{ "threat_severity" : "Moderate", "public_date" : "2019-03-27T00:00:00Z", "bugzilla" : { "description" : "jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection", "id" : "1701972", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" }, "cvss3" : { "cvss3_base_score" : "5.6", "cvss3_scoring_vector" : "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "status" : "verified" }, "cwe" : "CWE-79", "details" : [ "jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.", "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences." ], "statement" : "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.", "affected_release" : [ { "product_name" : "CloudForms Management Engine 5.10", "release_date" : "2019-09-05T00:00:00Z", "advisory" : "RHSA-2019:2587", "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5.10::el7", "package" : "ansible-tower-0:3.5.2-1.el7at" }, { "product_name" : "CloudForms Management Engine 5.10", "release_date" : "2019-09-05T00:00:00Z", "advisory" : "RHSA-2019:2587", "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5.10::el7", "package" : "cfme-0:5.10.9.1-1.el7cf" }, { "product_name" : "CloudForms Management Engine 5.10", "release_date" : "2019-09-05T00:00:00Z", "advisory" : "RHSA-2019:2587", "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5.10::el7", "package" : "cfme-amazon-smartstate-0:5.10.9.1-1.el7cf" }, { "product_name" : "CloudForms Management Engine 5.10", "release_date" : "2019-09-05T00:00:00Z", "advisory" : "RHSA-2019:2587", "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5.10::el7", "package" : "cfme-appliance-0:5.10.9.1-1.el7cf" }, { "product_name" : "CloudForms Management Engine 5.10", "release_date" : "2019-09-05T00:00:00Z", "advisory" : "RHSA-2019:2587", "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5.10::el7", "package" : "cfme-gemset-0:5.10.9.1-1.el7cf" }, { "product_name" : "CloudForms Management Engine 5.10", "release_date" : "2019-09-05T00:00:00Z", "advisory" : "RHSA-2019:2587", "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5.10::el7", "package" : "ovirt-ansible-hosted-engine-setup-0:1.0.23-1.el7ev" }, { "product_name" : "CloudForms Management Engine 5.10", "release_date" : "2019-09-05T00:00:00Z", "advisory" : "RHSA-2019:2587", "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5.10::el7", "package" : "ovirt-ansible-roles-0:1.1.7-1.el7ev" }, { "product_name" : "CloudForms Management Engine 5.10", "release_date" : "2019-09-05T00:00:00Z", "advisory" : "RHSA-2019:2587", "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5.10::el7", "package" : "ovirt-ansible-vm-infra-0:1.1.19-1.el7ev" }, { "product_name" : "CloudForms Management Engine 5.10", "release_date" : "2019-09-05T00:00:00Z", "advisory" : "RHSA-2019:2587", "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5.10::el7", "package" : "v2v-conversion-host-0:1.14.2-1.el7ev" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-09-29T00:00:00Z", "advisory" : "RHSA-2020:3936", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "ipa-0:4.6.8-5.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2022-11-02T00:00:00Z", "advisory" : "RHSA-2022:7343", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "pcs-0:0.9.169-3.el7_9.3" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-11-04T00:00:00Z", "advisory" : "RHSA-2020:4670", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "idm:client-8030020200923172426.05ac3f11" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-11-04T00:00:00Z", "advisory" : "RHSA-2020:4670", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "idm:DL1-8030020200923172343.9c827e52" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-11-04T00:00:00Z", "advisory" : "RHSA-2020:4847", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "pki-core:10.6-8030020200911215836.5ff