Bug 1850004 (CVE-2020-11023) - CVE-2020-11023 jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods
Summary: CVE-2020-11023 jquery: Untrusted code execution via <option> tag in HTML pass...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2020-11023
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1828636 1850006 1850007 1850008 1850009 1850010 1850011 1850012 1850013 1850014 1850015 1850016 1850017 1850018 1850019 1850020 1850021 1850022 1850023 1850982 1851251 1851252 1851253 1851295 1851296 1852327 1852328 1852329 1852330 1852400 1852401 1852402 1852403 1859248 1859249 1859250 1859251 1859253 1859254 1859255 1859291 1859292 1859293 1882291 1882292 1882296 1882717 1888387 1889869 1910645 1936810 2343633 2343634 2344486 2344487 2344488 2344489 2344490 2344491 2344492 2344493 2344494 2344495
Blocks: 1850024 2014197
TreeView+ depends on / blocked
 
Reported: 2020-06-23 12:03 UTC by Michael Kaplan
Modified: 2025-05-02 20:31 UTC (History)
250 users (show)

Fixed In Version: jQuery 3.5.0
Clone Of:
Environment:
Last Closed: 2021-03-04 13:02:09 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2025:1354 0 None None None 2025-02-12 16:21:06 UTC
Red Hat Product Errata RHBA-2025:1358 0 None None None 2025-02-12 18:24:48 UTC
Red Hat Product Errata RHBA-2025:1359 0 None None None 2025-02-12 18:59:00 UTC
Red Hat Product Errata RHBA-2025:1360 0 None None None 2025-02-12 19:07:22 UTC
Red Hat Product Errata RHBA-2025:1363 0 None None None 2025-02-12 19:24:32 UTC
Red Hat Product Errata RHBA-2025:1364 0 None None None 2025-02-12 19:27:02 UTC
Red Hat Product Errata RHBA-2025:1365 0 None None None 2025-02-12 19:25:25 UTC
Red Hat Product Errata RHBA-2025:1366 0 None None None 2025-02-12 19:28:09 UTC
Red Hat Product Errata RHBA-2025:1367 0 None None None 2025-02-12 19:36:57 UTC
Red Hat Product Errata RHBA-2025:1368 0 None None None 2025-02-12 19:50:16 UTC
Red Hat Product Errata RHBA-2025:1369 0 None None None 2025-02-12 19:50:37 UTC
Red Hat Product Errata RHBA-2025:1370 0 None None None 2025-02-12 20:08:35 UTC
Red Hat Product Errata RHBA-2025:1371 0 None None None 2025-02-12 20:54:27 UTC
Red Hat Product Errata RHBA-2025:1407 0 None None None 2025-02-13 08:55:37 UTC
Red Hat Product Errata RHBA-2025:1408 0 None None None 2025-02-13 08:35:43 UTC
Red Hat Product Errata RHBA-2025:1409 0 None None None 2025-02-13 08:53:11 UTC
Red Hat Product Errata RHBA-2025:1410 0 None None None 2025-02-13 09:09:41 UTC
Red Hat Product Errata RHBA-2025:1411 0 None None None 2025-02-13 09:57:48 UTC
Red Hat Product Errata RHBA-2025:1414 0 None None None 2025-02-13 12:12:49 UTC
Red Hat Product Errata RHBA-2025:1415 0 None None None 2025-02-13 12:24:02 UTC
Red Hat Product Errata RHBA-2025:1416 0 None None None 2025-02-13 12:22:40 UTC
Red Hat Product Errata RHBA-2025:1418 0 None None None 2025-02-13 12:12:29 UTC
Red Hat Product Errata RHBA-2025:1419 0 None None None 2025-02-13 13:04:02 UTC
Red Hat Product Errata RHBA-2025:1422 0 None None None 2025-02-13 13:47:35 UTC
Red Hat Product Errata RHBA-2025:1429 0 None None None 2025-02-13 14:11:30 UTC
Red Hat Product Errata RHBA-2025:1435 0 None None None 2025-02-13 14:35:49 UTC
Red Hat Product Errata RHBA-2025:1438 0 None None None 2025-02-13 16:53:21 UTC
