Vulnerability Name:

CVE-2019-8331 (CCN-157409)

Assigned:2019-02-11
Published:2019-02-11
Updated:2022-05-16
Summary:In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
CVSS v3 Severity:6.1 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
5.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:H/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): None
6.1 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
5.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:H/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): None
6.1 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
5.8 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:H/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
5.5 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-79
Vulnerability Consequences:Cross-Site Scripting
References:Source: MITRE
Type: CNA
CVE-2019-8331

Source: MISC
Type: Third Party Advisory, VDB Entry
http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html

Source: FULLDISC
Type: Mailing List, Third Party Advisory
20190510 dotCMS v5.1.1 Vulnerabilities

Source: FULLDISC
Type: Mailing List, Third Party Advisory
20190510 dotCMS v5.1.1 HTML Injection & XSS Vulnerability

Source: FULLDISC
Type: Mailing List, Third Party Advisory
20190510 Re: dotCMS v5.1.1 HTML Injection & XSS Vulnerability

Source: BID
Type: Third Party Advisory, VDB Entry
107375

Source: REDHAT
Type: Third Party Advisory
RHSA-2019:1456

Source: REDHAT
Type: Third Party Advisory
RHSA-2019:3023

Source: REDHAT
Type: Third Party Advisory
RHSA-2019:3024

Source: CONFIRM
Type: Vendor Advisory
https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1/

Source: XF
Type: UNKNOWN
bootstrap-cve20198331-xss(157409)

Source: CCN
Type: bootstrap GIT Repository
sanitize template option for tooltip/popover plugins #28236

Source: MISC
Type: Issue Tracking, Patch, Third Party Advisory
https://github.com/twbs/bootstrap/pull/28236

Source: MISC
Type: Product, Third Party Advisory
https://github.com/twbs/bootstrap/releases/tag/v3.4.1

Source: MISC
Type: Release Notes, Third Party Advisory
https://github.com/twbs/bootstrap/releases/tag/v4.3.1

Source: MLIST
Type: Exploit, Mailing List, Third Party Advisory
[flink-dev] 20190811 Apache flink 1.7.2 security issues

Source: MLIST
Type: Exploit, Mailing List, Third Party Advisory
[flink-user] 20190813 Apache flink 1.7.2 security issues

Source: MLIST
Type: Mailing List, Third Party Advisory
[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities

Source: MLIST
Type: Mailing List, Third Party Advisory
[flink-user] 20190813 Re: Apache flink 1.7.2 security issues

Source: MLIST
Type: Mailing List, Third Party Advisory
[superset-dev] 20190926 Re: [VOTE] Release Superset 0.34.1 based on Superset 0.34.1rc1

Source: MLIST
Type: Exploit, Mailing List, Third Party Advisory
[flink-user] 20190811 Apache flink 1.7.2 security issues

Source: MLIST
Type: Mailing List, Third Party Advisory
[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities

Source: MLIST
Type: Mailing List, Third Party Advisory
[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities

Source: MLIST
Type: Mailing List, Third Party Advisory
[hbase-issues] 20201116 [GitHub] [hbase] symat opened a new pull request #2661: HBASE-25261 Upgrade Bootstrap to 3.4.1

Source: MLIST
Type: Mailing List, Third Party Advisory
[pulsar-commits] 20201215 [GitHub] [pulsar] yanshuchong opened a new issue #8967: CVSS issue list

Source: BUGTRAQ
Type: Mailing List, Third Party Advisory
20190509 dotCMS v5.1.1 Vulnerabilities

Source: CONFIRM
Type: Third Party Advisory
https://support.f5.com/csp/article/K24383845

Source: CONFIRM
Type: Third Party Advisory
https://support.f5.com/csp/article/K24383845?utm_source=f5support&utm_medium=RSS

Source: CCN
Type: IBM Security Bulletin 879483 (API Connect)
IBM API Connect Developer Portal is affected by a cross site scripting vulnerability in Bootstrap (CVE-2019-8331)

Source: CCN
Type: IBM Security Bulletin 6172563 (Security Information Queue)
IBM Security Information Queue uses components with known vulnerabilities (CVE-2019-8331, CVE-2019-11358)

Source: CCN
Type: IBM Security Bulletin 6336361 (Security Secret Server)
Multiple Vulnerabilities Have Been Identified In IBM Security Verify Privilege Vault previously known as IBM Security Secret Server

Source: CCN
Type: IBM Security Bulletin 6382126 (Netezza for Cloud Pak for Data)
OSS scan fixes for Content pos

Source: CCN
Type: IBM Security Bulletin 6416391 (Spectrum Symphony)
Multiple vulnerability issues affect IBM Spectrum Symphony 7.3.1

Source: CCN
Type: IBM Security Bulletin 6416393 (Spectrum Conductor)
Multiple vulnerability issues affect IBM Spectrum Conductor 2.5.0

Source: CCN
Type: IBM Security Bulletin 6455993 (Rational License Key Server)
IBM License Key Server Administration and Reporting Tool is impacted by multiple vulnerabilities in jQuery, Bootstrap and AngularJS

Source: CCN
Type: IBM Security Bulletin 6520510 (Cognos Analytics)
IBM Cognos Analytics has addressed multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6551876 (Cloud Pak for Security)
Cloud Pak for Security uses packages that are vulnerable to multiple CVEs

