Lucene search
Basic search
Lucene search
Search by product
Subscribe
K
Start 30-day trial
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
SIGN IN
OracleLinux
ELSA-2020-4670
History
Nov 10, 2020 - 12:00 a.m.
idm:DL1 and idm:client security, bug fix, and enhancement update
Vulners
Oraclelinux
idm:DL1 and idm:client security, bug fix, and enhancement update
2020-11-10
00:00:00
linux.oracle.com
106
0.061 Low
EPSS
Percentile
93.6%
JSON
bind-dyndb-ldap
[11.3-1]
New upstream release
Resolves: rhbz#1845211
ipa
[4.8.7-12.0.1]
Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674]
[4.8.7-12]
Require selinux sub package in the proper version
Related: RHBZ#1868432
SELinux: do not double-define node_t and pki_tomcat_cert_t
Related: RHBZ#1868432
SELinux: add dedicated policy for ipa-pki-retrieve-key + ipatests
Related: RHBZ#1868432
dogtaginstance.py
: add --debug to pkispawn
Resolves: RHBZ#1879604
[4.8.7-11]
SELinux Policy: let custodia replicate keys
Resolves: RHBZ#1868432
[4.8.7-10]
Set mode of /etc/ipa/ca.crt to 0644 in CA-less installations
Resolves: RHBZ#1870202
[4.8.7-9]
CAless installation: set the perms on KDC cert file
Resolves: RHBZ#1863616
EPN: handle empty attributes
Resolves: RHBZ#1866938
IPA-EPN: enhance input validation
Resolves: RHBZ#1866291
EPN: enhance input validation
Resolves: RHBZ#1863079
Require new samba build 4.12.3-52
Related: RHBZ#1868558
Require new selinux-policy build 3.14.3-52
Related: RHBZ#1869311
[4.8.7-8]
[WebUI] IPA Error 3007: RequirmentError while adding members in
User ID overrides tab (updated)
Resolves: RHBZ#1757045
ipa-client-install: use the authselect backup during uninstall
Resolves: RHBZ#1810179
Replace SSLCertVerificationError with CertificateError for py36
Resolves: RHBZ#1858318
Fix AVC denial during ipa-adtrust-install --add-agents
Resolves: RHBZ#1859213
[4.8.7-7]
replica install failing with avc denial for custodia component
Resolves: RHBZ#1857157
[4.8.7-6]
selinux dont audit rules deny fetching trust topology
Resolves: RHBZ#1845596
fix iPAddress cert issuance for >1 host/service
Resolves: RHBZ#1846352
Specify cert_paths when calling PKIConnection
Resolves: RHBZ#1849155
Update crypto policy to allow AD-SUPPORT when installing IPA
Resolves: RHBZ#1851139
Add version to ipa-idoverride-memberof obsoletes
Related: RHBZ#1846434
[4.8.7-5]
Add missing ipa-selinux package
Resolves: RHBZ#1853263
[4.8.7-4]
Remove client-epn left over files for ONLY_CLIENT
Related: RHBZ#1847999
[4.8.7-3]
[WebUI] IPA Error 3007: RequirmentError while adding members in
User ID overrides tab
Resolves: RHBZ#1757045
EPN does not ship its default configuration ( /etc/ipa/epn.conf ) in
freeipa-client-epn
Resolves: RHBZ#1847999
FreeIPA - Utilize 256-bit AJP connector passwords
Resolves: RHBZ#1849914
ipa: typo issue in ipanthomedirectoryrive deffinition
Resolves: RHBZ#1851411
[4.8.7-2]
Remove ipa-idoverride-memberof as superceded by ipa-server 4.8.7
Resolves: RHBZ#1846434
[4.8.7-1]
Upstream release FreeIPA 4.8.7
Require new samba build 4.12.3-0
Related: RHBZ#1818765
New client-epn sub package
Resolves: RHBZ#913799
ipa-healthcheck
[0.4-6]
The core subpackage can be installed standalone, drop the Requires
on the base package. (#1852244)
Add Conflicts < 0.4 to to core to allow downgrading with
–allowerasing (#1852244)
[0.4-5]
Remove the Obsoletes < 0.4 and add same-version Requires to each
subpackage so that upgrades from 0.3 will work (#1852244)
opendnssec
[2.1.6-2]
Resolves: rhbz#1831732 AVC avc: denied { dac_override } for comm=ods-enforcerd
[2.1.6-1]
Resolves: rhbz#1759888 Rebase OpenDNSSEC to 2.1
slapi-nis
[0.56.5-4]
Ignore unmatched searches
Resolves: rhbz#1874015
[0.56.5-3]
Fix memory leaks in ID views processing
Resolves: rhbz#1875348
[0.56.5-2]
Initialize map lock in NIS plugin
Resolves: rhbz#1832331
[0.56.5-1]
Upstream release 0.56.5
Resolves: rhbz#1751295: (2) When sync-repl is enabled, slapi-nis can deadlock during retrochanglog trimming
Resolves: rhbz#1768156: ERR - schemacompat - map rdlock: old way MAP_MONITOR_DISABLED
softhsm
[2.6.0-3]
Fixes: rhbz#1834909 - softhsm use-after-free on process exit
Synchronize the final fix with Fedora
[2.6.0-2]
Fixes: rhbz#1834909 - softhsm use-after-free on process exit
[2.6.0-1]
Fixes: rhbz#1818877 - rebase to softhsm 2.6.0+
Fixes: rhbz#1701233 - support setting supported signature methods on the token
Affected Package
OS
Version
Architecture
Package
Version
Filename
oracle linux
8
src
bind-dyndb-ldap
< 11.3-1.module
bind-dyndb-ldap-11.3-1.module+el8.3.0+7868+2151076c.src.rpm
oracle linux
8
src
custodia
< 0.6.0-3.module
custodia-0.6.0-3.module+el8.3.0+7868+2151076c.src.rpm
oracle linux
8
src
ipa
< 4.8.7-12.0.1.module
ipa-4.8.7-12.0.1.module+el8.3.0+7868+2151076c.src.rpm
oracle linux
8
src
ipa-healthcheck
< 0.4-6.module
ipa-healthcheck-0.4-6.module+el8.3.0+7868+2151076c.src.rpm
oracle linux
8
src
opendnssec
< 2.1.6-2.module
opendnssec-2.1.6-2.module+el8.3.0+7868+2151076c.src.rpm
oracle linux
8
src
python-jwcrypto
< 0.5.0-1.module
python-jwcrypto-0.5.0-1.module+el8.3.0+7868+2151076c.src.rpm
oracle linux
8
src
python-kdcproxy
< 0.4-5.module
python-kdcproxy-0.4-5.module+el8.3.0+7868+2151076c.src.rpm
oracle linux
8
src
python-qrcode
< 5.1-12.module
python-qrcode-5.1-12.module+el8.3.0+7868+2151076c.src.rpm
oracle linux
8
src
python-yubico
< 1.3.2-9.module
python-yubico-1.3.2-9.module+el8.3.0+7868+2151076c.src.rpm
oracle linux
8
src
pyusb
< 1.0.0-9.module
pyusb-1.0.0-9.module+el8.3.0+7868+2151076c.src.rpm
Rows per page:
10
1-10 of 82
1
Related
nessus 36
centos 1
redhat 16
almalinux 2
rocky 2
osv 14
oraclelinux 2
amazon 1
ibm 40
laminas 1
ics 2
hackerone 2
atlassian 2
altlinux 1
rubygems 1
openvas 4
jvn 1
nvd 5
prion 6
github 7
debiancve 6
cve 5
cvelist 6
redhatcve 4
ubuntucve 6
gitlab 5
f5 4
veracode 6
cloudfoundry 1
alpinelinux 1
attackerkb 1
githubexploit 2
freebsd 1
typo3 1
nodejs 1
cbl_mariner 2
debian 1
nessus
nessus
36
