::: cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0::::::: cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0::::::: cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\:::::::::* versions from (including) 8.0.0 up to (including) 8.2.2 cpe:2.3:a:oracle:communications_eagle_application_processor::::::::* versions from (including) 16.1.0 up to (including) 16.4.0 cpe:2.3:a:oracle:communications_services_gatekeeper:7.0::::::: cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2::::::: cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0::::::: cpe:2.3:a:oracle:enterprise_session_border_controller:8.4::::::: cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure::::::::* versions from (including) 8.0.6.0.0 up to (including) 8.1.0.0.0 cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0::::::: cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7::::::: cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0::::::: cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8::::::: cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0::::::: cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0::::::: cpe:2.3:a:oracle:financial_services_data_foundation::::::::* versions from (including) 8.0.6 up to (including) 8.1.0 cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting::::::::* versions from (including) 8.0.6 up to (including) 8.0.9 cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.6::::::: cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.7::::::: cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0::::::: cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.6::::::: cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.7::::::: cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0::::::: cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0::::::: cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6::::::: cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7::::::: cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0::::::: cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0::::::: cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8::::::: cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6::::::: cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7::::::: cpe:2.3:a:oracle:financial_services_profitability_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7::::::: cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0::::::: cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority::::::::* versions from (including) 8.0.6 up to (including) 8.1.0 cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve::::::::* versions from (including) 8.0.6 up to (including) 8.0.9 cpe:2.3:a:oracle:healthcare_foundation:7.1.1::::::: cpe:2.3:a:oracle:healthcare_foundation:7.2.0::::::: cpe:2.3:a:oracle:healthcare_foundation:7.2.1::::::: cpe:2.3:a:oracle:healthcare_foundation:7.3.0::::::: cpe:2.3:a:oracle:hospitality_materials_control:18.1::::::: cpe:2.3:a:oracle:hospitality_simphony:18.1::::::: cpe:2.3:a:oracle:hospitality_simphony:18.2::::::: cpe:2.3:a:oracle:hospitality_simphony::::::::* versions from (including) 19.1.0 up to (including) 19.1.2 cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9::::::: cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8::::::: cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0::::::: cpe:2.3:a:oracle:insurance_data_foundation::::::::* versions from (including) 8.0.6 up to (including) 8.1.0 cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting::::::::* versions from (including) 5.0.0.0 up to (including) 5.6.0.0 cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0::::::: cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0::::::: cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0::::::: cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0::::::: cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56::::::: cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57::::::: cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58::::::: cpe:2.3:a:oracle:policy_automation::::::::* versions from (including) 12.2.0 up to (including) 12.2.20 cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6::::::: cpe:2.3:a:oracle:policy_automation_for_mobile_devices::::::::* versions from (including) 12.2.0 up to (including) 12.2.20 cpe:2.3:a:oracle:retail_back_office:14.0::::::: cpe:2.3:a:oracle:retail_back_office:14.1::::::: cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0::::::: cpe:2.3:a:oracle:retail_returns_management:14.0::::::: cpe:2.3:a:oracle:retail_returns_management:14.1::::::: cpe:2.3:a:oracle:siebel_ui_framework:20.8::::::: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0::::::: cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0::::::: cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0::::::: cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0::::::: cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::

CVE Modified by [email protected]

Feb. 07, 2022

Action Type Old Value New Value

Added Reference https://www.oracle.com/security-alerts/cpujan2022.html [No Types Assigned]

Action	Type	Old Value	New Value
Added	Reference		https://www.oracle.com/security-alerts/cpujan2022.html [No Types Assigned]

Modified Analysis by [email protected]