Red Hat Product Errata RHBA-2025:1441 0 None None None 2025-02-13 15:03:54 UTC
Red Hat Product Errata RHBA-2025:1442 0 None None None 2025-02-13 15:07:25 UTC
Red Hat Product Errata RHBA-2025:1467 0 None None None 2025-02-13 18:13:20 UTC
Red Hat Product Errata RHBA-2025:1477 0 None None None 2025-02-13 18:51:44 UTC
Red Hat Product Errata RHBA-2025:1482 0 None None None 2025-02-13 19:10:09 UTC
Red Hat Product Errata RHBA-2025:1502 0 None None None 2025-02-13 23:10:37 UTC
Red Hat Product Errata RHBA-2025:1518 0 None None None 2025-02-17 01:26:41 UTC
Red Hat Product Errata RHBA-2025:1521 0 None None None 2025-02-17 02:27:24 UTC
Red Hat Product Errata RHBA-2025:1541 0 None None None 2025-02-17 08:20:37 UTC
Red Hat Product Errata RHBA-2025:1546 0 None None None 2025-02-17 09:29:24 UTC
Red Hat Product Errata RHBA-2025:1583 0 None None None 2025-02-17 13:51:13 UTC
Red Hat Product Errata RHBA-2025:1595 0 None None None 2025-02-17 14:29:25 UTC
Red Hat Product Errata RHBA-2025:1605 0 None None None 2025-02-17 15:06:27 UTC
Red Hat Product Errata RHBA-2025:1608 0 None None None 2025-02-17 16:47:58 UTC
Red Hat Product Errata RHBA-2025:1610 0 None None None 2025-02-17 16:34:00 UTC
Red Hat Product Errata RHBA-2025:1630 0 None None None 2025-02-18 09:16:42 UTC
Red Hat Product Errata RHBA-2025:1677 0 None None None 2025-02-19 13:42:38 UTC
Red Hat Product Errata RHBA-2025:1700 0 None None None 2025-02-19 19:42:23 UTC
Red Hat Product Errata RHBA-2025:1734 0 None None None 2025-02-20 17:13:18 UTC
Red Hat Product Errata RHBA-2025:1826 0 None None None 2025-02-25 09:27:12 UTC
Red Hat Product Errata RHBA-2025:1827 0 None None None 2025-02-25 09:54:24 UTC
Red Hat Product Errata RHBA-2025:1854 0 None None None 2025-02-25 16:31:11 UTC
Red Hat Product Errata RHBA-2025:1878 0 None None None 2025-02-26 15:48:19 UTC
Red Hat Product Errata RHBA-2025:1916 0 None None None 2025-02-27 10:37:24 UTC
Red Hat Product Errata RHBA-2025:2023 0 None None None 2025-03-03 11:50:39 UTC
Red Hat Product Errata RHBA-2025:2032 0 None None None 2025-03-03 13:13:24 UTC
Red Hat Product Errata RHBA-2025:2508 0 None None None 2025-03-10 12:55:27 UTC
Red Hat Product Errata RHBA-2025:3086 0 None None None 2025-03-20 14:51:07 UTC
Red Hat Product Errata RHSA-2020:2412 0 None None None 2020-07-13 17:23:31 UTC
Red Hat Product Errata RHSA-2020:2813 0 None None None 2020-07-02 13:22:01 UTC
Red Hat Product Errata RHSA-2020:3247 0 None None None 2020-08-04 13:16:10 UTC
Red Hat Product Errata RHSA-2020:3369 0 None None None 2020-08-06 20:17:51 UTC
Red Hat Product Errata RHSA-2020:3807 0 None None None 2020-09-23 16:10:56 UTC
Red Hat Product Errata RHSA-2020:4211 0 None None None 2020-10-08 07:00:05 UTC
Red Hat Product Errata RHSA-2020:4298 0 None None None 2020-10-27 16:24:35 UTC
Red Hat Product Errata RHSA-2020:4847 0 None None None 2020-11-04 03:15:02 UTC
Red Hat Product Errata RHSA-2020:5249 0 None None None 2020-11-30 14:12:48 UTC
Red Hat Product Errata RHSA-2020:5412 0 None None None 2020-12-15 18:34:48 UTC
Red Hat Product Errata RHSA-2021:0778 0 None None None 2021-03-09 15:52:21 UTC
Red Hat Product Errata RHSA-2021:0860 0 None None None 2021-03-16 13:54:19 UTC
Red Hat Product Errata RHSA-2021:4142 0 None None None 2021-11-09 17:24:09 UTC