CentOS 8 : idm:DL1 and idm:client (CESA-2020:4670)
2021-02-01 00:00:00
Scientific Linux Security Update : ipa on SL7.x x86_64 (20201001)
2020-10-21 00:00:00
NewStart CGSL CORE 5.04 / MAIN 5.04 : ipa Multiple Vulnerabilities (NS-SA-2021-0045)
2021-03-10 00:00:00
centos
centos
ipa, python2 security update
2020-10-20 18:15:27
redhat
redhat
16
(RHSA-2020:3936) Moderate: ipa security, bug fix, and enhancement update
2020-09-29 07:44:46
(RHSA-2020:4670) Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update
2020-11-03 12:25:36
(RHSA-2019:3023) Moderate: ovirt-engine-ui-extensions security and bug fix update
2019-10-10 14:49:36
almalinux
almalinux
Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update
2020-11-03 12:25:36
Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
2020-11-03 12:29:58
rocky
rocky
idm:DL1 and idm:client security, bug fix, and enhancement update
2020-11-03 12:25:36
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
2020-11-03 12:29:58
osv
osv
14
Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update
2020-11-03 12:25:36
Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update
2020-11-03 12:25:36
Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
2020-11-03 12:29:58
oraclelinux
oraclelinux
ipa security, bug fix, and enhancement update
2020-10-06 00:00:00
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
2020-11-10 00:00:00
amazon
amazon
Medium: ipa
2020-10-22 17:40:00
ibm
ibm
40
Security Bulletin: Multiple security vulnerabilities in bootstrap.js may affect IBM Business Automation Workflow
2023-06-05 20:05:15
Security Bulletin: Open Source Dependency Vulnerability
2023-05-15 17:25:05
Security Bulletin: There are several vulnerabilities in Bootstrap used by IBM Maximo Asset Management
2023-04-04 16:40:26
laminas
laminas
XSS vectors in laminas-api-tools/api-tools
2020-04-01 21:30:00
ics
ics
Mitsubishi Electric EcoWebServerIII
2022-02-24 12:00:00
AVEVA InTouch Access Anywhere
2018-07-31 12:00:00
hackerone
hackerone
Sifchain: Vulnerable javascript dependency at Main domain
2021-05-07 20:48:11
Sifchain: Cross-site Scripting (XSS) possible at https://sifchain.finance// via CVE-2019-8331 exploitation
2021-06-05 15:52:39
atlassian
atlassian
Jira uses vulnerable jQuery version CVE-2015-9251
2020-04-20 13:29:57
Update jQuery to avoid CVE-2020-11022, CVE-2020-11023, and CVE-2015-9251
2021-02-16 18:28:38
altlinux
altlinux
Security fix for the ALT Linux 9 package phpipam version 1.42.027-alt1
2020-10-21 00:00:00
rubygems
rubygems
XSS vulnerabilities via data-parent, data-target, data-container in bootstrap
2018-07-02 21:00:00
openvas
openvas
4
Pi-hole Web Interface < 5.0 Multiple Vulnerabilities
2020-05-12 00:00:00
jQuery < 3.0.0 XSS Vulnerability
2018-11-01 00:00:00
Tenable Nessus Network Monitor < 5.11.0 Multiple Vulnerabilities (TNS-2019-08)
2022-12-20 00:00:00
jvn
jvn
JVN#06527859: KinagaCMS vulnerable to cross-site scripting
2019-03-15 00:00:00
nvd
nvd
5
CVE-2018-20676
2019-01-09 05:29:01