Nov. 29, 2021

Action	Type	Old Value	New Value
Changed	Reference Type	https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E No Types Assigned	https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E Mailing List, Third Party Advisory
Changed	Reference Type	https://www.oracle.com//security-alerts/cpujul2021.html No Types Assigned	https://www.oracle.com//security-alerts/cpujul2021.html Patch, Third Party Advisory
Changed	Reference Type	https://www.oracle.com/security-alerts/cpuApr2021.html No Types Assigned	https://www.oracle.com/security-alerts/cpuApr2021.html Patch, Third Party Advisory
Changed	Reference Type	https://www.oracle.com/security-alerts/cpuoct2021.html No Types Assigned	https://www.oracle.com/security-alerts/cpuoct2021.html Patch, Third Party Advisory
Changed	Reference Type	https://www.tenable.com/security/tns-2021-10 No Types Assigned	https://www.tenable.com/security/tns-2021-10 Third Party Advisory
Added	CPE Configuration		OR cpe:2.3:a:tenable:log_correlation_engine::::::::* versions up to (excluding) 6.0.9
Added	CPE Configuration		OR cpe:2.3:a:oracle:agile_product_supplier_collaboration_for_process:6.2.0.0::::::: cpe:2.3:a:oracle:banking_digital_experience::::::::* versions from (including) 18.1 up to (including) 20.1 cpe:2.3:a:oracle:communications_application_session_controller:3.8m0::::::: cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0::::::: cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0::::::: cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\:::::::::* versions from (including) 8.0.0 up to (including) 8.2.2 cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2::::::: cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0::::::: cpe:2.3:a:oracle:enterprise_session_border_controller:8.4::::::: cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure::::::::* versions from (including) 8.0.6 up to (including) 8.1.0 cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0::::::: cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7::::::: cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0::::::: cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8::::::: cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0::::::: cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0::::::: cpe:2.3:a:oracle:financial_services_data_foundation::::::::* versions from (including) 8.0.6 up to (including) 8.1.0 cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting::::::::* versions from (including) 8.0.6 up to (including) 8.0.9 cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.6::::::: cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.7::::::: cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0::::::: cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.6::::::: cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.7::::::: cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0::::::: cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0::::::: cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6::::::: cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7::::::: cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0::::::: cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0::::::: cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8::::::: cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6::::::: cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7::::::: cpe:2.3:a:oracle:financial_services_profitability_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7::::::: cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0::::::: cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority::::::::* versions from (including) 8.0.6 up to (including) 8.1.0 cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve::::::::* versions from (including) 8.0.6 up to (including) 8.0.9 cpe:2.3:a:oracle:healthcare_foundation:7.1.1::::::: cpe:2.3:a:oracle:healthcare_foundation:7.2.0::::::: cpe:2.3:a:oracle:healthcare_foundation:7.2.1::::::: cpe:2.3:a:oracle:healthcare_foundation:7.3.0::::::: cpe:2.3:a:oracle:hospitality_materials_control:18.1::::::: cpe:2.3:a:oracle:hospitality_simphony:18.1::::::: cpe:2.3:a:oracle:hospitality_simphony:18.2::::::: cpe:2.3:a:oracle:hospitality_simphony:19.1.0-19.1.2::::::: cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9::::::: cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8::::::: cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0::::::: cpe:2.3:a:oracle:insurance_data_foundation:8.0.6-8.1.0::::::: cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting::::::::* versions from (including) 5.0.0.0 up to (including) 5.6.0.0 cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0::::::: cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0::::::: cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0::::::: cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0::::::: cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56::::::: cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57::::::: cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58::::::: cpe:2.3:a:oracle:policy_automation::::::::* versions from (including) 12.2.0 up to (including) 12.2.20 cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6::::::: cpe:2.3:a:oracle:policy_automation_for_mobile_devices::::::::* versions from (including) 12.2.0 up to (including) 12.2.20 cpe:2.3:a:oracle:retail_back_office:14.0::::::: cpe:2.3:a:oracle:retail_back_office:14.1::::::: cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0::::::: cpe:2.3:a:oracle:retail_returns_management:14.0::::::: cpe:2.3:a:oracle:retail_returns_management:14.1::::::: cpe:2.3:a:oracle:siebel_ui_framework:20.8::::::: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0::::::: cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0::::::: cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0::::::: cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0::::::: cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::

CVE Modified by [email protected]

Nov. 17, 2021

Action	Type	Old Value	New Value
Added	Reference		https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E [No Types Assigned]

CVE Modified by [email protected]

Nov. 10, 2021

Action	Type	Old Value	New Value
Removed	Reference	https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E [No Types Assigned]

CVE Modified by [email protected]

Nov. 01, 2021

Action	Type	Old Value	New Value
Added	Reference		https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E [No Types Assigned]

CVE Modified by [email protected]

Oct. 20, 2021

Action Type Old Value New Value

Added Reference https://www.oracle.com/security-alerts/cpuoct2021.html [No Types Assigned]
CVE Modified by [email protected]

Jul. 20, 2021

Action Type Old Value New Value

Added Reference https://www.oracle.com//security-alerts/cpujul2021.html [No Types Assigned]

Action	Type	Old Value	New Value
Added	Reference		https://www.oracle.com/security-alerts/cpuoct2021.html [No Types Assigned]

Action	Type	Old Value	New Value
Added	Reference		https://www.oracle.com//security-alerts/cpujul2021.html [No Types Assigned]

CPE Deprecation Remap by [email protected]

Jul. 06, 2021

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:a:oracle:agile_product_supplier_collaboration_for_process:6.2.0.0:::::::	OR cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:::::::

CVE Modified by [email protected]

Jun. 14, 2021

Action Type Old Value New Value

Added Reference https://www.oracle.com/security-alerts/cpuApr2021.html [No Types Assigned]
CVE Modified by [email protected]

Jun. 02, 2021

Action Type Old Value New Value

Added Reference https://www.tenable.com/security/tns-2021-10 [No Types Assigned]

Action	Type	Old Value	New Value
Added	Reference		https://www.oracle.com/security-alerts/cpuApr2021.html [No Types Assigned]

Action	Type	Old Value	New Value
Added	Reference		https://www.tenable.com/security/tns-2021-10 [No Types Assigned]

Modified Analysis by [email protected]