1562f" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-11-04T00:00:00Z", "advisory" : "RHSA-2020:4847", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "pki-deps:10.6-8030020200527165326.30b713e6" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2021-11-09T00:00:00Z", "advisory" : "RHSA-2021:4142", "cpe" : "cpe:/a:redhat:enterprise_linux:8::highavailability", "package" : "pcs-0:0.10.10-4.el8" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7", "release_date" : "2023-01-31T00:00:00Z", "advisory" : "RHSA-2023:0556", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4", "package" : "jquery", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date" : "2023-01-31T00:00:00Z", "advisory" : "RHSA-2023:0553", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package" : "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date" : "2023-01-31T00:00:00Z", "advisory" : "RHSA-2023:0554", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package" : "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap", "impact" : "low" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date" : "2023-01-31T00:00:00Z", "advisory" : "RHSA-2023:0552", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package" : "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap", "impact" : "low" }, { "product_name" : "Red Hat OpenShift Container Platform 3.11", "release_date" : "2020-02-19T00:00:00Z", "advisory" : "RHBA-2020:0402", "cpe" : "cpe:/a:redhat:openshift:3.11::el7", "package" : "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7" }, { "product_name" : "Red Hat OpenShift Container Platform 3.11", "release_date" : "2020-02-19T00:00:00Z", "advisory" : "RHBA-2020:0402", "cpe" : "cpe:/a:redhat:openshift:3.11::el7", "package" : "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7" }, { "product_name" : "Red Hat OpenShift Container Platform 3.11", "release_date" : "2020-02-19T00:00:00Z", "advisory" : "RHBA-2020:0402", "cpe" : "cpe:/a:redhat:openshift:3.11::el7", "package" : "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7" }, { "product_name" : "Red Hat OpenShift Container Platform 3.11", "release_date" : "2020-02-19T00:00:00Z", "advisory" : "RHBA-2020:0402", "cpe" : "cpe:/a:redhat:openshift:3.11::el7", "package" : "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7" }, { "product_name" : "Red Hat OpenShift Container Platform 3.11", "release_date" : "2020-02-19T00:00:00Z", "advisory" : "RHBA-2020:0402", "cpe" : "cpe:/a:redhat:openshift:3.11::el7", "package" : "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7" }, { "product_name" : "Red Hat OpenShift Container Platform 3.11", "release_date" : "2020-02-19T00:00:00Z", "advisory" : "RHBA-2020:0402", "cpe" : "cpe:/a:redhat:openshift:3.11::el7", "package" : "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7" }, { "product_name" : "Red Hat OpenShift Container Platform 3.11", "release_date" : "2020-02-19T00:00:00Z", "advisory" : "RHBA-2020:0402", "cpe" : "cpe:/a:redhat:openshift:3.11::el7", "package" : "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7" }, { "product_name" : "Red Hat OpenShift Container Platform 3.11", "release_date" : "2020-02-19T00:00:00Z", "advisory" : "RHBA-2020:0402", "cpe" : "cpe:/a:redhat:openshift:3.11::el7", "package" : "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7" }, { "product_name" : "Red Hat OpenShift Container Platform 3.11", "release_date" : "2020-02-19T00:00:00Z", "advisory" : "RHBA-2020:0402", "cpe" : "cpe:/a:redhat:openshift:3.11::el7", "package" : "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7" }, { "product_name" : "Red Hat OpenShift Container Platform 3.11", "release_date" : "2020-02-19T00:00:00Z", "advisory" : "RHBA-2020:0402", "cpe" : "cpe:/a:redhat:openshift:3.11::el7", "package" : "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7" }, { "product_name" : "Red