rpm package
almalinux/python3-jwcrypto
pkg:rpm/almalinux/python3-jwcrypto
Vulnerabilities (24)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-10735 | — | < 0.5.0-1.module_el8.5.0+2641+983b221b | 0.5.0-1.module_el8.5.0+2641+983b221b | Jan 9, 2019 | In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041. | ||
| CVE-2018-14042 | Med | 6.1 | < 0.5.0-1.module_el8.5.0+2641+983b221b | 0.5.0-1.module_el8.5.0+2641+983b221b | Jul 13, 2018 | In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. | |
| CVE-2018-14040 | Med | 6.1 | < 0.5.0-1.module_el8.5.0+2641+983b221b | 0.5.0-1.module_el8.5.0+2641+983b221b | Jul 13, 2018 | In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute. | |
| CVE-2015-9251 | Med | 6.1 | < 0.5.0-1.module_el8.5.0+2641+983b221b | 0.5.0-1.module_el8.5.0+2641+983b221b | Jan 18, 2018 | jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. |
- CVE-2016-10735Jan 9, 2019affected < 0.5.0-1.module_el8.5.0+2641+983b221bfixed 0.5.0-1.module_el8.5.0+2641+983b221b
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
- affected < 0.5.0-1.module_el8.5.0+2641+983b221bfixed 0.5.0-1.module_el8.5.0+2641+983b221b
In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
- affected < 0.5.0-1.module_el8.5.0+2641+983b221bfixed 0.5.0-1.module_el8.5.0+2641+983b221b
In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
- affected < 0.5.0-1.module_el8.5.0+2641+983b221bfixed 0.5.0-1.module_el8.5.0+2641+983b221b
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
Page 2 of 2