Red Hat Product Errata RHSA-2022:6393 0 None None None 2022-09-08 11:28:33 UTC
Red Hat Product Errata RHSA-2023:0552 0 None None None 2023-01-31 13:14:43 UTC
Red Hat Product Errata RHSA-2023:0553 0 None None None 2023-01-31 13:10:42 UTC
Red Hat Product Errata RHSA-2023:0554 0 None None None 2023-01-31 13:18:24 UTC
Red Hat Product Errata RHSA-2023:0556 0 None None None 2023-01-31 13:19:30 UTC
Red Hat Product Errata RHSA-2025:1070 0 None None None 2025-02-05 11:50:42 UTC
Red Hat Product Errata RHSA-2025:1185 0 None None None 2025-02-10 01:03:09 UTC
Red Hat Product Errata RHSA-2025:1209 0 None None None 2025-02-10 09:04:00 UTC
Red Hat Product Errata RHSA-2025:1210 0 None None None 2025-02-10 09:03:44 UTC
Red Hat Product Errata RHSA-2025:1211 0 None None None 2025-02-10 09:51:16 UTC
Red Hat Product Errata RHSA-2025:1212 0 None None None 2025-02-10 09:34:13 UTC
Red Hat Product Errata RHSA-2025:1213 0 None None None 2025-02-10 09:24:44 UTC
Red Hat Product Errata RHSA-2025:1214 0 None None None 2025-02-10 09:24:06 UTC
Red Hat Product Errata RHSA-2025:1215 0 None None None 2025-02-10 09:26:24 UTC
Red Hat Product Errata RHSA-2025:1216 0 None None None 2025-02-10 09:34:49 UTC
Red Hat Product Errata RHSA-2025:1217 0 None None None 2025-02-10 09:13:56 UTC
Red Hat Product Errata RHSA-2025:1247 0 None None None 2025-02-10 17:48:29 UTC
Red Hat Product Errata RHSA-2025:1255 0 None None None 2025-02-10 22:24:12 UTC
Red Hat Product Errata RHSA-2025:1256 0 None None None 2025-02-10 22:23:35 UTC
Red Hat Product Errata RHSA-2025:1300 0 None None None 2025-02-11 12:54:12 UTC
Red Hat Product Errata RHSA-2025:1301 0 None None None 2025-02-11 14:42:18 UTC
Red Hat Product Errata RHSA-2025:1303 0 None None None 2025-02-11 13:58:48 UTC
Red Hat Product Errata RHSA-2025:1304 0 None None None 2025-02-11 13:54:43 UTC
Red Hat Product Errata RHSA-2025:1305 0 None None None 2025-02-11 12:52:12 UTC
Red Hat Product Errata RHSA-2025:1306 0 None None None 2025-02-11 12:57:01 UTC
Red Hat Product Errata RHSA-2025:1308 0 None None None 2025-02-11 13:28:36 UTC
Red Hat Product Errata RHSA-2025:1309 0 None None None 2025-02-11 13:48:26 UTC
Red Hat Product Errata RHSA-2025:1310 0 None None None 2025-02-11 12:47:48 UTC
Red Hat Product Errata RHSA-2025:1311 0 None None None 2025-02-11 14:32:00 UTC
Red Hat Product Errata RHSA-2025:1312 0 None None None 2025-02-11 13:22:20 UTC
Red Hat Product Errata RHSA-2025:1314 0 None None None 2025-02-11 14:21:32 UTC
Red Hat Product Errata RHSA-2025:1315 0 None None None 2025-02-11 14:33:08 UTC
Red Hat Product Errata RHSA-2025:1329 0 None None None 2025-02-11 16:22:40 UTC
Red Hat Product Errata RHSA-2025:1338 0 None None None 2025-02-12 00:35:05 UTC
Red Hat Product Errata RHSA-2025:1342 0 None None None 2025-02-12 05:32:34 UTC
Red Hat Product Errata RHSA-2025:1346 0 None None None 2025-02-12 06:54:54 UTC
Red Hat Product Errata RHSA-2025:1514 0 None None None 2025-02-17 00:15:03 UTC
Red Hat Product Errata RHSA-2025:1515 0 None None None 2025-02-17 00:11:32 UTC
Red Hat Product Errata RHSA-2025:1580 0 None None None 2025-02-17 12:07:21 UTC
Red Hat Product Errata RHSA-2025:1601 0 None None None 2025-02-17 14:54:05 UTC
Red Hat Product Errata RHSA-2025:2426 0 None None None 2025-03-06 00:30:37 UTC