Hat OpenShift Container Platform 3.11", "release_date" : "2020-02-19T00:00:00Z", "advisory" : "RHBA-2020:0402", "cpe" : "cpe:/a:redhat:openshift:3.11::el7", "package" : "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7" }, { "product_name" : "Red Hat OpenShift Container Platform 3.11", "release_date" : "2020-02-19T00:00:00Z", "advisory" : "RHBA-2020:0402", "cpe" : "cpe:/a:redhat:openshift:3.11::el7", "package" : "golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7" }, { "product_name" : "Red Hat OpenShift Container Platform 3.11", "release_date" : "2020-02-19T00:00:00Z", "advisory" : "RHBA-2020:0402", "cpe" : "cpe:/a:redhat:openshift:3.11::el7", "package" : "golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7" }, { "product_name" : "Red Hat OpenShift Container Platform 3.11", "release_date" : "2020-02-19T00:00:00Z", "advisory" : "RHBA-2020:0402", "cpe" : "cpe:/a:redhat:openshift:3.11::el7", "package" : "golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7" }, { "product_name" : "Red Hat OpenShift Container Platform 3.11", "release_date" : "2020-02-19T00:00:00Z", "advisory" : "RHBA-2020:0402", "cpe" : "cpe:/a:redhat:openshift:3.11::el7", "package" : "jenkins-0:2.204.2.1580891656-1.el7" }, { "product_name" : "Red Hat OpenShift Container Platform 3.11", "release_date" : "2020-02-19T00:00:00Z", "advisory" : "RHBA-2020:0402", "cpe" : "cpe:/a:redhat:openshift:3.11::el7", "package" : "jenkins-2-plugins-0:3.11.1579107288-1.el7" }, { "product_name" : "Red Hat OpenShift Container Platform 3.11", "release_date" : "2020-02-19T00:00:00Z", "advisory" : "RHBA-2020:0402", "cpe" : "cpe:/a:redhat:openshift:3.11::el7", "package" : "openshift-ansible-0:3.11.170-2.git.5.8802564.el7" }, { "product_name" : "Red Hat OpenShift Container Platform 3.11", "release_date" : "2020-02-19T00:00:00Z", "advisory" : "RHBA-2020:0402", "cpe" : "cpe:/a:redhat:openshift:3.11::el7", "package" : "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7" }, { "product_name" : "Red Hat OpenShift Container Platform 3.11", "release_date" : "2020-02-19T00:00:00Z", "advisory" : "RHBA-2020:0402", "cpe" : "cpe:/a:redhat:openshift:3.11::el7", "package" : "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7" }, { "product_name" : "Red Hat OpenShift Container Platform 3.11", "release_date" : "2020-02-19T00:00:00Z", "advisory" : "RHBA-2020:0402", "cpe" : "cpe:/a:redhat:openshift:3.11::el7", "package" : "openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7" }, { "product_name" : "Red Hat OpenShift Container Platform 4.5", "release_date" : "2020-07-13T00:00:00Z", "advisory" : "RHSA-2020:2412", "cpe" : "cpe:/a:redhat:openshift:4.5::el7", "package" : "openshift4/ose-console:v4.5.0-202007012112.p0" }, { "product_name" : "Red Hat OpenShift Container Platform 4.6", "release_date" : "2020-10-27T00:00:00Z", "advisory" : "RHSA-2020:4298", "cpe" : "cpe:/a:redhat:openshift:4.6::el8", "package" : "openshift4/ose-prometheus:v4.6.0-202009290409.p0" }, { "product_name" : "Red Hat OpenStack Platform 13.0 (Queens)", "release_date" : "2020-12-16T00:00:00Z", "advisory" : "RHSA-2020:5581", "cpe" : "cpe:/a:redhat:openstack:13::el7", "package" : "python-XStatic-jQuery-0:2.2.4.1-3.el7ost" }, { "product_name" : "Red Hat OpenStack Platform 13.0 (Queens) for RHEL 7.6 EUS", "release_date" : "2020-12-16T00:00:00Z", "advisory" : "RHSA-2020:5581", "cpe" : "cpe:/a:redhat:openstack:13::el7", "package" : "python-XStatic-jQuery-0:2.2.4.1-3.el7ost" }, { "product_name" : "Red Hat OpenStack Platform 15.0 (Stein)", "release_date" : "2020-04-06T00:00:00Z", "advisory" : "RHSA-2020:1325", "cpe" : "cpe:/a:redhat:openstack:15::el8", "package" : "python-XStatic-jQuery-0:3.4.1.0-1.el8ost" }, { "product_name" : "Red Hat Single