Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2019-11358

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype.

CVSS v3:

  • Severity: Medium
  • Score: 6.1
  • AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
jquery / jquery - 3.4.0
debian / debian_linux 8.0 8.0.x
debian / debian_linux 9.0 9.0.x
drupal / drupal 7.0 7.66
drupal / drupal 8.5.0 8.5.15
drupal / drupal 8.6.0 8.6.15
backdropcms / backdrop 1.11.0 1.11.9
backdropcms / backdrop 1.12.0 1.12.6
fedoraproject / fedora 28 28.x
fedoraproject / fedora 29 29.x
fedoraproject / fedora 30 30.x
opensuse / leap 15.1 15.1.x
opensuse / backports_sle 15.0-sp1 15.0-sp1.x
netapp / oncommand_system_manager 3.0 3.1.3.x
redhat / cloudforms 4.7 4.7.x
redhat / virtualization_manager 4.3 4.3.x
oracle / service_bus 12.1.3.0.0 12.1.3.0.0.x
oracle / primavera_unifier 16.2 16.2.x
oracle / jd_edwards_enterpriseone_tools 9.2 9.2.x
oracle / weblogic_server 12.1.3.0.0 12.1.3.0.0.x
oracle / service_bus 11.1.1.9.0 11.1.1.9.0.x
oracle / jdeveloper 11.1.1.9.0 11.1.1.9.0.x
oracle / primavera_unifier 16.1 16.1.x
oracle / application_testing_suite 12.5.0.3 12.5.0.3.x
oracle / peoplesoft_enterprise_peopletools 8.55 8.55.x
oracle / retail_back_office 14.1 14.1.x
oracle / retail_back_office 14.0 14.0.x
oracle / peoplesoft_enterprise_peopletools 8.56 8.56.x
oracle / hospitality_guest_access 4.2.0 4.2.0.x
oracle / hospitality_guest_access 4.2.1 4.2.1.x
oracle / weblogic_server 10.3.6.0.0 10.3.6.0.0.x
oracle / communications_webrtc_session_controller 7.2 7.2.x
oracle / weblogic_server 12.2.1.3.0 12.2.1.3.0.x
oracle / financial_services_market_risk_measurement_and_management 8.0.5 8.0.5.x
oracle / financial_services_liquidity_risk_management 8.0.5.0.0 8.0.5.0.0.x
oracle / financial_services_liquidity_risk_management 8.0.4.0.0 8.0.4.0.0.x
oracle / financial_services_liquidity_risk_management 8.0.0.1.0 8.0.0.1.0.x
oracle / communications_unified_inventory_management 7.3 7.3.x
oracle / enterprise_manager_ops_center 12.3.3 12.3.3.x
oracle / agile_product_lifecycle_management_for_process 6.2.0.0 6.2.0.0.x
oracle / agile_product_lifecycle_management_for_process 6.2.1.0 6.2.1.0.x
oracle / webcenter_sites 12.2.1.3.0 12.2.1.3.0.x
oracle / business_process_management_suite 12.2.1.3.0 12.2.1.3.0.x
oracle / fusion_middleware_mapviewer 12.2.1.3.0 12.2.1.3.0.x
oracle / peoplesoft_enterprise_peopletools 8.57 8.57.x
oracle / identity_manager 12.2.1.3.0 12.2.1.3.0.x
oracle / application_testing_suite 13.1.0.1 13.1.0.1.x
oracle / application_testing_suite 13.2.0.1 13.2.0.1.x
oracle / application_testing_suite 13.3.0.1 13.3.0.1.x
oracle / retail_customer_insights 15.0 15.0.x
oracle / retail_customer_insights 16.0 16.0.x
oracle / retail_returns_management 14.0 14.0.x
oracle / retail_returns_management 14.1 14.1.x
oracle / retail_central_office 14.0 14.0.x
oracle / retail_central_office 14.1 14.1.x
oracle / communications_billing_and_revenue_management 7.5 7.5.x
oracle / communications_billing_and_revenue_management 12.0 12.0.x
oracle / primavera_unifier 18.8 18.8.x
oracle / retail_customer_management_and_segmentation_foundation 18.0 18.0.x
