CVE-2020-11022 (CNNVD-202004-2429)
MEDIUM
有利用代码
中文标题:
jQuery 跨站脚本漏洞
英文标题:
Potential XSS vulnerability in jQuery
CVSS分数:
6.9
发布时间:
2020-04-29 00:00:00
漏洞类型:
跨站脚本
状态:
PUBLISHED
数据质量分数:
0.30
数据版本:
v4
漏洞描述
中文描述:
jQuery是美国John Resig个人开发者的一套开源、跨浏览器的JavaScript库。该库简化了HTML与JavaScript之间的操作,并具有模块化、插件扩展等特点。 jQuery 1.2版本至3.5.0之前版本中存在跨站脚本漏洞。该漏洞源于WEB应用缺少对客户端数据的正确验证。攻击者可利用该漏洞执行客户端代码。
英文描述:
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CWE类型:
CWE-79
标签:
webapps
multiple
Central InfoSec
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| jquery | jQuery | >= 1.2, < 3.5.0 | - | - |
cpe:2.3:a:jquery:jquery:>=_1.2,_<_3.5.0:*:*:*:*:*:*:*
|
| jquery | jquery | * | - | - |
cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*
|
| drupal | drupal | * | - | - |
cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
|
| debian | debian_linux | 9.0 | - | - |
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
|
| fedoraproject | fedora | 31 | - | - |
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
|
| fedoraproject | fedora | 32 | - | - |
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
|
| fedoraproject | fedora | 33 | - | - |
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
|
| oracle | agile_product_lifecycle_management_for_process | 6.2.0.0 | - | - |
cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:*
|
| oracle | application_testing_suite | 13.3.0.1 | - | - |
cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*
|
| oracle | banking_digital_experience | 18.1 | - | - |
cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:*
|
| oracle | banking_digital_experience | 18.2 | - | - |
cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:*
|
| oracle | banking_digital_experience | 18.3 | - | - |
cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*
|
| oracle | banking_digital_experience | 19.1 | - | - |
cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*
|
| oracle | banking_digital_experience | 19.2 | - | - |
cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*
|
| oracle | banking_digital_experience | 20.1 | - | - |
cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:*
|
| oracle | blockchain_platform | * | - | - |
cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*
|
| oracle | communications_application_session_controller | 3.8m0 | - | - |
cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:*
|
| oracle | communications_billing_and_revenue_management | 7.5.0.23.0 | - | - |
cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*
|
| oracle | communications_billing_and_revenue_management | 12.0.0.3.0 | - | - |
cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*
|
| oracle | communications_diameter_signaling_router_idih\ | - | - | - |
cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\::*:*:*:*:*:*:*:*
|
| oracle | communications_eagle_application_processor | * | - | - |
cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:*
|
| oracle | communications_services_gatekeeper | 7.0 | - | - |
cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*
|
| oracle | communications_webrtc_session_controller | 7.2 | - | - |
cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*
|
| oracle | enterprise_manager_ops_center | 12.4.0.0 | - | - |
cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*
|
| oracle | enterprise_session_border_controller | 8.4 | - | - |
cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*
|
| oracle | financial_services_analytical_applications_infrastructure | * | - | - |
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*
|
| oracle | financial_services_analytical_applications_reconciliation_framework | * | - | - |
cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:*
|
| oracle | financial_services_analytical_applications_reconciliation_framework | 8.1.0 | - | - |
cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:*
|
| oracle | financial_services_asset_liability_management | 8.0.6 | - | - |
cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.6:*:*:*:*:*:*:*
|
| oracle | financial_services_asset_liability_management | 8.0.7 | - | - |
cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7:*:*:*:*:*:*:*
|
| oracle | financial_services_asset_liability_management | 8.1.0 | - | - |
cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:*
|
| oracle | financial_services_balance_sheet_planning | 8.0.8 | - | - |
cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:*
|
| oracle | financial_services_basel_regulatory_capital_basic | * | - | - |
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:*:*:*:*:*:*:*:*
|
| oracle | financial_services_basel_regulatory_capital_basic | 8.1.0 | - | - |
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0:*:*:*:*:*:*:*
|
| oracle | financial_services_basel_regulatory_capital_internal_ratings_based_approach | * | - | - |
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:*:*:*:*:*:*:*:*
|
| oracle | financial_services_basel_regulatory_capital_internal_ratings_based_approach | 8.1.0 | - | - |
cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0:*:*:*:*:*:*:*
|
| oracle | financial_services_data_foundation | * | - | - |
cpe:2.3:a:oracle:financial_services_data_foundation:*:*:*:*:*:*:*:*
|
| oracle | financial_services_data_governance_for_us_regulatory_reporting | * | - | - |
cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:*:*:*:*:*:*:*:*
|
| oracle | financial_services_data_integration_hub | 8.0.6 | - | - |
cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.6:*:*:*:*:*:*:*
|
| oracle | financial_services_data_integration_hub | 8.0.7 | - | - |
cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.7:*:*:*:*:*:*:*
|
| oracle | financial_services_data_integration_hub | 8.1.0 | - | - |
cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0:*:*:*:*:*:*:*
|
| oracle | financial_services_funds_transfer_pricing | 8.0.6 | - | - |
cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.6:*:*:*:*:*:*:*
|
| oracle | financial_services_funds_transfer_pricing | 8.0.7 | - | - |
cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.7:*:*:*:*:*:*:*
|
| oracle | financial_services_funds_transfer_pricing | 8.1.0 | - | - |
cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0:*:*:*:*:*:*:*
|
| oracle | financial_services_hedge_management_and_ifrs_valuations | * | - | - |
cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:*
|
| oracle | financial_services_hedge_management_and_ifrs_valuations | 8.1.0 | - | - |
cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0:*:*:*:*:*:*:*
|
| oracle | financial_services_institutional_performance_analytics | 8.0.6 | - | - |
cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6:*:*:*:*:*:*:*
|
| oracle | financial_services_institutional_performance_analytics | 8.0.7 | - | - |
cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7:*:*:*:*:*:*:*
|
| oracle | financial_services_institutional_performance_analytics | 8.1.0 | - | - |
cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:*
|
| oracle | financial_services_liquidity_risk_management | 8.0.6 | - | - |
cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6:*:*:*:*:*:*:*
|
| oracle | financial_services_liquidity_risk_measurement_and_management | 8.0.7 | - | - |
cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7:*:*:*:*:*:*:*
|
| oracle | financial_services_liquidity_risk_measurement_and_management | 8.0.8 | - | - |
cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*
|
| oracle | financial_services_liquidity_risk_measurement_and_management | 8.1.0 | - | - |
cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0:*:*:*:*:*:*:*
|
| oracle | financial_services_loan_loss_forecasting_and_provisioning | * | - | - |
cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:*
|
| oracle | financial_services_loan_loss_forecasting_and_provisioning | 8.1.0 | - | - |
cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0:*:*:*:*:*:*:*
|