Sign-On 7", "release_date" : "2023-03-01T00:00:00Z", "advisory" : "RHSA-2023:1049", "cpe" : "cpe:/a:redhat:red_hat_single_sign_on:7.6", "package" : "keycloak-idp-jquery" }, { "product_name" : "Red Hat Single Sign-On 7.3.2 zip", "release_date" : "2019-06-11T00:00:00Z", "advisory" : "RHSA-2019:1456", "cpe" : "cpe:/a:redhat:jboss_single_sign_on:7.3" }, { "product_name" : "Red Hat Single Sign-On 7.6 for RHEL 7", "release_date" : "2023-03-01T00:00:00Z", "advisory" : "RHSA-2023:1043", "cpe" : "cpe:/a:redhat:red_hat_single_sign_on:7.6::el7", "package" : "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso" }, { "product_name" : "Red Hat Single Sign-On 7.6 for RHEL 8", "release_date" : "2023-03-01T00:00:00Z", "advisory" : "RHSA-2023:1044", "cpe" : "cpe:/a:redhat:red_hat_single_sign_on:7.6::el8", "package" : "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso" }, { "product_name" : "Red Hat Single Sign-On 7.6 for RHEL 9", "release_date" : "2023-03-01T00:00:00Z", "advisory" : "RHSA-2023:1045", "cpe" : "cpe:/a:redhat:red_hat_single_sign_on:7.6::el9", "package" : "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso" }, { "product_name" : "Red Hat Virtualization Engine 4.3", "release_date" : "2019-06-20T00:00:00Z", "advisory" : "RHBA-2019:1570", "cpe" : "cpe:/a:redhat:rhev_manager:4.3", "package" : "ovirt-engine-api-explorer-0:0.0.5-1.el7ev" }, { "product_name" : "Red Hat Virtualization Engine 4.3", "release_date" : "2019-10-10T00:00:00Z", "advisory" : "RHSA-2019:3023", "cpe" : "cpe:/a:redhat:rhev_manager:4.3", "package" : "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev" }, { "product_name" : "Red Hat Virtualization Engine 4.3", "release_date" : "2019-10-10T00:00:00Z", "advisory" : "RHSA-2019:3024", "cpe" : "cpe:/a:redhat:rhev_manager:4.3", "package" : "ovirt-web-ui-0:1.6.0-1.el7ev" }, { "product_name" : "RHEL-8 based Middleware Containers", "release_date" : "2023-03-01T00:00:00Z", "advisory" : "RHSA-2023:1047", "cpe" : "cpe:/a:redhat:rhosemc:1.0::el8", "package" : "rh-sso-7/sso76-openshift-rhel8:7.6-20" } ], "package_state" : [ { "product_name" : "Red Hat 3scale API Management Platform 2", "fix_state" : "Will not fix", "package_name" : "jquery", "cpe" : "cpe:/a:redhat:red_hat_3scale_amp:2" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Will not fix", "package_name" : "ipa", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Will not fix", "package_name" : "pcp", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Will not fix", "package_name" : "python-coverage", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Will not fix", "package_name" : "python-weberror", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Will not fix", "package_name" : "ipsilon", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Will not fix", "package_name" : "pcp", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Will not fix", "package_name" : "pki-core", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Will not fix", "package_name" : "publican", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Will not fix", "package_name" : "python-coverage", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Fuse 7", "fix_state" : "Will not fix", "package_name" : "jquery", "cpe" : "cpe:/a:redhat:jboss_fuse:7" }, { "product_name" : "Red Hat OpenShift Container Platform 3.11", "fix_state" : "Will not fix", "package_name" : "openshift3/grafana", "cpe" : "cpe:/a:redhat:openshift:3.11" }, { "product_name" : "Red Hat OpenShift Container Platform 3.11", "fix_state" : "Not affected", "package_name" : "openshift3/ose-console", "cpe" : "cpe:/a:redhat:openshift:3.11" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Affected", "package_name" : "openshift4/ose-grafana", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenStack Platform 10 (Newton)", "fix_state" : "Will not fix", "package_name" : "python-XStatic-jQuery", "cpe" : "cpe:/a:redhat:openstack:10" }, { "product_name" : "Red Hat OpenStack Platform 10 (Newton)", "fix_state" : "Will not fix", "package_name" : "python-XStatic-jquery-ui", "cpe" : "cpe:/a:redhat:openstack:10" }, { "product_name" : "Red Hat OpenStack Platform 13 (Queens)", "fix_state" : "Not affected", "package_name" : "python-XStatic-jquery-ui", "cpe" : "cpe:/a:redhat:openstack:13" }, { "product_name" : "Red Hat OpenStack Platform 14 (Rocky)", "fix_state" : "Out of support scope", "package_name" : "python-XStatic-jQuery", "cpe" : "cpe:/a:redhat:openstack:14" }, { "product_name" : "Red Hat OpenStack Platform 14 (Rocky)", "fix_state" : "Out of support scope", "package_name" : "python-XStatic-jquery-ui", "cpe" : "cpe:/a:redhat:openstack:14" }, { "product_name" : "Red Hat OpenStack Platform 15 (Stein)", "fix_state" : "Not affected", "package_name" : "python-XStatic-jquery-ui", "cpe" : "cpe:/a:redhat:openstack:15" }, { "product_name" : "Red Hat OpenStack Platform 9 (Mitaka)", "fix_state" : "Will not fix", "package_name" : "python-XStatic-jQuery", "cpe" : "cpe:/a:redhat:openstack:9" }, { "product_name" : "Red Hat OpenStack Platform 9 (Mitaka)", "fix_state" : "Will not fix", "package_name" : "python-XStatic-jquery-ui", "cpe" : "cpe:/a:redhat:openstack:9" }, { "product_name" : "Red Hat Quay 3", "fix_state" : "Not affected", "package_name" : "quay", "cpe" : "cpe:/a:redhat:quay:3" }, { "product_name" : "Red Hat Satellite 5", "fix_state" : "Not affected", "package_name" : "jquery-ui", "cpe" : "cpe:/a:redhat:network_satellite:5" }, { "product_name" : "Red Hat Satellite 5", "fix_state" : "Out of support scope", "package_name" : "patternfly1", "cpe" : "cpe:/a:redhat:network_satellite:5" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Not affected", "package_name" : "tfm-rubygem-jquery-ui-rails", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Software Collections", "fix_state" : "Will not fix", "package_name" : "python27-python-coverage", "cpe" : "cpe:/a:redhat:rhel_software_collections:3" }, { "product_name" : "Red Hat Software Collections", "fix_state" : "Will not fix", "package_name" : "python27-python-werkzeug", "cpe" : "cpe:/a:redhat:rhel_software_collections:3" }, { "product_name" : "Red Hat Software Collections", "fix_state" : "Will not fix", "package_name" : "rh-python35-python-coverage", "cpe" : "cpe:/a:redhat:rhel_software_collections:3" }, { "product_name" : "Red Hat Software Collections", "fix_state" : "Will not fix", "package_name" : "rh-python36-python-coverage", "cpe" : "cpe:/a:redhat:rhel_software_collections:3" }, { "product_name" : "Red Hat Software Collections", "fix_state" : "Out of support scope", "package_name" : "rh-ror42-rubygem-jquery-rails", "cpe" : "cpe:/a:redhat:rhel_software_collections:3" }, { "product_name" : "Red Hat Software Collections", "fix_state" : "Will not fix", "package_name" : "rh-ror50-rubygem-jquery-rails", "cpe" : "cpe:/a:redhat:rhel_software_collections:3" }, { "product_name" : "Red Hat Storage 3", "fix_state" : "Not affected", "package_name" : "python-testtools", "cpe" : "cpe:/a:redhat:storage:3" }, { "product_name" : "Red Hat Virtualization 4", "fix_state" : "Out of support scope", "package_name" : "ovirt-engine-dashboard", "cpe" : "cpe:/o:redhat:rhev_hypervisor:4" }, { "product_name" : "Red Hat Virtualization 4", "fix_state" : "Out of support scope", "package_name" : "ovirt-js-dependencies", "cpe" : "cpe:/o:redhat:rhev_hypervisor:4" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2019-11358\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-11358\nhttps://blog.jquery.com/2019/04/10/jquery-3-4-0-released/\nhttps://www.drupal.org/sa-core-2019-006" ], "name" : "CVE-2019-11358", "csaw" : false }