Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-26870 (GCVE-0-2020-26870)
Vulnerability from cvelistv5 – Published: 2020-10-07 15:50 – Updated: 2024-08-04 16:03
VLAI?
EPSS
Summary
Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://research.securitum.com/mutation-xss-via-m… | x_refsource_MISC |
| https://github.com/cure53/DOMPurify/commit/02724b… | x_refsource_MISC |
| https://github.com/cure53/DOMPurify/compare/2.0.1… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2020… | mailing-listx_refsource_MLIST |
| https://portal.msrc.microsoft.com/en-US/security-… | vendor-advisoryx_refsource_MS |
| https://www.oracle.com//security-alerts/cpujul2021.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:03:22.865Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://research.securitum.com/mutation-xss-via-mathml-mutation-dompurify-2-0-17-bypass/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/cure53/DOMPurify/commit/02724b8eb048dd219d6725b05c3000936f11d62d"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/cure53/DOMPurify/compare/2.0.16...2.0.17"
},
{
"name": "[debian-lts-announce] 20201029 [SECURITY] [DLA 2419-1] dompurify.js security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00029.html"
},
{
"name": "Visual Studio Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-26870"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-20T22:54:41.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://research.securitum.com/mutation-xss-via-mathml-mutation-dompurify-2-0-17-bypass/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cure53/DOMPurify/commit/02724b8eb048dd219d6725b05c3000936f11d62d"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cure53/DOMPurify/compare/2.0.16...2.0.17"
},
{
"name": "[debian-lts-announce] 20201029 [SECURITY] [DLA 2419-1] dompurify.js security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00029.html"
},
{
"name": "Visual Studio Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-26870"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-26870",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://research.securitum.com/mutation-xss-via-mathml-mutation-dompurify-2-0-17-bypass/",
"refsource": "MISC",
"url": "https://research.securitum.com/mutation-xss-via-mathml-mutation-dompurify-2-0-17-bypass/"
},
{
"name": "https://github.com/cure53/DOMPurify/commit/02724b8eb048dd219d6725b05c3000936f11d62d",
"refsource": "MISC",
"url": "https://github.com/cure53/DOMPurify/commit/02724b8eb048dd219d6725b05c3000936f11d62d"
},
{
"name": "https://github.com/cure53/DOMPurify/compare/2.0.16...2.0.17",
"refsource": "MISC",
"url": "https://github.com/cure53/DOMPurify/compare/2.0.16...2.0.17"
},
{
"name": "[debian-lts-announce] 20201029 [SECURITY] [DLA 2419-1] dompurify.js security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00029.html"
},
{
"name": "Visual Studio Remote Code Execution Vulnerability",
"refsource": "MS",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-26870"
},
{
"name": "https://www.oracle.com//security-alerts/cpujul2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-26870",
"datePublished": "2020-10-07T15:50:09.000Z",
"dateReserved": "2020-10-07T00:00:00.000Z",
"dateUpdated": "2024-08-04T16:03:22.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2020-26870",
"date": "2026-05-19",
"epss": "0.00417",
"percentile": "0.61894"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cure53:dompurify:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.0.17\", \"matchCriteriaId\": \"1912C4C9-2CB9-4FE6-99ED-B0D60F553977\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:visual_studio_2017:15.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6290EF90-AB91-4990-8D44-4F64F49AE133\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:visual_studio_2019:16.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3886D126-9ADC-4AAF-8169-70F3DE3A7773\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:visual_studio_2019:16.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E904F8BF-C415-43BC-89BD-8AD912BEA82A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:visual_studio_2019:16.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E47AD481-C23D-4610-B9BC-844F7B8F7A28\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:visual_studio_2019:16.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BBE9B863-01E5-486C-8B9D-6DC0F78222A7\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"21.1.0.00.01\", \"matchCriteriaId\": \"8F02ECEF-AC7D-4C4C-9A95-890D135F7286\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements.\"}, {\"lang\": \"es\", \"value\": \"Cure53 DOMPurify versiones anteriores a 2.0.17, permite una mutaci\\u00f3n de XSS.\u0026#xa0;Esto ocurre porque un viaje de ida y vuelta de an\\u00e1lisis serializado no necesariamente devuelve el \\u00e1rbol DOM original, y un espacio de nombres puede cambiar de HTML a MathML, como es demostrado al anidar los elementos FORM\"}]",
"id": "CVE-2020-26870",
"lastModified": "2024-11-21T05:20:23.420",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
"published": "2020-10-07T16:15:18.030",
"references": "[{\"url\": \"https://github.com/cure53/DOMPurify/commit/02724b8eb048dd219d6725b05c3000936f11d62d\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/cure53/DOMPurify/compare/2.0.16...2.0.17\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2020/10/msg00029.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-26870\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://research.securitum.com/mutation-xss-via-mathml-mutation-dompurify-2-0-17-bypass/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com//security-alerts/cpujul2021.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/cure53/DOMPurify/commit/02724b8eb048dd219d6725b05c3000936f11d62d\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/cure53/DOMPurify/compare/2.0.16...2.0.17\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2020/10/msg00029.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-26870\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://research.securitum.com/mutation-xss-via-mathml-mutation-dompurify-2-0-17-bypass/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com//security-alerts/cpujul2021.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-26870\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2020-10-07T16:15:18.030\",\"lastModified\":\"2024-11-21T05:20:23.420\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements.\"},{\"lang\":\"es\",\"value\":\"Cure53 DOMPurify versiones anteriores a 2.0.17, permite una mutaci\u00f3n de XSS.