| oracle | financial_services_market_risk_measurement_and_management | 8.0.6 | - | - |
cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:*
|
| oracle | financial_services_market_risk_measurement_and_management | 8.0.8 | - | - |
cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*
|
| oracle | financial_services_price_creation_and_discovery | 8.0.6 | - | - |
cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6:*:*:*:*:*:*:*
|
| oracle | financial_services_price_creation_and_discovery | 8.0.7 | - | - |
cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7:*:*:*:*:*:*:*
|
| oracle | financial_services_profitability_management | 8.0.6 | - | - |
cpe:2.3:a:oracle:financial_services_profitability_management:8.0.6:*:*:*:*:*:*:*
|
| oracle | financial_services_profitability_management | 8.0.7 | - | - |
cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7:*:*:*:*:*:*:*
|
| oracle | financial_services_profitability_management | 8.1.0 | - | - |
cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0:*:*:*:*:*:*:*
|
| oracle | financial_services_regulatory_reporting_for_european_banking_authority | * | - | - |
cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:*:*:*:*:*:*:*:*
|
| oracle | financial_services_regulatory_reporting_for_us_federal_reserve | * | - | - |
cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve:*:*:*:*:*:*:*:*
|
| oracle | healthcare_foundation | 7.1.1 | - | - |
cpe:2.3:a:oracle:healthcare_foundation:7.1.1:*:*:*:*:*:*:*
|
| oracle | healthcare_foundation | 7.2.0 | - | - |
cpe:2.3:a:oracle:healthcare_foundation:7.2.0:*:*:*:*:*:*:*
|
| oracle | healthcare_foundation | 7.2.1 | - | - |
cpe:2.3:a:oracle:healthcare_foundation:7.2.1:*:*:*:*:*:*:*
|
| oracle | healthcare_foundation | 7.3.0 | - | - |
cpe:2.3:a:oracle:healthcare_foundation:7.3.0:*:*:*:*:*:*:*
|
| oracle | hospitality_materials_control | 18.1 | - | - |
cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*
|
| oracle | hospitality_simphony | * | - | - |
cpe:2.3:a:oracle:hospitality_simphony:*:*:*:*:*:*:*:*
|
| oracle | hospitality_simphony | 18.1 | - | - |
cpe:2.3:a:oracle:hospitality_simphony:18.1:*:*:*:*:*:*:*
|
| oracle | hospitality_simphony | 18.2 | - | - |
cpe:2.3:a:oracle:hospitality_simphony:18.2:*:*:*:*:*:*:*
|
| oracle | insurance_accounting_analyzer | 8.0.9 | - | - |
cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9:*:*:*:*:*:*:*
|
| oracle | insurance_allocation_manager_for_enterprise_profitability | 8.0.8 | - | - |
cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8:*:*:*:*:*:*:*
|
| oracle | insurance_allocation_manager_for_enterprise_profitability | 8.1.0 | - | - |
cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0:*:*:*:*:*:*:*
|
| oracle | insurance_data_foundation | * | - | - |
cpe:2.3:a:oracle:insurance_data_foundation:*:*:*:*:*:*:*:*
|
| oracle | insurance_insbridge_rating_and_underwriting | * | - | - |
cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:*:*:*:*:*:*:*:*
|
| oracle | insurance_insbridge_rating_and_underwriting | 5.6.1.0 | - | - |
cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:*:*:*:*:*:*:*
|
| oracle | jdeveloper | 11.1.1.9.0 | - | - |
cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*
|
| oracle | jdeveloper | 12.2.1.3.0 | - | - |
cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*
|
| oracle | jdeveloper | 12.2.1.4.0 | - | - |
cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:*
|
| oracle | peoplesoft_enterprise_peopletools | 8.56 | - | - |
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
|
| oracle | peoplesoft_enterprise_peopletools | 8.57 | - | - |
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
|
| oracle | peoplesoft_enterprise_peopletools | 8.58 | - | - |
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*
|
| oracle | policy_automation | * | - | - |
cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:*
|
| oracle | policy_automation_connector_for_siebel | 10.4.6 | - | - |
cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*