Description Michael Kaplan 2020-06-23 12:03:01 UTC 
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

References:

https://blog.jquery.com/2020/04/10/jquery-3-5-0-released
https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6
https://jquery.com/upgrade-guide/3.5/
https://security.netapp.com/advisory/ntap-20200511-0006/
https://www.debian.org/security/2020/dsa-4693
https://www.drupal.org/sa-core-2020-002
Comment 1 Michael Kaplan 2020-06-23 12:05:40 UTC 
Created drupal7 tracking bugs for this issue:

Affects: epel-all [bug 1850023]
Affects: fedora-all [bug 1850013]


Created js-jquery tracking bugs for this issue:

Affects: epel-7 [bug 1850008]
Affects: fedora-all [bug 1850015]


Created js-jquery1 tracking bugs for this issue:

Affects: epel-7 [bug 1850006]
Affects: fedora-all [bug 1850022]


Created js-jquery2 tracking bugs for this issue:

Affects: fedora-all [bug 1850016]


Created python-XStatic-jQuery tracking bugs for this issue:

Affects: epel-7 [bug 1850007]
Affects: fedora-all [bug 1850018]
Affects: openstack-rdo [bug 1850011]


Created python-XStatic-jquery-ui tracking bugs for this issue:

Affects: epel-7 [bug 1850010]
Affects: fedora-all [bug 1850017]
Affects: openstack-rdo [bug 1850012]


Created python-tw-jquery tracking bugs for this issue:

Affects: epel-6 [bug 1850014]


Created python-tw2-jquery tracking bugs for this issue:

Affects: epel-6 [bug 1850021]
Affects: epel-7 [bug 1850009]
Affects: fedora-all [bug 1850020]


Created rubygem-jquery-rails tracking bugs for this issue:

Affects: fedora-all [bug 1850019]
Comment 8 Mark Cooper 2020-06-25 06:43:09 UTC 
OpenShift ServiceMesh includes a vulnerable version of jquery (3.4.1) in servicemesh-grafana.
Comment 9 Mark Cooper 2020-06-25 07:00:12 UTC 
[edited] Upstream fix: https://github.com/jquery/jquery/commit/966a70909019aa09632c87c0002c522fa4a1e30e

