rpm package
suse/spacewalk-client-tools&distro=SUSE Manager Proxy 3.2
pkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Manager%20Proxy%203.2
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-11022 | Med | 6.9 | < 2.8.22.8-3.15.1 | 2.8.22.8-3.15.1 | Apr 29, 2020 | In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. | |
| CVE-2018-17197 | — | < 2.8.22.4-3.3.13 | 2.8.22.4-3.3.13 | Dec 24, 2018 | A carefully crafted or corrupt sqlite file can cause an infinite loop in Apache Tika's SQLite3Parser in versions 1.8-1.19.1 of Apache Tika. |
- affected < 2.8.22.8-3.15.1fixed 2.8.22.8-3.15.1
In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
- CVE-2018-17197Dec 24, 2018affected < 2.8.22.4-3.3.13fixed 2.8.22.4-3.3.13
A carefully crafted or corrupt sqlite file can cause an infinite loop in Apache Tika's SQLite3Parser in versions 1.8-1.19.1 of Apache Tika.