May. 05, 2021

Action	Type	Old Value	New Value
Changed	Reference Type	https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E No Types Assigned	https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E Mailing List, Third Party Advisory
Changed	Reference Type	https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E No Types Assigned	https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E Mailing List, Third Party Advisory
Changed	Reference Type	https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E No Types Assigned	https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E Mailing List, Third Party Advisory
Changed	Reference Type	https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E No Types Assigned	https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E Mailing List, Third Party Advisory
Removed	CPE Configuration	OR cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:::::::
Changed	CPE Configuration	OR cpe:2.3:a:oracle:agile_product_supplier_collaboration_for_process:6.2.0.0::::::: cpe:2.3:a:oracle:banking_digital_experience:18.1::::::: cpe:2.3:a:oracle:banking_digital_experience:18.2::::::: cpe:2.3:a:oracle:banking_digital_experience:18.3::::::: cpe:2.3:a:oracle:banking_digital_experience:19.1::::::: cpe:2.3:a:oracle:banking_digital_experience:19.2::::::: cpe:2.3:a:oracle:banking_digital_experience:20.1::::::: cpe:2.3:a:oracle:communications_application_session_controller:3.8m0::::::: cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0::::::: cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0::::::: cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\:::::::::* versions from (including) 8.0.0 up to (including) 8.2.2 cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2::::::: cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0::::::: cpe:2.3:a:oracle:enterprise_session_border_controller:8.4::::::: cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure::::::::* versions from (including) 8.0.6.0.0 up to (including) 8.1.0.0.0 cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0::::::: cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7::::::: cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0::::::: cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8::::::: cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0::::::: cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0::::::: cpe:2.3:a:oracle:financial_services_data_foundation::::::::* versions from (including) 8.0.6 up to (including) 8.1.0 cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting::::::::* versions from (including) 8.0.6 up to (including) 8.0.9 cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.6::::::: cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.7::::::: cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0::::::: cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.6::::::: cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.7::::::: cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0::::::: cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0::::::: cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6::::::: cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7::::::: cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0::::::: cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0::::::: cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8::::::: cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6::::::: cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7::::::: cpe:2.3:a:oracle:financial_services_profitability_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7::::::: cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0::::::: cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority::::::::* versions from (including) 8.0.6 up to (including) 8.1.0 cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve::::::::* versions from (including) 8.0.6 up to (including) 8.0.9 cpe:2.3:a:oracle:healthcare_foundation:7.1.1::::::: cpe:2.3:a:oracle:healthcare_foundation:7.2.0::::::: cpe:2.3:a:oracle:healthcare_foundation:7.2.1::::::: cpe:2.3:a:oracle:healthcare_foundation:7.3.0::::::: cpe:2.3:a:oracle:hospitality_materials_control:18.1::::::: cpe:2.3:a:oracle:hospitality_simphony:18.1::::::: cpe:2.3:a:oracle:hospitality_simphony:18.2::::::: cpe:2.3:a:oracle:hospitality_simphony::::::::* versions from (including) 19.1.0 up to (including) 19.1.2 cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9::::::: cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8::::::: cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0::::::: cpe:2.3:a:oracle:insurance_data_foundation::::::::* versions from (including) 8.0.6 up to (including) 8.1.0 cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting::::::::* versions from (including) 5.0.0.0 up to (including) 5.6.0.0 cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0::::::: cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0::::::: cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0::::::: cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0::::::: cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56::::::: cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57::::::: cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58::::::: cpe:2.3:a:oracle:policy_automation::::::::* versions from (including) 12.2.0 up to (including) 12.2.20 cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6::::::: cpe:2.3:a:oracle:policy_automation_for_mobile_devices::::::::* versions from (including) 12.2.0 up to (including) 12.2.20 cpe:2.3:a:oracle:retail_back_office:14.0::::::: cpe:2.3:a:oracle:retail_back_office:14.1::::::: cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0::::::: cpe:2.3:a:oracle:retail_returns_management:14.0::::::: cpe:2.3:a:oracle:retail_returns_management:14.1::::::: cpe:2.3:a:oracle:siebel_ui_framework:20.8::::::: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0::::::: cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0::::::: cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0::::::: cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0::::::: cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::	OR cpe:2.3:a:oracle:agile_product_supplier_collaboration_for_process:6.2.0.0::::::: cpe:2.3:a:oracle:application_testing_suite:13.3.0.1::::::: cpe:2.3:a:oracle:banking_digital_experience:18.1::::::: cpe:2.3:a:oracle:banking_digital_experience:18.2::::::: cpe:2.3:a:oracle:banking_digital_experience:18.3::::::: cpe:2.3:a:oracle:banking_digital_experience:19.1::::::: cpe:2.3:a:oracle:banking_digital_experience:19.2::::::: cpe:2.3:a:oracle:banking_digital_experience:20.1::::::: cpe:2.3:a:oracle:communications_application_session_controller:3.8m0::::::: cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0::::::: cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0::::::: cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\:::::::::* versions from (including) 8.0.0 up to (including) 8.2.2 cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2::::::: cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0::::::: cpe:2.3:a:oracle:enterprise_session_border_controller:8.4::::::: cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure::::::::* versions from (including) 8.0.6.0.0 up to (including) 8.1.0.0.0 cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0::::::: cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7::::::: cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0::::::: cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8::::::: cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0::::::: cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0::::::: cpe:2.3:a:oracle:financial_services_data_foundation::::::::* versions from (including) 8.0.6 up to (including) 8.1.0 cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting::::::::* versions from (including) 8.0.6 up to (including) 8.0.9 cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.6::::::: cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.7::::::: cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0::::::: cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.6::::::: cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.7::::::: cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0::::::: cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0::::::: cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6::::::: cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7::::::: cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0::::::: cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0::::::: cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8::::::: cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6::::::: cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7::::::: cpe:2.3:a:oracle:financial_services_profitability_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7::::::: cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0::::::: cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority::::::::* versions from (including) 8.0.6 up to (including) 8.1.0 cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve::::::::* versions from (including) 8.0.6 up to (including) 8.0.9 cpe:2.3:a:oracle:healthcare_foundation:7.1.1::::::: cpe:2.3:a:oracle:healthcare_foundation:7.2.0::::::: cpe:2.3:a:oracle:healthcare_foundation:7.2.1::::::: cpe:2.3:a:oracle:healthcare_foundation:7.3.0::::::: cpe:2.3:a:oracle:hospitality_materials_control:18.1::::::: cpe:2.3:a:oracle:hospitality_simphony:18.1::::::: cpe:2.3:a:oracle:hospitality_simphony:18.2::::::: cpe:2.3:a:oracle:hospitality_simphony::::::::* versions from (including) 19.1.0 up to (including) 19.1.2 cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9::::::: cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8::::::: cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0::::::: cpe:2.3:a:oracle:insurance_data_foundation::::::::* versions from (including) 8.0.6 up to (including) 8.1.0 cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting::::::::* versions from (including) 5.0.0.0 up to (including) 5.6.0.0 cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0::::::: cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0::::::: cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0::::::: cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0::::::: cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56::::::: cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57::::::: cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58::::::: cpe:2.3:a:oracle:policy_automation::::::::* versions from (including) 12.2.0 up to (including) 12.2.20 cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6::::::: cpe:2.3:a:oracle:policy_automation_for_mobile_devices::::::::* versions from (including) 12.2.0 up to (including) 12.2.20 cpe:2.3:a:oracle:retail_back_office:14.0::::::: cpe:2.3:a:oracle:retail_back_office:14.1::::::: cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0::::::: cpe:2.3:a:oracle:retail_returns_management:14.0::::::: cpe:2.3:a:oracle:retail_returns_management:14.1::::::: cpe:2.3:a:oracle:siebel_ui_framework:20.8::::::: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0::::::: cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0::::::: cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0::::::: cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0::::::: cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::
Changed	CPE Configuration	OR cpe:2.3:a:netapp:oncommand_insight:-::::::: cpe:2.3:a:netapp:oncommand_system_manager::::::::* versions from (including) 3.0 up to (including) 3.1.3 cpe:2.3:a:netapp:snap_creator_framework:-::::::: cpe:2.3:a:netapp:snapcenter:-:::::::	OR cpe:2.3:a:netapp:max_data:-::::::: cpe:2.3:a:netapp:oncommand_insight:-::::::: cpe:2.3:a:netapp:oncommand_system_manager::::::::* versions from (including) 3.0 up to (including) 3.1.3 cpe:2.3:a:netapp:snap_creator_framework:-::::::: cpe:2.3:a:netapp:snapcenter:-:::::::
Changed	CPE Configuration	OR cpe:2.3:o:debian:debian_linux:9.0::::::: cpe:2.3:o:opensuse:leap:15.1::::::: cpe:2.3:o:opensuse:leap:15.2:::::::	OR cpe:2.3:o:opensuse:leap:15.1::::::: cpe:2.3:o:opensuse:leap:15.2:::::::

CVE Modified by [email protected]

Apr. 30, 2021

Action	Type	Old Value	New Value
Added	Reference		https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E [No Types Assigned]
Added	Reference		https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E [No Types Assigned]

CVE Modified by [email protected]

Apr. 22, 2021

Action	Type	Old Value	New Value
Added	Reference		https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E [No Types Assigned]
Added	Reference		https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E [No Types Assigned]

Modified Analysis by [email protected]

Apr. 19, 2021

Action	Type	Old Value	New Value
Changed	Reference Type	http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html Mailing List, Third Party Advisory	http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html Broken Link
Changed	Reference Type	http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html Mailing List, Third Party Advisory	http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html Broken Link
Changed	Reference Type	http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html Mailing List, Third Party Advisory	http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html Broken Link
Changed	Reference Type	http://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html No Types Assigned	http://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html Exploit, Third Party Advisory, VDB Entry
Removed	CPE Configuration	OR cpe:2.3:a:opensuse:backports_sle:15.0:sp1::::::* cpe:2.3:a:opensuse:backports_sle:15.0:sp2::::::* cpe:2.3:o:opensuse:leap:15.1::::::: cpe:2.3:o:opensuse:leap:15.2:::::::
Changed	CPE Configuration	OR cpe:2.3:o:debian:debian_linux:9.0:::::::	OR cpe:2.3:o:debian:debian_linux:9.0::::::: cpe:2.3:o:opensuse:leap:15.1::::::: cpe:2.3:o:opensuse:leap:15.2:::::::

CVE Modified by [email protected]

Apr. 14, 2021

Action Type Old Value New Value

Added Reference http://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html [No Types Assigned]

Action	Type	Old Value	New Value
Added	Reference		http://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html [No Types Assigned]

Modified Analysis by [email protected]

Mar. 30, 2021

Action	Type	Old Value	New Value
Changed	Reference Type	https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html No Types Assigned	https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html Mailing List, Third Party Advisory
Added	CPE Configuration		OR cpe:2.3:o:debian:debian_linux:9.0:::::::

CVE Modified by [email protected]

Mar. 26, 2021

Action Type Old Value New Value

Added Reference https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html [No Types Assigned]

Action	Type	Old Value	New Value
Added	Reference		https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html [No Types Assigned]

Modified Analysis by [email protected]

Feb. 18, 2021

Action	Type	Old Value	New Value
Changed	Reference Type	https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E No Types Assigned	https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E Mailing List, Third Party Advisory
Changed	Reference Type	https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E No Types Assigned	https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E Mailing List, Third Party Advisory
Changed	Reference Type	https://www.tenable.com/security/tns-2021-02 No Types Assigned	https://www.tenable.com/security/tns-2021-02 Third Party Advisory

CVE Modified by [email protected]

Feb. 17, 2021

Action Type Old Value New Value

Added Reference https://www.tenable.com/security/tns-2021-02 [No Types Assigned]

Action	Type	Old Value	New Value
Added	Reference		https://www.tenable.com/security/tns-2021-02 [No Types Assigned]

CVE Modified by [email protected]

Feb. 10, 2021

Action	Type	Old Value	New Value
Added	Reference		https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E [No Types Assigned]
Added	Reference		https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E [No Types Assigned]

Modified Analysis by [email protected]

Jan. 30, 2021

Action	Type	Old Value	New Value
Changed	Reference Type	https://www.oracle.com/security-alerts/cpujan2021.html No Types Assigned	https://www.oracle.com/security-alerts/cpujan2021.html Third Party Advisory
Added	CPE Configuration		OR cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:::::::

CVE Modified by [email protected]

Jan. 20, 2021

Action Type Old Value New Value

Added Reference https://www.oracle.com/security-alerts/cpujan2021.html [No Types Assigned]

Action	Type	Old Value	New Value
Added	Reference		https://www.oracle.com/security-alerts/cpujan2021.html [No Types Assigned]

Modified Analysis by [email protected]

Dec. 22, 2020

Action	Type	Old Value	New Value
Changed	Reference Type	http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html No Types Assigned	http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html Mailing List, Third Party Advisory
Changed	Reference Type	http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html No Types Assigned	http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html Mailing List, Third Party Advisory
Changed	Reference Type	http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html No Types Assigned	http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html Mailing List, Third Party Advisory
Changed	Reference Type	https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E No Types Assigned	https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E Mailing List, Third Party Advisory
Changed	Reference Type	https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E No Types Assigned	https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E Mailing List, Third Party Advisory
Changed	Reference Type	https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E No Types Assigned	https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E Mailing List, Third Party Advisory
Changed	Reference Type	https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133@%3Ccommits.airflow.apache.org%3E No Types Assigned	https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133@%3Ccommits.airflow.apache.org%3E Mailing List, Third Party Advisory
Changed	Reference Type	https://lists.fedoraproject.org/archives/list/[email protected]/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/ No Types Assigned	https://lists.fedoraproject.org/archives/list/[email protected]/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/ Third Party Advisory
Changed	Reference Type	https://lists.fedoraproject.org/archives/list/[email protected]/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/ No Types Assigned	https://lists.fedoraproject.org/archives/list/[email protected]/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/ Third Party Advisory
Changed	Reference Type	https://lists.fedoraproject.org/archives/list/[email protected]/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/ No Types Assigned	https://lists.fedoraproject.org/archives/list/[email protected]/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/ Third Party Advisory
Changed	Reference Type	https://lists.fedoraproject.org/archives/list/[email protected]/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/ No Types Assigned	https://lists.fedoraproject.org/archives/list/[email protected]/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/ Third Party Advisory
Changed	Reference Type	https://lists.fedoraproject.org/archives/list/[email protected]/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W/ No Types Assigned	https://lists.fedoraproject.org/archives/list/[email protected]/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W/ Third Party Advisory
Changed	Reference Type	https://security.gentoo.org/glsa/202007-03 No Types Assigned	https://security.gentoo.org/glsa/202007-03 Third Party Advisory
Changed	Reference Type	https://security.netapp.com/advisory/ntap-20200511-0006/ No Types Assigned	https://security.netapp.com/advisory/ntap-20200511-0006/ Third Party Advisory
Changed	Reference Type	https://www.debian.org/security/2020/dsa-4693 No Types Assigned	https://www.debian.org/security/2020/dsa-4693 Third Party Advisory
Changed	Reference Type	https://www.drupal.org/sa-core-2020-002 No Types Assigned	https://www.drupal.org/sa-core-2020-002 Third Party Advisory
Changed	Reference Type	https://www.oracle.com/security-alerts/cpujul2020.html No Types Assigned	https://www.oracle.com/security-alerts/cpujul2020.html Third Party Advisory
Changed	Reference Type	https://www.oracle.com/security-alerts/cpuoct2020.html No Types Assigned	https://www.oracle.com/security-alerts/cpuoct2020.html Third Party Advisory
Changed	Reference Type	https://www.tenable.com/security/tns-2020-10 No Types Assigned	https://www.tenable.com/security/tns-2020-10 Third Party Advisory
Changed	Reference Type	https://www.tenable.com/security/tns-2020-11 No Types Assigned	https://www.tenable.com/security/tns-2020-11 Third Party Advisory
Added	CPE Configuration		OR cpe:2.3:a:opensuse:backports_sle:15.0:sp1::::::* cpe:2.3:a:opensuse:backports_sle:15.0:sp2::::::* cpe:2.3:o:opensuse:leap:15.1::::::: cpe:2.3:o:opensuse:leap:15.2:::::::
Added	CPE Configuration		OR cpe:2.3:a:drupal:drupal::::::::* versions from (including) 7.0 up to (excluding) 7.70 cpe:2.3:a:drupal:drupal::::::::* versions from (including) 8.7.0 up to (excluding) 8.7.14 cpe:2.3:a:drupal:drupal::::::::* versions from (including) 8.8.0 up to (excluding) 8.8.6
Added	CPE Configuration		OR cpe:2.3:o:debian:debian_linux:9.0:::::::
Added	CPE Configuration		OR cpe:2.3:o:fedoraproject:fedora:31::::::: cpe:2.3:o:fedoraproject:fedora:32::::::: cpe:2.3:o:fedoraproject:fedora:33:::::::