\u0026#xa0;Esto ocurre porque un viaje de ida y vuelta de an\u00e1lisis serializado no necesariamente devuelve el \u00e1rbol DOM original, y un espacio de nombres puede cambiar de HTML a MathML, como es demostrado al anidar los elementos FORM\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cure53:dompurify:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.0.17\",\"matchCriteriaId\":\"1912C4C9-2CB9-4FE6-99ED-B0D60F553977\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2017:15.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6290EF90-AB91-4990-8D44-4F64F49AE133\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2019:16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3886D126-9ADC-4AAF-8169-70F3DE3A7773\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2019:16.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E904F8BF-C415-43BC-89BD-8AD912BEA82A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2019:16.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E47AD481-C23D-4610-B9BC-844F7B8F7A28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2019:16.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBE9B863-01E5-486C-8B9D-6DC0F78222A7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.1.0.00.01\",\"matchCriteriaId\":\"8F02ECEF-AC7D-4C4C-9A95-890D135F7286\"}]}]}],\"references\":[{\"url\":\"https://github.com/cure53/DOMPurify/commit/02724b8eb048dd219d6725b05c3000936f11d62d\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/cure53/DOMPurify/compare/2.0.16...2.0.17\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/10/msg00029.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-26870\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://research.securitum.com/mutation-xss-via-mathml-mutation-dompurify-2-0-17-bypass/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com//security-alerts/cpujul2021.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/cure53/DOMPurify/commit/02724b8eb048dd219d6725b05c3000936f11d62d\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/cure53/DOMPurify/compare/2.0.16...2.0.17\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/10/msg00029.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-26870\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://research.securitum.com/mutation-xss-via-mathml-mutation-dompurify-2-0-17-bypass/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com//security-alerts/cpujul2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
}
}
CERTFR-2021-AVI-556
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Oracle Database Server. Elles permettent à un attaquant de provoquer un déni de service, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Oracle | Database Server | Oracle Database Server 12.1.0.2, 12.2.0.1, 19c | ||
| Oracle | Database Server | Oracle Database Server versions antérieures à 21.1.0.00.04 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle Database Server 12.1.0.2, 12.2.0.1, 19c",
"product": {
"name": "Database Server",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database Server versions ant\u00e9rieures \u00e0 21.1.0.00.04",
"product": {
"name": "Database Server",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-13956",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13956"
},
{
"name": "CVE-2021-23336",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23336"
},
{
"name": "CVE-2020-11988",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11988"
},
{
"name": "CVE-2021-2337",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2337"
},
{
"name": "CVE-2021-2438",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2438"
},
{
"name": "CVE-2020-27193",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27193"
},
{
"name": "CVE-2021-2326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2326"
},
{
"name": "CVE-2021-2333",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2333"
},
{
"name": "CVE-2020-10878",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10878"
},
{
"name": "CVE-2021-2351",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2351"
},
{
"name": "CVE-2020-7760",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7760"
},
{
"name": "CVE-2021-2330",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2330"
},
{
"name": "CVE-2020-27844",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27844"
},
{
"name": "CVE-2020-26870",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26870"
},
{
"name": "CVE-2021-2460",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2460"
},
{
"name": "CVE-2021-2328",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2328"
},
{
"name": "CVE-2019-12415",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12415"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2021-2336",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2336"
},
{
"name": "CVE-2020-11987",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11987"
},
{
"name": "CVE-2021-2335",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2335"
},
{
"name": "CVE-2021-2329",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2329"
},
{
"name": "CVE-2020-25649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25649"
},
{
"name": "CVE-2021-2334",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2334"
},
{
"name": "CVE-2019-17545",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17545"
}
],
"links": [],
"reference": "CERTFR-2021-AVI-556",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-07-21T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Database\nServer. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service,\nune atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Database Server",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujul2021 du 20 juillet 2021",
"url": "https://www.oracle.com/security-alerts/cpujul2021verbose.html#DB"
}
]
}
CERTFR-2021-AVI-029
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans les produits Microsoft. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une usurpation d'identité, une exécution de code à distance, un contournement de la fonctionnalité de sécurité, une élévation de privilèges et un déni de service.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | N/A | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) | ||
| Microsoft | N/A | Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) | ||
| Microsoft | N/A | Microsoft SQL Server 2014 Service Pack 3 pour systèmes 32 bits (CU 4) | ||
| Microsoft | N/A | Microsoft SQL Server 2019 pour systèmes x64 (CU 8) | ||
| Microsoft | N/A | Microsoft SQL Server 2012 pour systèmes 32 bits Service Pack 4 (QFE) | ||
| Microsoft | N/A | HEVC Video Extensions | ||
| Microsoft | N/A | Microsoft System Center 2012 R2 Endpoint Protection | ||
| Microsoft | N/A | Microsoft SQL Server 2014 Service Pack 3 pour systèmes x64 (CU 4) | ||
| Microsoft | N/A | Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) | ||
| Microsoft | N/A | Microsoft SQL Server 2016 Service Pack 2 pour systèmes x64 (CU 15) | ||
| Microsoft | N/A | Microsoft SQL Server 2014 Service Pack 3 pour systèmes x64 (GDR) | ||
| Microsoft | N/A | Microsoft System Center Endpoint Protection | ||
| Microsoft | N/A | Microsoft Visual Studio 2019 version 16.0 | ||
| Microsoft | N/A | Bot Framework SDK pour JavaScript | ||
| Microsoft | N/A | Microsoft Security Essentials | ||
| Microsoft | N/A | Microsoft 365 Apps pour Enterprise pour systèmes 32 bits | ||
| Microsoft | N/A | Microsoft Remote Desktop pour Android | ||
| Microsoft | N/A | Microsoft 365 Apps pour Enterprise pour 64 bits Systems | ||
| Microsoft | N/A | Microsoft Visual Studio 2019 version 16.8 | ||
| Microsoft | N/A | Microsoft SQL Server 2017 pour systèmes x64 (GDR) | ||
| Microsoft | N/A | Microsoft Visual Studio 2015 Update 3 | ||
| Microsoft | Azure | Microsoft Azure Kubernetes Service | ||
| Microsoft | N/A | Microsoft SQL Server 2019 pour systèmes x64 (GDR) | ||
| Microsoft | N/A | Microsoft SQL Server 2012 pour systèmes x64 Service Pack 4 (QFE) | ||
| Microsoft | N/A | Microsoft SQL Server 2017 pour systèmes x64 (CU 22) | ||
| Microsoft | N/A | Bot Framework SDK pour Python | ||
| Microsoft | N/A | Microsoft Remote Desktop | ||
| Microsoft | N/A | Microsoft SQL Server 2016 pour systèmes x64 Service Pack 2 (GDR) | ||
| Microsoft | N/A | Microsoft SQL Server 2014 Service Pack 3 pour systèmes 32 bits (GDR) | ||
| Microsoft | N/A | Microsoft System Center 2012 Endpoint Protection |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2014 Service Pack 3 pour syst\u00e8mes 32 bits (CU 4)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2019 pour syst\u00e8mes x64 (CU 8)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2012 pour syst\u00e8mes 32 bits Service Pack 4 (QFE)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "HEVC Video Extensions",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft System Center 2012 R2 Endpoint Protection",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2014 Service Pack 3 pour syst\u00e8mes x64 (CU 4)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2016 Service Pack 2 pour syst\u00e8mes x64 (CU 15)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2014 Service Pack 3 pour syst\u00e8mes x64 (GDR)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft System Center Endpoint Protection",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2019 version 16.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Bot Framework SDK pour JavaScript",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Security Essentials",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft 365 Apps pour Enterprise pour syst\u00e8mes 32 bits",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Remote Desktop pour Android",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft 365 Apps pour Enterprise pour 64 bits Systems",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2019 version 16.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2017 pour syst\u00e8mes x64 (GDR)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2015 Update 3",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Azure Kubernetes Service",
"product": {
"name": "Azure",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2019 pour syst\u00e8mes x64 (GDR)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2012 pour syst\u00e8mes x64 Service Pack 4 (QFE)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2017 pour syst\u00e8mes x64 (CU 22)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Bot Framework SDK pour Python",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Remote Desktop",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2016 pour syst\u00e8mes x64 Service Pack 2 (GDR)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2014 Service Pack 3 pour syst\u00e8mes 32 bits (GDR)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft System Center 2012 Endpoint Protection",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-1714",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1714"
},
{
"name": "CVE-2021-1725",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1725"
},
{
"name": "CVE-2021-1647",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1647"
},
{
"name": "CVE-2021-1680",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1680"
},
{
"name": "CVE-2021-1636",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1636"
},
{
"name": "CVE-2021-1651",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1651"
},
{
"name": "CVE-2021-1669",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1669"
},
{
"name": "CVE-2021-1643",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1643"
},
{
"name": "CVE-2021-1677",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1677"
},
{
"name": "CVE-2021-1715",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1715"
},
{
"name": "CVE-2020-26870",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26870"
},
{
"name": "CVE-2021-1644",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1644"
},
{
"name": "CVE-2021-1711",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1711"
},
{
"name": "CVE-2021-1713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1713"
},
{
"name": "CVE-2021-1716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1716"
},
{
"name": "CVE-2021-1723",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1723"
}
],
"links": [],
"reference": "CERTFR-2021-AVI-029",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-01-13T00:00:00.000000"
}
],
"risks": [
{
"description": "Usurpation d\u0027identit\u00e9"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Microsoft\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es,\nune usurpation d\u0027identit\u00e9, une ex\u00e9cution de code \u00e0 distance, un\ncontournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9, une \u00e9l\u00e9vation de\nprivil\u00e8ges et un d\u00e9ni de service.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 12 janvier 2021",
"url": "https://portal.msrc.microsoft.com/fr-FR/security-guidance"
}
]
}
CERTFR-2021-AVI-556
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Oracle Database Server. Elles permettent à un attaquant de provoquer un déni de service, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Oracle | Database Server | Oracle Database Server 12.1.0.2, 12.2.0.1, 19c | ||
| Oracle | Database Server | Oracle Database Server versions antérieures à 21.1.0.00.04 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle Database Server 12.1.0.2, 12.2.0.1, 19c",
"product": {
"name": "Database Server",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database Server versions ant\u00e9rieures \u00e0 21.1.0.00.04",
"product": {
"name": "Database Server",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-13956",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13956"
},
{
"name": "CVE-2021-23336",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23336"
},
{
"name": "CVE-2020-11988",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11988"
},
{
"name": "CVE-2021-2337",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2337"
},
{
"name": "CVE-2021-2438",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2438"
},
{
"name": "CVE-2020-27193",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27193"
},
{
"name": "CVE-2021-2326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2326"
},
{
"name": "CVE-2021-2333",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2333"
},
{
"name": "CVE-2020-10878",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10878"
},
{
"name": "CVE-2021-2351",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2351"
},
{
"name": "CVE-2020-7760",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7760"
},
{
"name": "CVE-2021-2330",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2330"
},
{
"name": "CVE-2020-27844",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27844"
},
{
"name": "CVE-2020-26870",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26870"
},
{
"name": "CVE-2021-2460",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2460"
},
{
"name": "CVE-2021-2328",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2328"
},
{
"name": "CVE-2019-12415",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12415"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2021-2336",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2336"
},
{
"name": "CVE-2020-11987",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11987"
},
{
"name": "CVE-2021-2335",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2335"
},
{
"name": "CVE-2021-2329",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2329"
},
{
"name": "CVE-2020-25649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25649"
},
{
"name": "CVE-2021-2334",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2334"
},
{
"name": "CVE-2019-17545",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17545"
}
],
"links": [],
"reference": "CERTFR-2021-AVI-556",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-07-21T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Database\nServer. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service,\nune atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Database Server",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujul2021 du 20 juillet 2021",
"url": "https://www.oracle.com/security-alerts/cpujul2021verbose.html#DB"
}
]
}
CERTFR-2021-AVI-029
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans les produits Microsoft. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une usurpation d'identité, une exécution de code à distance, un contournement de la fonctionnalité de sécurité, une élévation de privilèges et un déni de service.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | N/A | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) | ||
| Microsoft | N/A | Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) | ||
| Microsoft | N/A | Microsoft SQL Server 2014 Service Pack 3 pour systèmes 32 bits (CU 4) | ||
| Microsoft | N/A | Microsoft SQL Server 2019 pour systèmes x64 (CU 8) | ||
| Microsoft | N/A | Microsoft SQL Server 2012 pour systèmes 32 bits Service Pack 4 (QFE) | ||
| Microsoft | N/A | HEVC Video Extensions | ||
| Microsoft | N/A | Microsoft System Center 2012 R2 Endpoint Protection | ||
| Microsoft | N/A | Microsoft SQL Server 2014 Service Pack 3 pour systèmes x64 (CU 4) | ||
| Microsoft | N/A | Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) | ||
| Microsoft | N/A | Microsoft SQL Server 2016 Service Pack 2 pour systèmes x64 (CU 15) | ||
| Microsoft | N/A | Microsoft SQL Server 2014 Service Pack 3 pour systèmes x64 (GDR) | ||
| Microsoft | N/A | Microsoft System Center Endpoint Protection | ||
| Microsoft | N/A | Microsoft Visual Studio 2019 version 16.0 | ||
| Microsoft | N/A | Bot Framework SDK pour JavaScript | ||
| Microsoft | N/A | Microsoft Security Essentials | ||
| Microsoft | N/A | Microsoft 365 Apps pour Enterprise pour systèmes 32 bits | ||
| Microsoft | N/A | Microsoft Remote Desktop pour Android | ||
| Microsoft | N/A | Microsoft 365 Apps pour Enterprise pour 64 bits Systems | ||
| Microsoft | N/A | Microsoft Visual Studio 2019 version 16.8 | ||
| Microsoft | N/A | Microsoft SQL Server 2017 pour systèmes x64 (GDR) | ||
| Microsoft | N/A | Microsoft Visual Studio 2015 Update 3 | ||
| Microsoft | Azure | Microsoft Azure Kubernetes Service | ||
| Microsoft | N/A | Microsoft SQL Server 2019 pour systèmes x64 (GDR) | ||
| Microsoft | N/A | Microsoft SQL Server 2012 pour systèmes x64 Service Pack 4 (QFE) | ||
| Microsoft | N/A | Microsoft SQL Server 2017 pour systèmes x64 (CU 22) | ||
| Microsoft | N/A | Bot Framework SDK pour Python | ||
| Microsoft | N/A | Microsoft Remote Desktop | ||
| Microsoft | N/A | Microsoft SQL Server 2016 pour systèmes x64 Service Pack 2 (GDR) | ||
| Microsoft | N/A | Microsoft SQL Server 2014 Service Pack 3 pour systèmes 32 bits (GDR) | ||
| Microsoft | N/A | Microsoft System Center 2012 Endpoint Protection |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2014 Service Pack 3 pour syst\u00e8mes 32 bits (CU 4)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2019 pour syst\u00e8mes x64 (CU 8)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2012 pour syst\u00e8mes 32 bits Service Pack 4 (QFE)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "HEVC Video Extensions",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft System Center 2012 R2 Endpoint Protection",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2014 Service Pack 3 pour syst\u00e8mes x64 (CU 4)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2016 Service Pack 2 pour syst\u00e8mes x64 (CU 15)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2014 Service Pack 3 pour syst\u00e8mes x64 (GDR)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft System Center Endpoint Protection",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2019 version 16.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Bot Framework SDK pour JavaScript",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Security Essentials",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft 365 Apps pour Enterprise pour syst\u00e8mes 32 bits",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Remote Desktop pour Android",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft 365 Apps pour Enterprise pour 64 bits Systems",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2019 version 16.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2017 pour syst\u00e8mes x64 (GDR)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2015 Update 3",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Azure Kubernetes Service",
