RHSA-2020:5249
Vulnerability from csaf_redhat - Published: 2020-11-30 14:12 - Updated: 2026-04-01 13:12Summary
Red Hat Security Advisory: security update - Red Hat Ansible Tower 3.7.4-1 - RHEL7 Container
Severity
Moderate
Notes
Topic: Red Hat Ansible Tower 3.7.4-1 - RHEL7 Container
Details: * Fixed two jQuery vulnerabilities (CVE-2020-11022, CVE-2020-11023)
* Improved Ansible Tower's web service configuration to allow for processing more simultaneous HTTP(s) requests by default
* Updated several dependencies of Ansible Tower's User Interface to address (CVE-2020-7720, CVE-2020-7743, CVE-2020-7676)
* Updated to the latest version of python-psutil to address CVE-2019-18874
* Added several optimizations to improve performance for a variety of high-load simultaneous job launch use cases
* Fixed workflows to no longer prevent certain users from being able to edit approval nodes
* Fixed confusing behavior for social auth logins across distinct browser tabs
* Fixed launching of Job Templates that use prompt-at-launch Ansible Vault credentials
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A double free issue has been discovered in python-psutil because of the mishandling of refcounts while converting system data into Python objects in functions like psutil_disk_partitions(), psutil_users(), psutil_net_if_addrs(), and others. In particular cases, a local attacker may be able to get code execution by manipulating system resources that python-psutil then tries to convert.
7.0 (High)
Vendor Fix
For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html
https://access.redhat.com/errata/RHSA-2020:5249
A XSS flaw was found in nodejs-angular. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "\<option\>" elements in "\<select\>" ones changes parsing behavior, leading to possibly unsanitizing code.
5.4 (Medium)
Vendor Fix
For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html
https://access.redhat.com/errata/RHSA-2020:5249
A flaw was found in nodejs-node-forge. A Prototype Pollution via the util.setPath function is possible.
7.3 (High)
Vendor Fix
For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html
https://access.redhat.com/errata/RHSA-2020:5249
The package mathjs before 7.5.1 are vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates.
7.3 (High)
Vendor Fix
For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html
https://access.redhat.com/errata/RHSA-2020:5249
A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the ‘HTML’ function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.
6.1 (Medium)
Vendor Fix
For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html
https://access.redhat.com/errata/RHSA-2020:5249
A flaw was found in jQuery. HTML containing \<option\> elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.
6.1 (Medium)
Vendor Fix
For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html
https://access.redhat.com/errata/RHSA-2020:5249
Workaround
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.
References
Acknowledgments
Red Hat
Riccardo Schirone
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Ansible Tower 3.7.4-1 - RHEL7 Container",
"title": "Topic"
},
{
"category": "general",
"text": "* Fixed two jQuery vulnerabilities (CVE-2020-11022, CVE-2020-11023)\n* Improved Ansible Tower\u0027s web service configuration to allow for processing more simultaneous HTTP(s) requests by default\n* Updated several dependencies of Ansible Tower\u0027s User Interface to address (CVE-2020-7720, CVE-2020-7743, CVE-2020-7676)\n* Updated to the latest version of python-psutil to address CVE-2019-18874\n* Added several optimizations to improve performance for a variety of high-load simultaneous job launch use cases\n* Fixed workflows to no longer prevent certain users from being able to edit approval nodes\n* Fixed confusing behavior for social auth logins across distinct browser tabs\n* Fixed launching of Job Templates that use prompt-at-launch Ansible Vault credentials",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:5249",
"url": "https://access.redhat.com/errata/RHSA-2020:5249"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5249.json"
}
],
"title": "Red Hat Security Advisory: security update - Red Hat Ansible Tower 3.7.4-1 - RHEL7 Container",
"tracking": {
"current_release_date": "2026-04-01T13:12:52+00:00",
"generator": {
"date": "2026-04-01T13:12:52+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2020:5249",
"initial_release_date": "2020-11-30T14:12:30+00:00",
"revision_history": [
{
"date": "2020-11-30T14:12:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-11-30T14:12:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-01T13:12:52+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Ansible Tower 3.7 for RHEL 7",
"product": {
"name": "Red Hat Ansible Tower 3.7 for RHEL 7",
"product_id": "7Server-Ansible-Tower-3.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_tower:3.7::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Ansible Tower"
},
{
"branches": [
{
"category": "product_version",
"name": "ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64",
"product": {
"name": "ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64",
"product_id": "ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5?arch=amd64\u0026repository_url=registry.redhat.io/ansible-tower-37/ansible-tower-rhel7\u0026tag=3.7.4-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64 as a component of Red Hat Ansible Tower 3.7 for RHEL 7",
"product_id": "7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64"
},
"product_reference": "ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64",
"relates_to_product_reference": "7Server-Ansible-Tower-3.7"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Riccardo Schirone"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-18874",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2019-11-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1772014"
}
],
"notes": [
{
"category": "description",
"text": "A double free issue has been discovered in python-psutil because of the mishandling of refcounts while converting system data into Python objects in functions like psutil_disk_partitions(), psutil_users(), psutil_net_if_addrs(), and others. In particular cases, a local attacker may be able to get code execution by manipulating system resources that python-psutil then tries to convert.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-psutil: Double free because of refcount mishandling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-18874"
},
{
"category": "external",
"summary": "RHBZ#1772014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772014"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-18874",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18874"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-18874",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18874"
}
],
"release_date": "2019-11-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-30T14:12:30+00:00",
"details": "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html",
"product_ids": [
"7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5249"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-psutil: Double free because of refcount mishandling"
},
{
"cve": "CVE-2020-7676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1849206"
}
],
"notes": [
{
"category": "description",
"text": "A XSS flaw was found in nodejs-angular. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping \"\\\u003coption\\\u003e\" elements in \"\\\u003cselect\\\u003e\" ones changes parsing behavior, leading to possibly unsanitizing code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-angular: XSS due to regex-based HTML replacement",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Quay does not contain the affected component usage.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7676"
},
{
"category": "external",
"summary": "RHBZ#1849206",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849206"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7676",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7676"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-ANGULAR-570058",
"url": "https://snyk.io/vuln/SNYK-JS-ANGULAR-570058"
}
],
"release_date": "2020-05-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-30T14:12:30+00:00",
"details": "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html",
"product_ids": [
"7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5249"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-angular: XSS due to regex-based HTML replacement"
},
{
"cve": "CVE-2020-7720",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-09-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1874606"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-node-forge. A Prototype Pollution via the util.setPath function is possible.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-node-forge: prototype pollution via the util.setPath function",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Red Hat Openshift Container Storage 4 the noobaa-core container includes the affected version of node-forge as a dependency of google-p12-pem, however the vulnerable function `util.setPath` is not being used and hence this issue has been rated as having a security impact of Low.\n\nIn OpenShift Container Platform (OCP) the prometheus container is behind OpenShift OAuth restricting access to the vulnerable node-forge library to authenticated users only, therefore the impact is Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7720"
},
{
"category": "external",
"summary": "RHBZ#1874606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7720",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7720"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7720",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7720"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-NODEFORGE-598677",
"url": "https://snyk.io/vuln/SNYK-JS-NODEFORGE-598677"
}
],
"release_date": "2020-09-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-30T14:12:30+00:00",
"details": "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html",
"product_ids": [
"7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5249"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-node-forge: prototype pollution via the util.setPath function"
},
{
"cve": "CVE-2020-7743",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1887999"
}
],
"notes": [
{
"category": "description",
"text": "The package mathjs before 7.5.1 are vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mathjs: prototype pollution via the deepExtend function that runs upon configuration updates",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7743"
},
{
"category": "external",
"summary": "RHBZ#1887999",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887999"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7743",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7743"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7743",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7743"
}
],
"release_date": "2020-10-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-30T14:12:30+00:00",
"details": "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html",
"product_ids": [
"7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5249"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mathjs: prototype pollution via the deepExtend function that runs upon configuration updates"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-30T14:12:30+00:00",
"details": "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html",
"product_ids": [
"7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5249"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-30T14:12:30+00:00",
"details": "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html",
"product_ids": [
"7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5249"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-Ansible-Tower-3.7:ansible-tower-37/ansible-tower-rhel7@sha256:46d02d82c8b89dc22259fd4d8ea2febd9c64427239806da48f97b0c96be157e5_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…