CVE-2018-20677
2019-01-09 05:29:01
CVE-2018-14042
2018-07-13 14:29:00
prion
prion
6
Design/Logic Flaw
2019-01-09 05:29:00
Design/Logic Flaw
2019-01-09 05:29:00
Design/Logic Flaw
2018-07-13 14:29:00
github
github
7
XSS vulnerability that affects bootstrap
2019-01-17 13:57:34
bootstrap Cross-site Scripting vulnerability
2019-01-17 13:57:56
Cross-Site Scripting (XSS) in jquery
2018-01-22 13:32:06
debiancve
debiancve
6
CVE-2018-20676
2019-01-09 05:29:01
CVE-2018-20677
2019-01-09 05:29:01
CVE-2018-14042
2018-07-13 14:29:00
cve
cve
5
CVE-2018-20677
2019-01-09 05:29:01
CVE-2018-20676
2019-01-09 05:29:01
CVE-2015-9251
2018-01-18 23:29:00
cvelist
cvelist
6
CVE-2018-20677
2019-01-09 05:00:00
CVE-2015-9251
2018-01-18 23:00:00
CVE-2018-14042
2018-07-13 14:00:00
redhatcve
redhatcve
4
CVE-2018-20676
2020-04-04 17:27:53
CVE-2018-20677
2020-04-08 22:13:21
CVE-2018-14042
2018-07-16 23:20:34
ubuntucve
ubuntucve
6
CVE-2018-20676
2019-01-09 00:00:00
CVE-2018-20677
2019-01-09 00:00:00
CVE-2018-14042
2018-07-13 00:00:00
gitlab
gitlab
5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
2019-01-09 00:00:00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
2019-01-09 00:00:00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
2018-07-13 00:00:00
f5
f5
4
K19785240 : Bootstrap vulnerability CVE-2018-14042
2021-11-19 00:00:00
K29562170 : jQuery vulnerability CVE-2015-9251
2020-02-19 00:00:00
K24383845 : Bootstrap vulnerability CVE-2019-8331
2019-04-10 00:00:00
veracode
veracode
6
Cross-Site Scripting (XSS)
2019-01-10 01:52:43
Cross-site Scripting (XSS)
2019-01-10 01:44:15
Cross-site Scripting (XSS)
2018-05-31 04:13:41
cloudfoundry
cloudfoundry
CVE-2015-9251: UAA contains vulnerable jQuery version | Cloud Foundry
2019-07-08 00:00:00
alpinelinux
alpinelinux
CVE-2015-9251
2018-01-18 23:29:00
attackerkb
attackerkb
CVE-2015-9251
2018-01-18 00:00:00
githubexploit
githubexploit
Exploit for Cross-site Scripting in Getbootstrap Bootstrap
2020-12-01 09:18:58
Exploit for Cross-site Scripting in Jquery
2020-04-14 19:12:01
freebsd
freebsd
rt -- XSS via jQuery
2019-03-05 00:00:00
typo3
typo3
Cross-Site Scripting in Bootstrap CSS toolkit before 3.4.1 and 4.3.0
2019-05-07 00:00:00
nodejs
nodejs
Cross-Site Scripting
2019-05-22 18:03:13
cbl_mariner
cbl_mariner
CVE-2018-14040 affecting package boost 1.66.0-4
2024-06-29 09:08:28
CVE-2018-14040 affecting package reaper for versions less than 3.1.1-1
2024-06-29 09:08:33
debian
debian
[SECURITY] [DLA 1479-1] twitter-bootstrap3 security update
2018-08-27 19:56:11
0.061 Low
EPSS
Percentile
93.6%
JSON
Related for ELSA-2020-4670
nessus
36
centos
1
redhat
16
almalinux
2
rocky
2
osv
14
oraclelinux
2
amazon
1
ibm
40
laminas
1
ics
2
hackerone
2
atlassian
2
altlinux
1
rubygems
1
openvas
4
jvn
1
nvd
5
prion
6
github
7
debiancve
6
cve
5
cvelist
6
redhatcve
4
ubuntucve
6
gitlab
5
f5
4
veracode
6
cloudfoundry
1
alpinelinux
1
attackerkb
1
githubexploit
2
freebsd
1
typo3
1
nodejs
1
cbl_mariner
2
debian
1