"product": {
"name": "Azure",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2019 pour syst\u00e8mes x64 (GDR)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2012 pour syst\u00e8mes x64 Service Pack 4 (QFE)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2017 pour syst\u00e8mes x64 (CU 22)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Bot Framework SDK pour Python",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Remote Desktop",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2016 pour syst\u00e8mes x64 Service Pack 2 (GDR)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2014 Service Pack 3 pour syst\u00e8mes 32 bits (GDR)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft System Center 2012 Endpoint Protection",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-1714",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1714"
},
{
"name": "CVE-2021-1725",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1725"
},
{
"name": "CVE-2021-1647",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1647"
},
{
"name": "CVE-2021-1680",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1680"
},
{
"name": "CVE-2021-1636",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1636"
},
{
"name": "CVE-2021-1651",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1651"
},
{
"name": "CVE-2021-1669",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1669"
},
{
"name": "CVE-2021-1643",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1643"
},
{
"name": "CVE-2021-1677",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1677"
},
{
"name": "CVE-2021-1715",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1715"
},
{
"name": "CVE-2020-26870",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26870"
},
{
"name": "CVE-2021-1644",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1644"
},
{
"name": "CVE-2021-1711",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1711"
},
{
"name": "CVE-2021-1713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1713"
},
{
"name": "CVE-2021-1716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1716"
},
{
"name": "CVE-2021-1723",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1723"
}
],
"links": [],
"reference": "CERTFR-2021-AVI-029",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-01-13T00:00:00.000000"
}
],
"risks": [
{
"description": "Usurpation d\u0027identit\u00e9"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Microsoft\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es,\nune usurpation d\u0027identit\u00e9, une ex\u00e9cution de code \u00e0 distance, un\ncontournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9, une \u00e9l\u00e9vation de\nprivil\u00e8ges et un d\u00e9ni de service.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 12 janvier 2021",
"url": "https://portal.msrc.microsoft.com/fr-FR/security-guidance"
}
]
}
GHSA-63Q7-H895-M982
Vulnerability from github – Published: 2020-12-18 22:51 – Updated: 2022-04-28 17:58
VLAI?
Summary
Cross-site Scripting in dompurify
Details
Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements.
Severity ?
6.1 (Medium)
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "dompurify"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.0.17"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-26870"
],
"database_specific": {
"cwe_ids": [
"CWE-79"
],
"github_reviewed": true,
"github_reviewed_at": "2020-12-18T22:51:27Z",
"nvd_published_at": "2020-10-07T16:15:00Z",
"severity": "MODERATE"
},
"details": "Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements.",
"id": "GHSA-63q7-h895-m982",
"modified": "2022-04-28T17:58:51Z",
"published": "2020-12-18T22:51:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26870"
},
{
"type": "WEB",
"url": "https://github.com/cure53/DOMPurify/commit/02724b8eb048dd219d6725b05c3000936f11d62d"
},
{
"type": "PACKAGE",
"url": "https://github.com/cure53/DOMPurify"
},
{
"type": "WEB",
"url": "https://github.com/cure53/DOMPurify/compare/2.0.16...2.0.17"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00029.html"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-26870"
},
{
"type": "WEB",
"url": "https://research.securitum.com/mutation-xss-via-mathml-mutation-dompurify-2-0-17-bypass"
},
{
"type": "WEB",
"url": "https://snyk.io/vuln/SNYK-JS-DOMPURIFY-1016634"
},
{
"type": "WEB",
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "Cross-site Scripting in dompurify"
}
WID-SEC-W-2024-0117
Vulnerability from csaf_certbund - Published: 2024-01-16 23:00 - Updated: 2024-01-16 23:00Summary
Oracle Retail Applications: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle Retail Applications ist eine Sammlung von Produkten zur Unterstützung u. a. von Handelsfirmen und der Gastronomie.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Retail Applications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - UNIX
- Linux
- Windows
- Sonstiges
In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications 19.0.0.8
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.0.0.8
|
— | |
|
Oracle Retail Applications 18.0.0.14
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:18.0.0.14
|
— | |
|
Oracle Retail Applications 20.0.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:20.0.1
|
— | |
|
Oracle Retail Applications 15.0.3
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:15.0.3
|
— | |
|
Oracle Retail Applications 16.0.3
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:16.0.3
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications <= 23.0.0
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:23.0.0
|
— |
In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications 19.0.0.8
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.0.0.8
|
— | |
|
Oracle Retail Applications 18.0.0.14
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:18.0.0.14
|
— | |
|
Oracle Retail Applications 20.0.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:20.0.1
|
— | |
|
Oracle Retail Applications 15.0.3
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:15.0.3
|
— | |
|
Oracle Retail Applications 16.0.3
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:16.0.3
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications <= 23.0.0
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:23.0.0
|
— |
In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications 19.0.0.8
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.0.0.8
|
— | |
|
Oracle Retail Applications 18.0.0.14
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:18.0.0.14
|
— | |
|
Oracle Retail Applications 20.0.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:20.0.1