|
| oracle | policy_automation_for_mobile_devices | * | - | - |
cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:*
|
| oracle | retail_back_office | 14.0 | - | - |
cpe:2.3:a:oracle:retail_back_office:14.0:*:*:*:*:*:*:*
|
| oracle | retail_back_office | 14.1 | - | - |
cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:*
|
| oracle | retail_customer_management_and_segmentation_foundation | 19.0 | - | - |
cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*
|
| oracle | retail_returns_management | 14.0 | - | - |
cpe:2.3:a:oracle:retail_returns_management:14.0:*:*:*:*:*:*:*
|
| oracle | retail_returns_management | 14.1 | - | - |
cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:*
|
| oracle | siebel_ui_framework | 20.8 | - | - |
cpe:2.3:a:oracle:siebel_ui_framework:20.8:*:*:*:*:*:*:*
|
| oracle | storagetek_acsls | 8.5.1 | - | - |
cpe:2.3:a:oracle:storagetek_acsls:8.5.1:*:*:*:*:*:*:*
|
| oracle | weblogic_server | 10.3.6.0.0 | - | - |
cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*
|
| oracle | weblogic_server | 12.1.3.0.0 | - | - |
cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*
|
| oracle | weblogic_server | 12.2.1.3.0 | - | - |
cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*
|
| oracle | weblogic_server | 12.2.1.4.0 | - | - |
cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*
|
| oracle | weblogic_server | 14.1.1.0.0 | - | - |
cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*
|
| netapp | max_data | - | - | - |
cpe:2.3:a:netapp:max_data:-:*:*:*:*:*:*:*
|
| netapp | oncommand_insight | - | - | - |
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
|
| netapp | oncommand_system_manager | * | - | - |
cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:*
|
| netapp | snap_creator_framework | - | - | - |
cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*
|
| netapp | snapcenter | - | - | - |
cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
|
| netapp | h300s_firmware | - | - | - |
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
|
| netapp | h500s_firmware | - | - | - |
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
|
| netapp | h700s_firmware | - | - | - |
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
|
| netapp | h300e_firmware | - | - | - |
cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*
|
| netapp | h500e_firmware | - | - | - |
cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*
|
| netapp | h700e_firmware | - | - | - |
cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*
|
| netapp | h410s_firmware | - | - | - |
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
|
| netapp | h410c_firmware | - | - | - |
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
|
| opensuse | leap | 15.1 | - | - |
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
|
| opensuse | leap | 15.2 | - | - |
cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
|
| tenable | log_correlation_engine | * | - | - |
cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:*
|
| oracle | agile_product_supplier_collaboration_for_process | 6.2.0.0 | - | - |
cpe:2.3:a:oracle:agile_product_supplier_collaboration_for_process:6.2.0.0:*:*:*:*:*:*:*
|
| oracle | banking_digital_experience | * | - | - |
cpe:2.3:a:oracle:banking_digital_experience:*:*:*:*:*:*:*:*
|
| oracle | hospitality_simphony | 19.1.0-19.1.2 | - | - |
cpe:2.3:a:oracle:hospitality_simphony:19.1.0-19.1.2:*:*:*:*:*:*:*
|
| oracle | insurance_data_foundation | 8.0.6-8.1.0 | - | - |
cpe:2.3:a:oracle:insurance_data_foundation:8.0.6-8.1.0:*:*:*:*:*:*:*
|
解决方案
中文解决方案:
(暂无数据)
英文解决方案:
(暂无数据)
临时解决方案:
(暂无数据)
参考链接
DSA-4693
vendor-advisory
cve.org
访问
cve.org
FEDORA-2020-11be4b36d4
vendor-advisory
cve.org
访问
cve.org
FEDORA-2020-36d2db5f51
vendor-advisory
cve.org
访问
cve.org
无标题
OTHER
cve.org
访问
cve.org
无标题
OTHER
cve.org
访问
cve.org
无标题
OTHER
cve.org
访问
cve.org
无标题
OTHER
cve.org
访问
cve.org
无标题
OTHER
cve.org
访问
cve.org
无标题
OTHER
cve.org
访问
cve.org
无标题
OTHER
cve.org