Added	CPE Configuration		OR cpe:2.3:a:oracle:agile_product_supplier_collaboration_for_process:6.2.0.0::::::: cpe:2.3:a:oracle:banking_digital_experience:18.1::::::: cpe:2.3:a:oracle:banking_digital_experience:18.2::::::: cpe:2.3:a:oracle:banking_digital_experience:18.3::::::: cpe:2.3:a:oracle:banking_digital_experience:19.1::::::: cpe:2.3:a:oracle:banking_digital_experience:19.2::::::: cpe:2.3:a:oracle:banking_digital_experience:20.1::::::: cpe:2.3:a:oracle:communications_application_session_controller:3.8m0::::::: cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0::::::: cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0::::::: cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\:::::::::* versions from (including) 8.0.0 up to (including) 8.2.2 cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2::::::: cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0::::::: cpe:2.3:a:oracle:enterprise_session_border_controller:8.4::::::: cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure::::::::* versions from (including) 8.0.6.0.0 up to (including) 8.1.0.0.0 cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0::::::: cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7::::::: cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0::::::: cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8::::::: cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0::::::: cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0::::::: cpe:2.3:a:oracle:financial_services_data_foundation::::::::* versions from (including) 8.0.6 up to (including) 8.1.0 cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting::::::::* versions from (including) 8.0.6 up to (including) 8.0.9 cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.6::::::: cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.7::::::: cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0::::::: cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.6::::::: cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.7::::::: cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0::::::: cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0::::::: cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6::::::: cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7::::::: cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8::::::: cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0::::::: cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning::::::::* versions from (including) 8.0.6 up to (including) 8.0.8 cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0::::::: cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8::::::: cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6::::::: cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7::::::: cpe:2.3:a:oracle:financial_services_profitability_management:8.0.6::::::: cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7::::::: cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0::::::: cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority::::::::* versions from (including) 8.0.6 up to (including) 8.1.0 cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve::::::::* versions from (including) 8.0.6 up to (including) 8.0.9 cpe:2.3:a:oracle:healthcare_foundation:7.1.1::::::: cpe:2.3:a:oracle:healthcare_foundation:7.2.0::::::: cpe:2.3:a:oracle:healthcare_foundation:7.2.1::::::: cpe:2.3:a:oracle:healthcare_foundation:7.3.0::::::: cpe:2.3:a:oracle:hospitality_materials_control:18.1::::::: cpe:2.3:a:oracle:hospitality_simphony:18.1::::::: cpe:2.3:a:oracle:hospitality_simphony:18.2::::::: cpe:2.3:a:oracle:hospitality_simphony::::::::* versions from (including) 19.1.0 up to (including) 19.1.2 cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9::::::: cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8::::::: cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0::::::: cpe:2.3:a:oracle:insurance_data_foundation::::::::* versions from (including) 8.0.6 up to (including) 8.1.0 cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting::::::::* versions from (including) 5.0.0.0 up to (including) 5.6.0.0 cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0::::::: cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0::::::: cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0::::::: cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0::::::: cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56::::::: cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57::::::: cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58::::::: cpe:2.3:a:oracle:policy_automation::::::::* versions from (including) 12.2.0 up to (including) 12.2.20 cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6::::::: cpe:2.3:a:oracle:policy_automation_for_mobile_devices::::::::* versions from (including) 12.2.0 up to (including) 12.2.20 cpe:2.3:a:oracle:retail_back_office:14.0::::::: cpe:2.3:a:oracle:retail_back_office:14.1::::::: cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0::::::: cpe:2.3:a:oracle:retail_returns_management:14.0::::::: cpe:2.3:a:oracle:retail_returns_management:14.1::::::: cpe:2.3:a:oracle:siebel_ui_framework:20.8::::::: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0::::::: cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0::::::: cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0::::::: cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0::::::: cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::
Added	CPE Configuration		OR cpe:2.3:a:netapp:oncommand_insight:-::::::: cpe:2.3:a:netapp:oncommand_system_manager::::::::* versions from (including) 3.0 up to (including) 3.1.3 cpe:2.3:a:netapp:snap_creator_framework:-::::::: cpe:2.3:a:netapp:snapcenter:-:::::::
Added	CPE Configuration		AND OR cpe:2.3:o:netapp:h300s_firmware:-::::::: OR cpe:2.3:h:netapp:h300s:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:netapp:h500s_firmware:-::::::: OR cpe:2.3:h:netapp:h500s:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:netapp:h700s_firmware:-::::::: OR cpe:2.3:h:netapp:h700s:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:netapp:h300e_firmware:-::::::: OR cpe:2.3:h:netapp:h300e:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:netapp:h500e_firmware:-::::::: OR cpe:2.3:h:netapp:h500e:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:netapp:h700e_firmware:-::::::: OR cpe:2.3:h:netapp:h700e:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:netapp:h410s_firmware:-::::::: OR cpe:2.3:h:netapp:h410s:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:netapp:h410c_firmware:-::::::: OR cpe:2.3:h:netapp:h410c:-:::::::*

CVE Modified by [email protected]

Dec. 21, 2020

Action Type Old Value New Value

Added Reference https://www.tenable.com/security/tns-2020-11 [No Types Assigned]
CVE Modified by [email protected]

Dec. 07, 2020

Action Type Old Value New Value

Added Reference https://www.tenable.com/security/tns-2020-10 [No Types Assigned]

Action	Type	Old Value	New Value
Added	Reference		https://www.tenable.com/security/tns-2020-11 [No Types Assigned]

Action	Type	Old Value	New Value
Added	Reference		https://www.tenable.com/security/tns-2020-10 [No Types Assigned]

CVE Modified by [email protected]

Nov. 30, 2020

Action	Type	Old Value	New Value
Added	Reference		https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E [No Types Assigned]

CVE Modified by [email protected]

Nov. 10, 2020

Action Type Old Value New Value

Added Reference http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html [No Types Assigned]

Action	Type	Old Value	New Value
Added	Reference		http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html [No Types Assigned]

CVE Modified by [email protected]

Nov. 06, 2020

Action	Type	Old Value	New Value
Added	Reference		https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E [No Types Assigned]
Added	Reference		https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E [No Types Assigned]

CVE Modified by [email protected]

Oct. 20, 2020

Action Type Old Value New Value

Added Reference https://www.oracle.com/security-alerts/cpuoct2020.html [No Types Assigned]
CVE Modified by [email protected]

Sep. 25, 2020

Action Type Old Value New Value

Added Reference https://lists.fedoraproject.org/archives/list/[email protected]/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/ [No Types Assigned]

Action	Type	Old Value	New Value
Added	Reference		https://www.oracle.com/security-alerts/cpuoct2020.html [No Types Assigned]

Action	Type	Old Value	New Value
Added	Reference		https://lists.fedoraproject.org/archives/list/[email protected]/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/ [No Types Assigned]

CVE Modified by [email protected]

Sep. 13, 2020

Action	Type	Old Value	New Value
Added	Reference		https://lists.fedoraproject.org/archives/list/[email protected]/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/ [No Types Assigned]
Added	Reference		https://lists.fedoraproject.org/archives/list/[email protected]/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/ [No Types Assigned]

CVE Modified by [email protected]

Aug. 20, 2020

Action	Type	Old Value	New Value
Added	Reference		https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133@%3Ccommits.airflow.apache.org%3E [No Types Assigned]