In the advisory from jquery they talk about removing the regex functionality from htmlPrefilter, "The jQuery.htmlPrefilter function does not use a regex in 3.5.0 and passes the string through unchanged."
Comment 10 Mark Cooper 2020-06-25 07:06:21 UTC 
Further to #comment8 grafana actually do package jquery 3.5.0, included as a patch in the RPM and hence is not affected.
Comment 17 Summer Long 2020-06-26 04:29:47 UTC 
External References:

https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
Comment 20 Hardik Vyas 2020-06-30 10:56:31 UTC 
Below storage products includes vulnerable version of jQuery in grafana and grafana-container:

Ceph-3 grafana : jquery-3.3.1
Ceph-3 grafana-container : jquery-3.3.1
Ceph-4 grafana-container : jquery-3.3.1
Gluster grafana : jquery-3.2.1
Comment 24 errata-xmlrpc 2020-07-02 13:21:56 UTC 
This issue has been addressed in the following products:

  Red Hat Single Sign-On 7.4.1

Via RHSA-2020:2813 https://access.redhat.com/errata/RHSA-2020:2813
Comment 25 Product Security DevOps Team 2020-07-02 13:27:52 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2020-11023
Comment 26 errata-xmlrpc 2020-07-13 17:23:26 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.5

Via RHSA-2020:2412 https://access.redhat.com/errata/RHSA-2020:2412
Comment 30 errata-xmlrpc 2020-08-04 13:16:03 UTC 
This issue has been addressed in the following products:

  Red Hat Virtualization Engine 4.4

Via RHSA-2020:3247 https://access.redhat.com/errata/RHSA-2020:3247
Comment 31 errata-xmlrpc 2020-08-06 20:17:46 UTC 
This issue has been addressed in the following products:

  OpenShift Service Mesh 1.1
  Openshift Service Mesh 1.1

Via RHSA-2020:3369 https://access.redhat.com/errata/RHSA-2020:3369
Comment 34 errata-xmlrpc 2020-09-23 16:10:50 UTC 
This issue has been addressed in the following products:

  Red Hat Virtualization Engine 4.4

Via RHSA-2020:3807 https://access.redhat.com/errata/RHSA-2020:3807
Comment 38 Cedric Buissart 2020-09-24 09:27:09 UTC 
Created pcs tracking bugs for this issue:

Affects: fedora-all [bug 1882296]
Comment 47 errata-xmlrpc 2020-10-08 06:59:57 UTC 
This issue has been addressed in the following products:

  A-MQ Interconnect 1.y for RHEL 7
  A-MQ Interconnect 1.y for RHEL 6
  A-MQ Interconnect 1.y for RHEL 8

Via RHSA-2020:4211 https://access.redhat.com/errata/RHSA-2020:4211
Comment 52 errata-xmlrpc 2020-10-27 16:24:29 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.6

Via RHSA-2020:4298 https://access.redhat.com/errata/RHSA-2020:4298
Comment 53 errata-xmlrpc 2020-11-04 03:14:57 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2020:4847 https://access.redhat.com/errata/RHSA-2020:4847
Comment 60 errata-xmlrpc 2020-11-30 14:12:44 UTC 
This issue has been addressed in the following products:

  Red Hat Ansible Tower 3.7 for RHEL 7

Via RHSA-2020:5249 https://access.redhat.com/errata/RHSA-2020:5249
Comment 61 errata-xmlrpc 2020-12-15 18:34:44 UTC 
This issue has been addressed in the following products:

  Red Hat OpenStack Platform 16.1

Via RHSA-2020:5412 https://access.redhat.com/errata/RHSA-2020:5412
Comment 63 Eric Christensen 2021-01-26 16:09:59 UTC 
Statement:

Red Hat Enterprise Linux version 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However the vulnerability has not been found to be exploitable in reasonable scenarios. A future update may update JQuery to a fixed version.
Comment 66 Product Security DevOps Team 2021-03-04 13:02:09 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2020-11023
Comment 69 errata-xmlrpc 2021-03-09 15:52:16 UTC 
This issue has been addressed in the following products:

  Red Hat Ansible Tower 3.6 for RHEL 7

Via RHSA-2021:0778 https://access.redhat.com/errata/RHSA-2021:0778
Comment 70 errata-xmlrpc 2021-03-16 13:54:13 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2021:0860 https://access.redhat.com/errata/RHSA-2021:0860
Comment 73 errata-xmlrpc 2021-05-18 15:32:46 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2021:1846 https://access.redhat.com/errata/RHSA-2021:1846
Comment 75 errata-xmlrpc 2021-11-09 17:24:04 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2021:4142 https://access.redhat.com/errata/RHSA-2021:4142
Comment 76 errata-xmlrpc 2022-09-08 11:28:27 UTC 
This issue has been addressed in the following products:

  Red Hat Virtualization Engine 4.4

Via RHSA-2022:6393 https://access.redhat.com/errata/RHSA-2022:6393
Comment 86 errata-xmlrpc 2023-01-31 13:10:35 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8

Via RHSA-2023:0553 https://access.redhat.com/errata/RHSA-2023:0553
Comment 87 errata-xmlrpc 2023-01-31 13:14:36 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7

Via RHSA-2023:0552 https://access.redhat.com/errata/RHSA-2023:0552
Comment 88 errata-xmlrpc 2023-01-31 13:18:16 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9

Via RHSA-2023:0554 https://access.redhat.com/errata/RHSA-2023:0554
Comment 89 errata-xmlrpc 2023-01-31 13:19:23 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform

Via RHSA-2023:0556 https://access.redhat.com/errata/RHSA-2023:0556
Comment 100 errata-xmlrpc 2025-02-05 11:50:27 UTC 
This issue has been addressed in the following products:

  Red Hat OpenStack Platform 16.2

Via RHSA-2025:1070 https://access.redhat.com/errata/RHSA-2025:1070
Comment 103 errata-xmlrpc 2025-02-10 01:02:56 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2025:1185 https://access.redhat.com/errata/RHSA-2025:1185
Comment 104 errata-xmlrpc 2025-02-10 09:03:28 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:1210 https://access.redhat.com/errata/RHSA-2025:1210
Comment 105 errata-xmlrpc 2025-02-10 09:03:32 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2025:1209 https://access.redhat.com/errata/RHSA-2025:1209
Comment 106 errata-xmlrpc 2025-02-10 09:13:44 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support

Via RHSA-2025:1217 https://access.redhat.com/errata/RHSA-2025:1217
Comment 107 errata-xmlrpc 2025-02-10 09:23:52 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:1215 https://access.redhat.com/errata/RHSA-2025:1215
Comment 108 errata-xmlrpc 2025-02-10 09:23:53 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Extended Update Support

Via RHSA-2025:1214 https://access.redhat.com/errata/RHSA-2025:1214
Comment 109 errata-xmlrpc 2025-02-10 09:24:30 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2025:1213 https://access.redhat.com/errata/RHSA-2025:1213
Comment 110 errata-xmlrpc 2025-02-10 09:33:58 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2025:1216 https://access.redhat.com/errata/RHSA-2025:1216
Comment 111 errata-xmlrpc 2025-02-10 09:33:59 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions

Via RHSA-2025:1212 https://access.redhat.com/errata/RHSA-2025:1212
Comment 112 errata-xmlrpc 2025-02-10 09:51:02 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2025:1211 https://access.redhat.com/errata/RHSA-2025:1211
Comment 113 errata-xmlrpc 2025-02-10 17:48:17 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Extended Update Support

Via RHSA-2025:1247 https://access.redhat.com/errata/RHSA-2025:1247
Comment 114 errata-xmlrpc 2025-02-10 22:23:22 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.7 Advanced Update Support

Via RHSA-2025:1256 https://access.redhat.com/errata/RHSA-2025:1256
Comment 115 errata-xmlrpc 2025-02-10 22:23:57 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Extended Lifecycle Support

