Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

CVE-2019-11358 vulnerabilities and exploits

(subscribe to this query)
6.1
CVSSv3

CVE-2019-11358

jQuery prior to 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Jquery JqueryDebian Debian Linux 8.0Debian Debian Linux 9.0Debian Debian Linux 10.0Drupal DrupalBackdropcms BackdropFedoraproject Fedora 28Fedoraproject Fedora 29Fedoraproject Fedora 30Opensuse Backports Sle 15.0Opensuse Leap 15.1Netapp Oncommand System Manager
NA

CVE-2019-5428

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-11358. Reason: This candidate is a duplicate of CVE-2019-11358. Notes: All CVE users should reference CVE-2019-11358 instead of this candidate. All references and descriptions in this candidate have been remo...
6.1
CVSSv3

CVE-2019-12308

An issue exists in Django 1.11 prior to 1.11.21, 2.1 prior to 2.1.9, and 2.2 prior to 2.2.2. The clickable Current URL value displayed by the AdminURLFieldWidget displays the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or...
Djangoproject Django
5.3
CVSSv3

CVE-2020-1722

A flaw was found in all ipa versions 4.x.x up to and including 4.8.0. When sending a very long password (>= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading to a denial of service and the website becoming unresponsive. The ...
Red Hat IpaFreeipa FreeipaRedhat Enterprise Linux 6.0Redhat Enterprise Linux 7.0Redhat Enterprise Linux 8.0
6.1
CVSSv3

CVE-2018-14040

In Bootstrap prior to 4.1.2, XSS is possible in the collapse data-parent attribute.
Debian Debian Linux 8.0Getbootstrap BootstrapGetbootstrap Bootstrap 4.0.0
6.1
CVSSv3

CVE-2018-14042

In Bootstrap prior to 4.1.2, XSS is possible in the data-container property of tooltip.
Getbootstrap BootstrapGetbootstrap Bootstrap 4.0.0
6.1
CVSSv3

CVE-2018-20676

In Bootstrap prior to 3.4.0, XSS is possible in the tooltip data-viewport attribute.
Getbootstrap Bootstrap
6.1
CVSSv3

CVE-2018-20677

In Bootstrap prior to 3.4.0, XSS is possible in the affix configuration target property.
Getbootstrap Bootstrap
6.1
CVSSv3

CVE-2019-8331

In Bootstrap prior to 3.4.1 and 4.3.x prior to 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
Getbootstrap BootstrapF5 Big-ip Access Policy ManagerF5 Big-ip Advanced Firewall ManagerF5 Big-ip AnalyticsF5 Big-ip Application Acceleration ManagerF5 Big-ip Application Security ManagerF5 Big-ip Domain Name SystemF5 Big-ip Edge GatewayF5 Big-ip Fraud Protection ServiceF5 Big-ip Global Traffic ManagerF5 Big-ip Link ControllerF5 Big-ip Local Traffic Manager
6.1
CVSSv3

CVE-2016-10735

In Bootstrap 3.x prior to 3.4.0 and 4.x-beta prior to 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
Getbootstrap BootstrapGetbootstrap Bootstrap 4.0.0
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
jasmin ransomwareCVE-2025-6110code executionCVE-2025-21420reflected XSSCVE-2025-5336wp url shortenerCVE-2025-49113gr-5400axoverflowCVE-2025-6062letta-aiCVE-2025-50143
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook