CVE-2019-11358

MEDIUM

Description

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.

References

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html

http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html

http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html

http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html

http://seclists.org/fulldisclosure/2019/May/10

http://seclists.org/fulldisclosure/2019/May/11

http://seclists.org/fulldisclosure/2019/May/13

http://www.openwall.com/lists/oss-security/2019/06/03/2

http://www.securityfocus.com/bid/108023

https://access.redhat.com/errata/RHBA-2019:1570

https://access.redhat.com/errata/RHSA-2019:1456

https://access.redhat.com/errata/RHSA-2019:2587

https://access.redhat.com/errata/RHSA-2019:3023

https://access.redhat.com/errata/RHSA-2019:3024

https://backdropcms.org/security/backdrop-sa-core-2019-009

https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/

https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b

https://github.com/jquery/jquery/pull/4333

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601

https://lists.apache.org/thread.html/[email protected]%3Ccommits.airflow.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.drill.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.airflow.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.airflow.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.airflow.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.drill.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.airflow.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.roller.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.nifi.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.drill.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.flink.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.flink.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.syncope.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.flink.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.flink.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.storm.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.flink.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.flink.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.nifi.apache.org%3E

https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html

https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html

https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html

https://lists.fedoraproject.org/archives/list/[email protected]/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/

https://lists.fedoraproject.org/archives/list/[email protected]/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/

https://lists.fedoraproject.org/archives/list/[email protected]/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/

https://lists.fedoraproject.org/archives/list/[email protected]/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/

https://lists.fedoraproject.org/archives/list/[email protected]/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/

https://lists.fedoraproject.org/archives/list/[email protected]/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/

https://seclists.org/bugtraq/2019/Apr/32

https://seclists.org/bugtraq/2019/Jun/12

https://seclists.org/bugtraq/2019/May/18

https://security.netapp.com/advisory/ntap-20190919-0001/

https://snyk.io/vuln/SNYK-JS-JQUERY-174006

https://www.debian.org/security/2019/dsa-4434

https://www.debian.org/security/2019/dsa-4460

https://www.drupal.org/sa-core-2019-006

https://www.oracle.com/security-alerts/cpuapr2020.html

https://www.oracle.com/security-alerts/cpujan2020.html

https://www.oracle.com/security-alerts/cpujan2021.html

https://www.oracle.com/security-alerts/cpujul2020.html

https://www.oracle.com/security-alerts/cpuoct2020.html

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/

https://www.synology.com/security/advisory/Synology_SA_19_19

https://www.tenable.com/security/tns-2019-08

https://www.tenable.com/security/tns-2020-02

Details

Source: MITRE

Published: 2019-04-20

Updated: 2021-01-20

Type: CWE-79

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Impact Score: 2.7

Exploitability Score: 2.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*

cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*

cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:*

cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:*

Tenable Plugins

View all (41 total)