CVE Modified by [email protected]

Jul. 28, 2020

Action Type Old Value New Value

Added Reference http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html [No Types Assigned]
CVE Modified by [email protected]

Jul. 27, 2020

Action Type Old Value New Value

Added Reference https://security.gentoo.org/glsa/202007-03 [No Types Assigned]
CVE Modified by [email protected]

Jul. 26, 2020

Action Type Old Value New Value

Added Reference http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html [No Types Assigned]
CVE Modified by [email protected]

Jul. 15, 2020

Action Type Old Value New Value

Added Reference https://www.oracle.com/security-alerts/cpujul2020.html [No Types Assigned]
CVE Modified by [email protected]

Jun. 16, 2020

Action Type Old Value New Value

Added Reference https://lists.fedoraproject.org/archives/list/[email protected]/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/ [No Types Assigned]
CVE Modified by [email protected]

May. 31, 2020

Action Type Old Value New Value

Added Reference https://lists.fedoraproject.org/archives/list/[email protected]/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W/ [No Types Assigned]
CVE Modified by [email protected]

May. 27, 2020

Action Type Old Value New Value

Added Reference https://www.debian.org/security/2020/dsa-4693 [No Types Assigned]
CVE Modified by [email protected]

May. 22, 2020

Action Type Old Value New Value

Added Reference https://www.drupal.org/sa-core-2020-002 [No Types Assigned]
CVE Modified by [email protected]

May. 11, 2020

Action Type Old Value New Value

Added Reference https://security.netapp.com/advisory/ntap-20200511-0006/ [No Types Assigned]

Action	Type	Old Value	New Value
Added	Reference		http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html [No Types Assigned]

Action	Type	Old Value	New Value
Added	Reference		https://security.gentoo.org/glsa/202007-03 [No Types Assigned]

Action	Type	Old Value	New Value
Added	Reference		http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html [No Types Assigned]

Action	Type	Old Value	New Value
Added	Reference		https://www.oracle.com/security-alerts/cpujul2020.html [No Types Assigned]

Action	Type	Old Value	New Value
Added	Reference		https://lists.fedoraproject.org/archives/list/[email protected]/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/ [No Types Assigned]

Action	Type	Old Value	New Value
Added	Reference		https://lists.fedoraproject.org/archives/list/[email protected]/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W/ [No Types Assigned]

Action	Type	Old Value	New Value
Added	Reference		https://www.debian.org/security/2020/dsa-4693 [No Types Assigned]

Action	Type	Old Value	New Value
Added	Reference		https://www.drupal.org/sa-core-2020-002 [No Types Assigned]

Action	Type	Old Value	New Value
Added	Reference		https://security.netapp.com/advisory/ntap-20200511-0006/ [No Types Assigned]

Initial Analysis by [email protected]

May. 06, 2020

Action	Type	Old Value	New Value
Added	CVSS V2 Metadata		Victim must voluntarily interact with attack mechanism
Added	CVSS V2		NIST (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Added	CVSS V3.1		NIST AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Changed	Reference Type	https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/ No Types Assigned	https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/ Release Notes, Vendor Advisory
Changed	Reference Type	https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77 No Types Assigned	https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77 Patch, Third Party Advisory
Changed	Reference Type	https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2 No Types Assigned	https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2 Mitigation, Third Party Advisory
Changed	Reference Type	https://jquery.com/upgrade-guide/3.5/ No Types Assigned	https://jquery.com/upgrade-guide/3.5/ Mitigation, Vendor Advisory
Added	CWE		NIST CWE-79
Added	CPE Configuration		OR cpe:2.3:a:jquery:jquery::::::::* versions from (including) 1.2 up to (excluding) 3.5.0

CVE Modified by [email protected]

Apr. 30, 2020

Action	Type	Old Value	New Value
Changed	Description	In jQuery before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.	In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.

CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2020-11022 is associated with the following CWEs:

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2020-11022 weaknesses.

CAPEC-63: Cross-Site Scripting (XSS) Cross-Site Scripting (XSS) CAPEC-85: AJAX Footprinting AJAX Footprinting CAPEC-209: XSS Using MIME Type Mismatch XSS Using MIME Type Mismatch CAPEC-588: DOM-Based XSS DOM-Based XSS CAPEC-591: Reflected XSS Reflected XSS CAPEC-592: Stored XSS Stored XSS

CVE-2020-11022

HTTPoxy in jQuery XSS

Description

INFO

April 29, 2020, 10:15 p.m.

Nov. 7, 2023, 3:14 a.m.

Yes !

4.7

1.6

Public PoC/Exploit Available at Github

Affected Products

References to Advisories, Solutions, and Tools

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CPE Deprecation Remap by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Initial Analysis by [email protected]

CVE Modified by [email protected]

CWE - Common Weakness Enumeration

Common Attack Pattern Enumeration and Classification (CAPEC)

Exploit Prediction

6.27 }} 0.15%

0.93695

CVSS31 - Vulnerability Scoring System

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position