|
— | |
|
Oracle Retail Applications 15.0.3
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:15.0.3
|
— | |
|
Oracle Retail Applications 16.0.3
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:16.0.3
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications <= 23.0.0
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:23.0.0
|
— |
In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications 19.0.0.8
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.0.0.8
|
— | |
|
Oracle Retail Applications 18.0.0.14
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:18.0.0.14
|
— | |
|
Oracle Retail Applications 20.0.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:20.0.1
|
— | |
|
Oracle Retail Applications 15.0.3
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:15.0.3
|
— | |
|
Oracle Retail Applications 16.0.3
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:16.0.3
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications <= 23.0.0
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:23.0.0
|
— |
In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications 19.0.0.8
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.0.0.8
|
— | |
|
Oracle Retail Applications 18.0.0.14
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:18.0.0.14
|
— | |
|
Oracle Retail Applications 20.0.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:20.0.1
|
— | |
|
Oracle Retail Applications 15.0.3
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:15.0.3
|
— | |
|
Oracle Retail Applications 16.0.3
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:16.0.3
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications <= 23.0.0
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:23.0.0
|
— |
In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications 19.0.0.8
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:19.0.0.8
|
— | |
|
Oracle Retail Applications 18.0.0.14
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:18.0.0.14
|
— | |
|
Oracle Retail Applications 20.0.1
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:20.0.1
|
— | |
|
Oracle Retail Applications 15.0.3
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:15.0.3
|
— | |
|
Oracle Retail Applications 16.0.3
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:16.0.3
|
— |
Last affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Retail Applications <= 23.0.0
Oracle / Retail Applications
|
cpe:/a:oracle:retail_applications:23.0.0
|
— |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Retail Applications ist eine Sammlung von Produkten zur Unterst\u00fctzung u. a. von Handelsfirmen und der Gastronomie.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Retail Applications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0117 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0117.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0117 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0117"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - January 2024 - Appendix Oracle Retail Applications vom 2024-01-16",
"url": "https://www.oracle.com/security-alerts/cpujan2024.html#AppendixRAPP"
}
],
"source_lang": "en-US",
"title": "Oracle Retail Applications: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-01-16T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:03:46.978+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-0117",
"initial_release_date": "2024-01-16T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-01-16T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Retail Applications 16.0.3",
"product": {
"name": "Oracle Retail Applications 16.0.3",
"product_id": "T019034",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:16.0.3"
}
}
},
{
"category": "product_name",
"name": "Oracle Retail Applications 20.0.1",
"product": {
"name": "Oracle Retail Applications 20.0.1",
"product_id": "T019911",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:20.0.1"
}
}
},
{
"category": "product_name",
"name": "Oracle Retail Applications 15.0.3",
"product": {
"name": "Oracle Retail Applications 15.0.3",
"product_id": "T020721",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:15.0.3"
}
}
},
{
"category": "product_name",
"name": "Oracle Retail Applications 18.0.0.14",
"product": {
"name": "Oracle Retail Applications 18.0.0.14",
"product_id": "T032125",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:18.0.0.14"
}
}
},
{
"category": "product_name",
"name": "Oracle Retail Applications 19.0.0.8",
"product": {
"name": "Oracle Retail Applications 19.0.0.8",
"product_id": "T032126",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:19.0.0.8"
}
}
},
{
"category": "product_name",
"name": "Oracle Retail Applications \u003c= 23.0.0",
"product": {
"name": "Oracle Retail Applications \u003c= 23.0.0",
"product_id": "T032127",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_applications:23.0.0"
}
}
}
],
"category": "product_name",
"name": "Retail Applications"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-44487",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T032126",
"T032125",
"T019911",
"T020721",
"T019034"
],
"last_affected": [
"T032127"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-35887",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T032126",
"T032125",
"T019911",
"T020721",
"T019034"
],
"last_affected": [
"T032127"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-35887"
},
{
"cve": "CVE-2023-24998",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T032126",
"T032125",
"T019911",
"T020721",
"T019034"
],
"last_affected": [
"T032127"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2023-24998"
},
{
"cve": "CVE-2022-42920",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T032126",
"T032125",
"T019911",
"T020721",
"T019034"
],
"last_affected": [
"T032127"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2022-42920"
},
{
"cve": "CVE-2021-41182",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T032126",
"T032125",
"T019911",
"T020721",
"T019034"
],
"last_affected": [
"T032127"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2021-41182"
},
{
"cve": "CVE-2020-26870",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T032126",
"T032125",
"T019911",
"T020721",
"T019034"
],
"last_affected": [
"T032127"
]
},
"release_date": "2024-01-16T23:00:00.000+00:00",
"title": "CVE-2020-26870"
}
]
}
GSD-2020-26870
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-26870",
"description": "Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements.",
"id": "GSD-2020-26870"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-26870"
],
"details": "Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements.",
"id": "GSD-2020-26870",