IDNameProductFamilySeverity
146679EulerOS 2.0 SP2 : pki-core (EulerOS-SA-2021-1346)NessusHuawei Local Security Checks
medium
146621Tenable SecurityCenter < 5.14.0 Multiple Vulnerabilities (TNS-2020-02)NessusMisc.
medium
145989CentOS 8 : pki-core:10.6 and pki-deps:10.6 (CESA-2020:4847)NessusCentOS Local Security Checks
medium
145873CentOS 8 : idm:DL1 and idm:client (CESA-2020:4670)NessusCentOS Local Security Checks
medium
144449SolarWinds Orion Platform < 2020.2.1 HF2 Multiple VulnerabilitiesNessusMisc.
high
144388RHEL 7 : python-XStatic-jQuery (RHSA-2020:5581)NessusRed Hat Local Security Checks
medium
144240EulerOS 2.0 SP5 : pki-core (EulerOS-SA-2020-2560)NessusHuawei Local Security Checks
medium
143080RHEL 7 : ipa (RHSA-2020:3936)NessusRed Hat Local Security Checks
medium
142435RHEL 8 : idm:DL1 and idm:client (RHSA-2020:4670)NessusRed Hat Local Security Checks
medium
142409RHEL 8 : pki-core:10.6 and pki-deps:10.6 (RHSA-2020:4847)NessusRed Hat Local Security Checks
medium
142372Oracle Business Intelligence Publisher Multiple Vulnerabilities (Oct 2020 CPU)NessusMisc.
high
142210Oracle Business Process Management Suite (Oct 2020 CPU)NessusMisc.
high
142058Pulse Connect Secure < 9.1R9 (SA44601)NessusMisc.
medium
142057Pulse Policy Secure < 9.1R9 (SA44601)NessusMisc.
medium
141974Amazon Linux 2 : ipa-client (ALAS-2020-1519)NessusAmazon Linux Local Security Checks
medium
141734Scientific Linux Security Update : ipa on SL7.x x86_64 (20201001)NessusScientific Linux Local Security Checks
medium
141586CentOS 7 : ipa (CESA-2020:3936)NessusCentOS Local Security Checks
medium
135676Oracle WebCenter Sites Multiple Vulnerabilities (April 2020 CPU)NessusWindows
medium
135256RHEL 8 : python-XStatic-jQuery (RHSA-2020:1325)NessusRed Hat Local Security Checks
medium
133967Debian DLA-2118-1 : otrs2 security updateNessusDebian Local Security Checks
medium
133260Oracle Application Testing Suite Multiple Vulnerabilities (Jan 2020 CPU)NessusMisc.
high
133057Oracle Enterprise Manager Ops Center (Oct 2019 CPU)NessusMisc.
medium
132936Oracle Primavera Gateway Multiple Vulnerabilities (Jan 2020 CPU)NessusCGI abuses
high
130070Oracle Primavera Unifier Multiple Vulnerabilities (Oct 2019 CPU)NessusCGI abuses
high
130012Oracle WebLogic Server Multiple Vulnerabilities (Oct 2019 CPU)NessusMisc.
medium
129862RHEL 7 : Virtualization Manager (RHSA-2019:3024)NessusRed Hat Local Security Checks
high
129861RHEL 7 : Virtualization Manager (RHSA-2019:3023)NessusRed Hat Local Security Checks
medium
127742openSUSE Security Update : python-Django (openSUSE-2019-1839)NessusSuSE Local Security Checks
high
126485FreeBSD : mediawiki -- multiple vulnerabilities (3c5a4fe0-9ebb-11e9-9169-fcaa147e860e)NessusFreeBSD Local Security Checks
high
125858Debian DSA-4460-1 : mediawiki - security updateNessusDebian Local Security Checks
high
125750FreeBSD : Django -- AdminURLFieldWidget XSS (ffc73e87-87f0-11e9-ad56-fcaa147e860e)NessusFreeBSD Local Security Checks
medium
125298Debian DLA-1797-1 : drupal7 security updateNessusDebian Local Security Checks
high
124719JQuery < 3.4.0 Object Prototype Pollution VulnerabilityNessusCGI abuses
medium
124703Fedora 28 : drupal7 (2019-f563e66380)NessusFedora Local Security Checks
medium
124700Fedora 29 : drupal7 (2019-a06dffab1c)NessusFedora Local Security Checks
medium
124699Fedora 30 : drupal7 (2019-2a0ce0c58c)NessusFedora Local Security Checks
medium
124688Fedora 30 : drupal8 (2019-eba8e44ee6)NessusFedora Local Security Checks
high
124686Fedora 29 : drupal8 (2019-7eaf0bbe7c)NessusFedora Local Security Checks
high
124685Fedora 28 : drupal8 (2019-1a3edd7e8a)NessusFedora Local Security Checks
high
98590jQuery < 3.4.0 Prototype PollutionWeb Application ScanningComponent Vulnerability
medium
124205Debian DSA-4434-1 : drupal7 - security updateNessusDebian Local Security Checks
medium