oracle / jdeveloper 12.2.1.3.0 12.2.1.3.0.x
oracle / bi_publisher 12.2.1.4.0 12.2.1.4.0.x
oracle / bi_publisher 12.2.1.3.0 12.2.1.3.0.x
oracle / retail_point-of-service 14.1 14.1.x
oracle / retail_point-of-service 14.0 14.0.x
oracle / policy_automation_connector_for_siebel 10.4.6 10.4.6.x
oracle / policy_automation 10.4.7 10.4.7.x
oracle / policy_automation 12.1.0 12.1.0.x
oracle / policy_automation 12.1.1 12.1.1.x
oracle / communications_operations_monitor 3.4 3.4.x
oracle / communications_operations_monitor 4.0 4.0.x
oracle / service_bus 12.2.1.3.0 12.2.1.3.0.x
oracle / primavera_unifier 17.7 17.12.x
oracle / agile_product_lifecycle_management_for_process 6.2.2.0 6.2.2.0.x
oracle / agile_product_lifecycle_management_for_process 6.2.3.0 6.2.3.0.x
oracle / financial_services_market_risk_measurement_and_management 8.0.6 8.0.6.x
oracle / financial_services_loan_loss_forecasting_and_provisioning 8.0.2 8.0.7.x
oracle / financial_services_hedge_management_and_ifrs_valuations 8.0.4 8.0.7.x
oracle / financial_services_funds_transfer_pricing 8.0.4 8.0.7.x
oracle / financial_services_data_integration_hub 8.0.5 8.0.7.x
oracle / financial_services_asset_liability_management 8.0.4 8.0.7.x
oracle / financial_services_analytical_applications_infrastructure 7.3.3 7.3.5.x
oracle / hospitality_materials_control 18.1 18.1.x
oracle / healthcare_translational_research 3.1.0 3.1.0.x
oracle / communications_unified_inventory_management 7.4.0 7.4.0.x
oracle / enterprise_manager_ops_center 12.4.0 12.4.0.x
oracle / application_testing_suite 13.3 13.3.x
oracle / banking_digital_experience 18.2 18.2.x
oracle / banking_digital_experience 18.3 18.3.x
oracle / banking_digital_experience 19.1 19.1.x
oracle / banking_digital_experience 18.1 18.1.x
oracle / weblogic_server 12.2.1.4.0 12.2.1.4.0.x
oracle / knowledge 8.6.0 8.6.3.x
oracle / peoplesoft_enterprise_peopletools 8.58 8.58.x
oracle / financial_services_liquidity_risk_management 8.0.6 8.0.6.x
oracle / financial_services_liquidity_risk_measurement_and_management 8.0.8 8.0.8.x
oracle / financial_services_liquidity_risk_measurement_and_management 8.0.7 8.0.7.x
oracle / financial_services_balance_sheet_planning 8.0.8 8.0.8.x
oracle / application_express - 19.1
oracle / weblogic_server 14.1.1.0.0 14.1.1.0.0.x
oracle / communications_element_manager 8.2.0 8.2.0.x
oracle / communications_element_manager 8.2.1 8.2.1.x
oracle / communications_element_manager 8.1.1 8.1.1.x
oracle / rest_data_services 12.2.0.1 12.2.0.1.x
oracle / rest_data_services 12.1.0.2 12.1.0.2.x
oracle / rest_data_services 11.2.0.4 11.2.0.4.x
oracle / rest_data_services 18c 18c.x
oracle / rest_data_services 19c 19c.x
oracle / retail_customer_management_and_segmentation_foundation 19.0 19.0.x
oracle / healthcare_foundation 7.2.0 7.2.0.x
oracle / healthcare_foundation 7.3.0 7.3.0.x
oracle / healthcare_foundation 7.1.1 7.1.1.x
oracle / communications_billing_and_revenue_management 12.0.0.3.0 12.0.0.3.0.x
oracle / communications_billing_and_revenue_management 7.5.0.23.0 7.5.0.23.0.x
oracle / financial_services_data_governance_for_us_regulatory_reporting 8.0.6 8.0.9.x
oracle / hospitality_simphony 19.1.0 19.1.2.x