"modified": "2023-12-13T01:22:09.004721Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-26870",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://research.securitum.com/mutation-xss-via-mathml-mutation-dompurify-2-0-17-bypass/",
"refsource": "MISC",
"url": "https://research.securitum.com/mutation-xss-via-mathml-mutation-dompurify-2-0-17-bypass/"
},
{
"name": "https://github.com/cure53/DOMPurify/commit/02724b8eb048dd219d6725b05c3000936f11d62d",
"refsource": "MISC",
"url": "https://github.com/cure53/DOMPurify/commit/02724b8eb048dd219d6725b05c3000936f11d62d"
},
{
"name": "https://github.com/cure53/DOMPurify/compare/2.0.16...2.0.17",
"refsource": "MISC",
"url": "https://github.com/cure53/DOMPurify/compare/2.0.16...2.0.17"
},
{
"name": "[debian-lts-announce] 20201029 [SECURITY] [DLA 2419-1] dompurify.js security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00029.html"
},
{
"name": "Visual Studio Remote Code Execution Vulnerability",
"refsource": "MS",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-26870"
},
{
"name": "https://www.oracle.com//security-alerts/cpujul2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003c2.0.17",
"affected_versions": "All versions before 2.0.17",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-79",
"CWE-937"
],
"date": "2021-07-20",
"description": "Cure53 DOMPurify allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements.",
"fixed_versions": [
"2.0.17"
],
"identifier": "CVE-2020-26870",
"identifiers": [
"CVE-2020-26870"
],
"not_impacted": "All versions starting from 2.0.17",
"package_slug": "npm/dompurify",
"pubdate": "2020-10-07",
"solution": "Upgrade to version 2.0.17 or above.",
"title": "Cross-site Scripting",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2020-26870",
"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-26870"
],
"uuid": "a45912cf-d5d6-4e75-9658-c99bd782738c"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cure53:dompurify:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0.17",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:microsoft:visual_studio_2017:15.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:visual_studio_2019:16.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:visual_studio_2019:16.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:visual_studio_2019:16.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:visual_studio_2019:16.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.1.0.00.01",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-26870"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://research.securitum.com/mutation-xss-via-mathml-mutation-dompurify-2-0-17-bypass/",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://research.securitum.com/mutation-xss-via-mathml-mutation-dompurify-2-0-17-bypass/"
},
{
"name": "https://github.com/cure53/DOMPurify/commit/02724b8eb048dd219d6725b05c3000936f11d62d",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/cure53/DOMPurify/commit/02724b8eb048dd219d6725b05c3000936f11d62d"
},
{
"name": "https://github.com/cure53/DOMPurify/compare/2.0.16...2.0.17",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/cure53/DOMPurify/compare/2.0.16...2.0.17"
},
{
"name": "[debian-lts-announce] 20201029 [SECURITY] [DLA 2419-1] dompurify.js security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00029.html"
},
{
"name": "Visual Studio Remote Code Execution Vulnerability",
"refsource": "MS",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-26870"
},
{
"name": "N/A",
"refsource": "N/A",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
},
"lastModifiedDate": "2022-04-27T18:49Z",
"publishedDate": "2020-10-07T16:15Z"
}
}
}
FKIE_CVE-2020-26870
Vulnerability from fkie_nvd - Published: 2020-10-07 16:15 - Updated: 2024-11-21 05:20
Severity ?
Summary
Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cure53 | dompurify | * | |
| debian | debian_linux | 9.0 | |
| microsoft | visual_studio_2017 | 15.9 | |
| microsoft | visual_studio_2019 | 16.0 | |
| microsoft | visual_studio_2019 | 16.4 | |
| microsoft | visual_studio_2019 | 16.7 | |
| microsoft | visual_studio_2019 | 16.8 | |
| oracle | application_express | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cure53:dompurify:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1912C4C9-2CB9-4FE6-99ED-B0D60F553977",
"versionEndExcluding": "2.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2017:15.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6290EF90-AB91-4990-8D44-4F64F49AE133",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2019:16.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3886D126-9ADC-4AAF-8169-70F3DE3A7773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2019:16.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E904F8BF-C415-43BC-89BD-8AD912BEA82A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2019:16.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E47AD481-C23D-4610-B9BC-844F7B8F7A28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio_2019:16.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BBE9B863-01E5-486C-8B9D-6DC0F78222A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F02ECEF-AC7D-4C4C-9A95-890D135F7286",
"versionEndExcluding": "21.1.0.00.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements."
},
{
"lang": "es",
"value": "Cure53 DOMPurify versiones anteriores a 2.0.17, permite una mutaci\u00f3n de XSS.\u0026#xa0;Esto ocurre porque un viaje de ida y vuelta de an\u00e1lisis serializado no necesariamente devuelve el \u00e1rbol DOM original, y un espacio de nombres puede cambiar de HTML a MathML, como es demostrado al anidar los elementos FORM"
}
],
"id": "CVE-2020-26870",
"lastModified": "2024-11-21T05:20:23.420",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-07T16:15:18.030",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/cure53/DOMPurify/commit/02724b8eb048dd219d6725b05c3000936f11d62d"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/cure53/DOMPurify/compare/2.0.16...2.0.17"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00029.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-26870"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://research.securitum.com/mutation-xss-via-mathml-mutation-dompurify-2-0-17-bypass/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/cure53/DOMPurify/commit/02724b8eb048dd219d6725b05c3000936f11d62d"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/cure53/DOMPurify/compare/2.0.16...2.0.17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-26870"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://research.securitum.com/mutation-xss-via-mathml-mutation-dompurify-2-0-17-bypass/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
BDU:2021-00576
Vulnerability from fstec - Published: 07.10.2020
VLAI Severity ?