访问
cve.org
openSUSE-SU-2020:1060
vendor-advisory
cve.org
访问
cve.org
GLSA-202007-03
vendor-advisory
cve.org
访问
cve.org
openSUSE-SU-2020:1106
vendor-advisory
cve.org
访问
cve.org
[airflow-commits] 20200820 [GitHub] [airflow] breser opened a new issue #10429: jquery dependency needs to be updated to 3.5.0 or newer
mailing-list
cve.org
访问
cve.org
FEDORA-2020-fbb94073a1
vendor-advisory
cve.org
访问
cve.org
FEDORA-2020-0b32a59b54
vendor-advisory
cve.org
访问
cve.org
FEDORA-2020-fe94df8c34
vendor-advisory
cve.org
访问
cve.org
无标题
OTHER
cve.org
访问
cve.org
[flink-issues] 20201105 [jira] [Created] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler
mailing-list
cve.org
访问
cve.org
[flink-dev] 20201105 [jira] [Created] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler
mailing-list
cve.org
访问
cve.org
openSUSE-SU-2020:1888
vendor-advisory
cve.org
访问
cve.org
[flink-issues] 20201129 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler
mailing-list
cve.org
访问
cve.org
无标题
OTHER
cve.org
访问
cve.org
无标题
OTHER
cve.org
访问
cve.org
无标题
OTHER
cve.org
访问
cve.org
[flink-issues] 20210209 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler
mailing-list
cve.org
访问
cve.org
[flink-issues] 20210209 [jira] [Comment Edited] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler
mailing-list
cve.org
访问
cve.org
[debian-lts-announce] 20210326 [SECURITY] [DLA 2608-1] jquery security update
mailing-list
cve.org
访问
cve.org
[flink-issues] 20210422 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler
mailing-list
cve.org
访问
cve.org
[flink-issues] 20210422 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler
mailing-list
cve.org
访问
cve.org
[flink-issues] 20210429 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler
mailing-list
cve.org
访问
cve.org
[flink-issues] 20210429 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler
mailing-list
cve.org
访问
cve.org
无标题
OTHER
cve.org
访问
cve.org
无标题
OTHER
cve.org
访问
cve.org
无标题
OTHER
cve.org
访问
cve.org
无标题
OTHER
cve.org
访问
cve.org
无标题
OTHER
cve.org
访问
cve.org
无标题
OTHER
cve.org
访问
cve.org
[flink-issues] 20211031 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler
mailing-list
cve.org
访问
cve.org
无标题
OTHER
cve.org
访问
cve.org
无标题
OTHER
cve.org
访问
cve.org
无标题
OTHER
cve.org
访问
cve.org
[debian-lts-announce] 20230831 [SECURITY] [DLA 3551-1] otrs2 security update
mailing-list
cve.org
访问
cve.org
ExploitDB EDB-49766
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-49766
EXPLOIT
exploitdb
访问
exploitdb
CVE Reference: CVE-2020-11022
ADVISORY
cve.org
访问
cve.org
CVSS评分详情
3.1 (cna)
MEDIUM
6.9
CVSS向量:
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
机密性
HIGH
完整性
LOW
可用性
NONE
时间信息
发布时间:
2020-04-29 00:00:00
修改时间:
2024-08-04 11:21:14
创建时间:
2025-11-11 15:35:57
更新时间:
2025-11-11 16:57:38
利用信息
此漏洞有可利用代码!
利用代码数量:
1
利用来源:
未知
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2020-11022 |
2025-11-11 15:20:20 | 2025-11-11 07:35:57 |
| NVD | nvd_CVE-2020-11022 |
2025-11-11 14:56:58 | 2025-11-11 07:44:25 |
| CNNVD | cnnvd_CNNVD-202004-2429 |
2025-11-11 15:10:25 | 2025-11-11 07:55:58 |
| EXPLOITDB | exploitdb_EDB-49766 |
2025-11-11 15:05:29 | 2025-11-11 08:57:38 |
版本与语言
当前版本:
v4
主要语言:
EN
支持语言:
EN
ZH
其他标识符:
:
:
安全公告
暂无安全公告信息
变更历史
v4
EXPLOITDB
2025-11-11 16:57:38
references_count: 43 → 46; tags_count: 0 → 3; data_sources: ['cnnvd', 'cve', 'nvd'] → ['cnnvd', 'cve', 'exploitdb', 'nvd']
查看详细变更
- references_count: 43 -> 46
- tags_count: 0 -> 3
- data_sources: ['cnnvd', 'cve', 'nvd'] -> ['cnnvd', 'cve', 'exploitdb', 'nvd']
v3
CNNVD
2025-11-11 15:55:58
vulnerability_type: 未提取 → 跨站脚本; cnnvd_id: 未提取 → CNNVD-202004-2429; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']
查看详细变更
- vulnerability_type: 未提取 -> 跨站脚本
- cnnvd_id: 未提取 -> CNNVD-202004-2429
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
v2
NVD
2025-11-11 15:44:25
affected_products_count: 1 → 119; data_sources: ['cve'] → ['cve', 'nvd']
查看详细变更
- affected_products_count: 1 -> 119
- data_sources: ['cve'] -> ['cve', 'nvd']