oracle / banking_digital_experience 19.2 19.2.x
oracle / financial_services_profitability_management 8.1.0 8.1.0.x
oracle / banking_digital_experience 20.1 20.1.x
oracle / financial_services_loan_loss_forecasting_and_provisioning 8.1.0 8.1.0.x
oracle / financial_services_basel_regulatory_capital_internal_ratings_based_approach 8.1.0 8.1.0.x
oracle / siebel_ui_framework 20.8 20.8.x
oracle / communications_application_session_controller 3.8m0 3.8m0.x
oracle / financial_services_institutional_performance_analytics 8.1.0 8.1.0.x
oracle / insurance_insbridge_rating_and_underwriting 5.0.0.0 5.6.0.0.x
oracle / financial_services_liquidity_risk_measurement_and_management 8.1.0 8.1.0.x
oracle / financial_services_basel_regulatory_capital_basic 8.1.0 8.1.0.x
oracle / insurance_allocation_manager_for_enterprise_profitability 8.0.8 8.0.8.x
oracle / insurance_insbridge_rating_and_underwriting 5.6.1.0 5.6.1.0.x
oracle / hospitality_simphony 18.1 18.1.x
oracle / financial_services_data_integration_hub 8.1.0 8.1.0.x
oracle / insurance_accounting_analyzer 8.0.9 8.0.9.x
oracle / financial_services_hedge_management_and_ifrs_valuations 8.1.0 8.1.0.x
oracle / financial_services_analytical_applications_reconciliation_framework 8.1.0 8.1.0.x
oracle / insurance_allocation_manager_for_enterprise_profitability 8.1.0 8.1.0.x
oracle / hospitality_simphony 18.2 18.2.x
oracle / financial_services_asset_liability_management 8.1.0 8.1.0.x
oracle / enterprise_manager_ops_center 12.4.0.0 12.4.0.0.x
oracle / enterprise_session_border_controller 8.4 8.4.x
oracle / financial_services_market_risk_measurement_and_management 8.0.8 8.0.8.x
oracle / jdeveloper 12.2.1.4.0 12.2.1.4.0.x
oracle / financial_services_funds_transfer_pricing 8.1.0 8.1.0.x
oracle / communications_services_gatekeeper 7.0 7.0.x
oracle / communications_session_report_manager 8.1.1 8.1.1.x
oracle / communications_session_report_manager 8.2.0 8.2.0.x
oracle / communications_session_report_manager 8.2.1 8.2.1.x
oracle / communications_session_route_manager 8.1.1 8.1.1.x
oracle / communications_session_route_manager 8.2.0 8.2.0.x
oracle / communications_session_route_manager 8.2.1 8.2.1.x
oracle / primavera_gateway 16.2.0 16.2.11.x
oracle / communications_diameter_signaling_router 8.2.1 8.2.1.x
oracle / communications_diameter_signaling_router 8.0.0 8.0.0.x
oracle / communications_diameter_signaling_router 8.1 8.1.x
oracle / communications_diameter_signaling_router 8.2 8.2.x
oracle / primavera_gateway 17.12.0 17.12.7.x
oracle / financial_services_regulatory_reporting_for_de_nederlandsche_bank 8.0.4 8.0.4.x
oracle / banking_enterprise_collections 2.7.0 2.8.0.x
oracle / banking_platform 2.4.0 2.10.0.x
oracle / primavera_gateway 19.12.0 19.12.4.x
oracle / primavera_gateway 18.8.0 18.8.9.x
oracle / communications_operations_monitor 4.1 4.3.x
oracle / communications_analytics 12.1.1 12.1.1.x
oracle / healthcare_translational_research 3.3.1 3.3.1.x
oracle / healthcare_translational_research 3.3.2 3.3.2.x
oracle / healthcare_translational_research 3.4.0 3.4.0.x
oracle / healthcare_translational_research 3.2.1 3.2.1.x
oracle / primavera_gateway 15.2.18 15.2.18.x
oracle / big_data_discovery 1.6 1.6.x
oracle / business_process_management_suite 12.2.1.4.0 12.2.1.4.0.x
oracle / bi_publisher 5.5.0.0.0 5.5.0.0.0.x
oracle / transportation_management 1.4.3 1.4.3.x
oracle / agile_product_lifecycle_management_for_process 6.1 6.1.x
oracle / jdeveloper_and_adf 11.1.1.9.0 11.1.1.9.0.x
oracle / jdeveloper_and_adf 12.1.3.0.0 12.1.3.0.0.x
oracle / jdeveloper_and_adf 12.2.1.3.0 12.2.1.3.0.x
oracle / financial_services_retail_performance_analytics 8.0.6 8.0.6.x
oracle / financial_services_retail_performance_analytics 8.0.7 8.0.7.x
oracle / financial_services_enterprise_financial_performance_analytics 8.0.6 8.0.6.x
oracle / financial_services_enterprise_financial_performance_analytics 8.0.7 8.0.7.x
oracle / healthcare_foundation 7.2.2 7.2.2.x
oracle / application_testing_suite 13.2 13.2.x
oracle / application_service_level_management 13.2.0.0 13.2.0.0.x
oracle / application_service_level_management 13.3.0.0 13.3.0.0.x
oracle / communications_operations_monitor 4.1.0 4.1.0.x
oracle / storagetek_tape_analytics_sw_tool 2.3.0 2.3.0.x
oracle / diagnostic_assistant 2.12.36 2.12.36.x
oracle / siebel_mobile_applications - 19.8.x
oracle / policy_automation 12.2.0 12.2.15.x
oracle / policy_automation_for_mobile_devices 12.2.0 12.2.15.x
oracle / utilities_mobile_workforce_management 2.3.0.1 2.3.0.3.x
oracle / tape_library_acsls 8.5.1 8.5.1.x
oracle / tape_library_acsls 8.5 8.5.x
oracle / communications_interactive_session_recorder 6.0 6.4.x
oracle / real-time_scheduler 2.3.0.1 2.3.0.3.x
oracle / financial_services_institutional_performance_analytics 8.0.4 8.0.7.x
oracle / financial_services_data_foundation 8.0.4 8.0.8.x
oracle / financial_services_liquidity_risk_management 8.0.2 8.0.2.x
oracle / financial_services_analytical_applications_reconciliation_framework 8.0.4 8.0.7.x
oracle / financial_services_basel_regulatory_capital_internal_ratings_based_approach 8.0.4 8.0.7.x
oracle / financial_services_basel_regulatory_capital_basic 8.0.4 8.0.7.x
oracle / financial_services_analytical_applications_infrastructure 8.0.2 8.1.0.x
oracle / system_utilities 19.1 19.1.x
oracle / insurance_performance_insight 8.0.7 8.0.7.x
oracle / insurance_ifrs_17_analyzer 8.0.6 8.0.6.x
oracle / insurance_ifrs_17_analyzer 8.0.7 8.0.7.x
oracle / financial_services_revenue_management_and_billing 2.4.0.1 2.4.0.1.x
oracle / financial_services_regulatory_reporting_for_european_banking_authority 8.0.7 8.0.7.x
oracle / insurance_data_foundation 8.0.4 8.0.7.x
oracle / financial_services_revenue_management_and_billing 2.4.0.0 2.4.0.0.x
oracle / financial_services_retail_customer_analytics 8.0.4 8.0.6.x
oracle / financial_services_regulatory_reporting_for_us_federal_reserve 8.0.4 8.0.7.x
oracle / financial_services_regulatory_reporting_for_european_banking_authority 8.0.6 8.0.6.x
oracle / financial_services_price_creation_and_discovery 8.0.4 8.0.7.x
oracle / financial_services_profitability_management 8.0.4 8.0.7.x
oracle / communications_eagle_application_processor 16.1.0 16.4.0.x
Joomla / joomla 3.0.0 3.9.4.x
jquery - 3.4.0
juniper / junos 21.2 21.2.x
debian / debian_linux 10.0 10.0.x