Title
Уязвимость библиотеки DOMPurify, связанная с непринятием мер по защите структуры веб-старницы, позволяющая нарушителю осуществить межсайтовую сценарную атаку
Description
Уязвимость библиотеки DOMPurify связана с непринятием мер по защите структуры веб-старницы. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, осуществить межсайтовую сценарную атаку
Severity ?
Vendor
Сообщество свободного программного обеспечения, Microsoft Corp, Cure53
Software Name
Debian GNU/Linux, Microsoft Visual Studio 2019, DOMPurify, Microsoft Visual Studio 2017
Software Version
9 (Debian GNU/Linux), 16.0 (Microsoft Visual Studio 2019), от 16.0 до 16.3 включительно (Microsoft Visual Studio 2019), от 16.0 до 16.6 включительно (Microsoft Visual Studio 2019), 16.8 (Microsoft Visual Studio 2019), до 2.0.17 (DOMPurify), от 15.0 до 15.8 включительно (Microsoft Visual Studio 2017)
Possible Mitigations
Использование рекомендаций:
Для DOMPurify:
https://github.com/cure53/DOMPurify/commit/02724b8eb048dd219d6725b05c3000936f11d62d
Для программных продуктов Microsoft Corp.:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-26870
Для Debian GNU/Linux:
https://lists.debian.org/debian-lts-announce/2020/10/msg00029.html
Reference
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-26870
https://lists.debian.org/debian-lts-announce/2020/10/msg00029.html Mailing List Third Party Advisory
https://research.securitum.com/mutation-xss-via-mathml-mutation-dompurify-2-0-17-bypass/
https://github.com/cure53/DOMPurify/commit/02724b8eb048dd219d6725b05c3000936f11d62d
CWE
CWE-79
{
"CVSS 2.0": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "TO708, TO709, TO711, TO712, TO713, TO716",
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": "TO708 \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Visual Studio 2019 16.11.30, TO709 \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Visual Studio 2019 16.0.22, TO711 \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Visual Studio 2019 16.4.27, TO712 \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Visual Studio 2019 16.7.27, TO713 \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Visual Studio 2019 16.8.7, TO716 \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Visual Studio 2019 16.11.21",
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Microsoft Corp, Cure53",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "9 (Debian GNU/Linux), 16.0 (Microsoft Visual Studio 2019), \u043e\u0442 16.0 \u0434\u043e 16.3 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Microsoft Visual Studio 2019), \u043e\u0442 16.0 \u0434\u043e 16.6 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Microsoft Visual Studio 2019), 16.8 (Microsoft Visual Studio 2019), \u0434\u043e 2.0.17 (DOMPurify), \u043e\u0442 15.0 \u0434\u043e 15.8 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Microsoft Visual Studio 2017)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f DOMPurify:\nhttps://github.com/cure53/DOMPurify/commit/02724b8eb048dd219d6725b05c3000936f11d62d\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Microsoft Corp.:\nhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-26870\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://lists.debian.org/debian-lts-announce/2020/10/msg00029.html",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "07.10.2020",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "08.02.2021",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "08.02.2021",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2021-00576",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2020-26870",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, Microsoft Visual Studio 2019, DOMPurify, Microsoft Visual Studio 2017",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 DOMPurify, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u043f\u0440\u0438\u043d\u044f\u0442\u0438\u0435\u043c \u043c\u0435\u0440 \u043f\u043e \u0437\u0430\u0449\u0438\u0442\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0432\u0435\u0431-\u0441\u0442\u0430\u0440\u043d\u0438\u0446\u044b, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u0443\u044e \u0441\u0446\u0435\u043d\u0430\u0440\u043d\u0443\u044e \u0430\u0442\u0430\u043a\u0443",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0438\u043d\u044f\u0442\u0438\u0435 \u043c\u0435\u0440 \u043f\u043e \u0437\u0430\u0449\u0438\u0442\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0432\u0435\u0431-\u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b (\u0438\u043b\u0438 \\\u00ab\u041c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u0430\u044f \u0441\u0446\u0435\u043d\u0430\u0440\u043d\u0430\u044f \u0430\u0442\u0430\u043a\u0430\\\u00bb) (CWE-79)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 DOMPurify \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0438\u043d\u044f\u0442\u0438\u0435\u043c \u043c\u0435\u0440 \u043f\u043e \u0437\u0430\u0449\u0438\u0442\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0432\u0435\u0431-\u0441\u0442\u0430\u0440\u043d\u0438\u0446\u044b. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u0443\u044e \u0441\u0446\u0435\u043d\u0430\u0440\u043d\u0443\u044e \u0430\u0442\u0430\u043a\u0443",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u043d\u044a\u0435\u043a\u0446\u0438\u044f",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-26870\nhttps://lists.debian.org/debian-lts-announce/2020/10/msg00029.html Mailing List Third Party Advisory \nhttps://research.securitum.com/mutation-xss-via-mathml-mutation-dompurify-2-0-17-bypass/\nhttps://github.com/cure53/DOMPurify/commit/02724b8eb048dd219d6725b05c3000936f11d62d",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-79",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,8)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,1)"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…