Via RHSA-2025:1255 https://access.redhat.com/errata/RHSA-2025:1255
Comment 116 errata-xmlrpc 2025-02-11 12:47:34 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support

Via RHSA-2025:1310 https://access.redhat.com/errata/RHSA-2025:1310
Comment 117 errata-xmlrpc 2025-02-11 12:51:59 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2025:1305 https://access.redhat.com/errata/RHSA-2025:1305
Comment 118 errata-xmlrpc 2025-02-11 12:53:59 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:1300 https://access.redhat.com/errata/RHSA-2025:1300
Comment 119 errata-xmlrpc 2025-02-11 12:56:47 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:1306 https://access.redhat.com/errata/RHSA-2025:1306
Comment 120 errata-xmlrpc 2025-02-11 13:22:05 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions

Via RHSA-2025:1312 https://access.redhat.com/errata/RHSA-2025:1312
Comment 121 errata-xmlrpc 2025-02-11 13:28:22 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2025:1308 https://access.redhat.com/errata/RHSA-2025:1308
Comment 122 errata-xmlrpc 2025-02-11 13:48:13 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:1309 https://access.redhat.com/errata/RHSA-2025:1309
Comment 123 errata-xmlrpc 2025-02-11 13:54:31 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2025:1304 https://access.redhat.com/errata/RHSA-2025:1304
Comment 124 errata-xmlrpc 2025-02-11 13:58:33 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2025:1303 https://access.redhat.com/errata/RHSA-2025:1303
Comment 125 errata-xmlrpc 2025-02-11 14:21:19 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:1314 https://access.redhat.com/errata/RHSA-2025:1314
Comment 126 errata-xmlrpc 2025-02-11 14:31:45 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Extended Update Support

Via RHSA-2025:1311 https://access.redhat.com/errata/RHSA-2025:1311
Comment 127 errata-xmlrpc 2025-02-11 14:32:54 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2025:1315 https://access.redhat.com/errata/RHSA-2025:1315
Comment 128 errata-xmlrpc 2025-02-11 14:42:03 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:1301 https://access.redhat.com/errata/RHSA-2025:1301
Comment 129 errata-xmlrpc 2025-02-11 16:22:25 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:1329 https://access.redhat.com/errata/RHSA-2025:1329
Comment 134 errata-xmlrpc 2025-02-12 00:34:51 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:1338 https://access.redhat.com/errata/RHSA-2025:1338
Comment 135 errata-xmlrpc 2025-02-12 05:32:19 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2025:1342 https://access.redhat.com/errata/RHSA-2025:1342
Comment 136 errata-xmlrpc 2025-02-12 06:54:41 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:1346 https://access.redhat.com/errata/RHSA-2025:1346
Comment 137 errata-xmlrpc 2025-02-17 00:11:19 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support

Via RHSA-2025:1515 https://access.redhat.com/errata/RHSA-2025:1515
Comment 138 errata-xmlrpc 2025-02-17 00:14:48 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.7 Advanced Update Support

Via RHSA-2025:1514 https://access.redhat.com/errata/RHSA-2025:1514
Comment 139 errata-xmlrpc 2025-02-17 12:07:08 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.7 Advanced Update Support

Via RHSA-2025:1580 https://access.redhat.com/errata/RHSA-2025:1580
Comment 140 errata-xmlrpc 2025-02-17 14:53:51 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Extended Lifecycle Support

Via RHSA-2025:1601 https://access.redhat.com/errata/RHSA-2025:1601
Comment 141 Nick Tait 2025-02-18 21:33:06 UTC 
RHEL-7/pki-core was fixed by https://access.redhat.com/errata/RHSA-2021:0851
Comment 142 errata-xmlrpc 2025-03-06 00:30:22 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.7 Advanced Update Support

Via RHSA-2025:2426 https://access.redhat.com/errata/RHSA-2025:2426
Note You need to log in before you can comment on or make changes to this bug.