Source: CCN
Type: IBM Security Bulletin 6560102 (Robotic Process Automation)
Multiple vulnerabilities may affect IBM Robotic Process Automation

Source: CCN
Type: IBM Security Bulletin 6570915 (Data Risk Manager)
IBM Data Risk Manager is affected by multiple vulnerabilities including a remote code execution in Spring Framework (CVE-2022-22965)

Source: CCN
Type: IBM Security Bulletin 6570957 (Cognos Analytics)
IBM Cognos Analytics has addressed multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6980757 (Maximo Asset Management)
There are several vulnerabilities in Bootstrap used by IBM Maximo Asset Management

Source: CCN
Type: IBM Security Bulletin 6984699 (MobileFirst Foundation)
Multiple vulnerabilities found on thirdparty libraries used by IBM MobileFirst Platform

Source: CCN
Type: IBM Security Bulletin 6985609 (Engineering Workflow Management)
IBM Engineering Workflow Management (EWM) vulnerabilities CVE-2020-28500, CVE-2021-23337, CVE-2020-8203

Source: CCN
Type: IBM Security Bulletin 6991577 (Edge Application Manager)
Open Source Dependency Vulnerability

Source: CCN
Type: IBM Security Bulletin 7001347 (Business Automation Workflow containers)
Multiple security vulnerabilities in bootstrap.js may affect IBM Business Automation Workflow

Source: CCN
Type: NPM Web site
bootstrap

Source: CCN
Type: Oracle Critical Patch Update Advisory - April 2021
Oracle Critical Patch Update Advisory - April 2021

Source: MISC
Type: Third Party Advisory
https://www.oracle.com/security-alerts/cpuApr2021.html

Source: CONFIRM
Type: Patch, Third Party Advisory
https://www.tenable.com/security/tns-2021-14

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2019-8331

Vulnerable Configuration:Configuration 1:
  • cpe:/a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* (Version < 3.4.1)
  • OR cpe:/a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* (Version >= 4.3.0 and < 4.3.1)

  • Configuration 2:
  • cpe:/a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* (Version >= 15.0.0 and < 15.1.0)
  • OR cpe:/a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* (Version >= 15.0.0 and < 15.1.0)
  • OR cpe:/a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* (Version >= 15.0.0 and < 15.1.0)
  • OR cpe:/a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* (Version >= 15.0.0 and < 15.1.0)
  • OR cpe:/a:f5:big-ip_analytics:*:*:*:*:*:*:*:* (Version >= 15.0.0 and < 15.1.0)
  • OR cpe:/a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* (Version >= 15.0.0 and < 15.1.0)
  • OR cpe:/a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* (Version >= 15.0.0 and < 15.1.0)
  • OR cpe:/a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* (Version >= 15.0.0 and < 15.1.0)
  • OR cpe:/a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* (Version >= 15.0.0 and < 15.1.0)
  • OR cpe:/a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* (Version >= 15.0.0 and < 15.1.0)
  • OR cpe:/a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* (Version >= 12.1.0 and < 12.1.5.1)
  • OR cpe:/a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* (Version >= 12.1.0 and < 12.1.5.1)
  • OR cpe:/a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* (Version >= 14.0.0 and < 14.1.2.5)
  • OR cpe:/a:f5:big-ip_analytics:*:*:*:*:*:*:*:* (Version >= 12.1.0 and < 12.1.5.1)
  • OR cpe:/a:f5:big-ip_analytics:*:*:*:*:*:*:*:* (Version >= 14.0.0 and < 14.1.2.5)
  • OR cpe:/a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* (Version >= 12.1.0 and < 12.1.5.1)
  • OR cpe:/a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* (Version >= 14.0.0 and < 14.1.2.5)
  • OR cpe:/a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* (Version >= 12.1.0 and < 12.1.5.1)
  • OR cpe:/a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* (Version >= 12.1.0 and < 12.1.5.1)
  • OR cpe:/a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* (Version >= 12.1.0 and < 12.1.5.1)
  • OR cpe:/a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* (Version >= 15.0.0 and < 15.1.0)
  • OR cpe:/a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* (Version >= 12.1.0 and < 12.1.5.1)
  • OR cpe:/a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* (Version >= 12.1.0 and < 12.1.5.1)
  • OR cpe:/a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* (Version >= 12.1.0 and < 12.1.5.1)
  • OR cpe:/a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* (Version >= 12.1.0 and < 12.1.5.1)
  • OR cpe:/a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* (Version >= 14.0.0 and < 14.1.2.5)
  • OR cpe:/a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* (Version >= 12.1.0 and < 12.1.5.1)
  • OR cpe:/a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* (Version >= 15.0.0 and < 15.1.0)
  • OR cpe:/a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* (Version >= 12.1.0 and < 12.1.5.1)
  • OR cpe:/a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* (Version >= 15.0.0 and < 15.1.0)
  • OR cpe:/a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* (Version >= 13.0.0 and < 13.1.3.4)
  • OR cpe:/a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* (Version >= 14.0.0 and < 14.1.2.5)
  • OR cpe:/a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* (Version >= 13.0.0 and < 13.1.3.4)
  • OR cpe:/a:f5:big-ip_analytics:*:*:*:*:*:*:*:* (Version >= 13.0.0 and < 13.1.3.4)
  • OR cpe:/a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* (Version >= 13.0.0 and < 13.1.3.4)
  • OR cpe:/a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* (Version >= 13.0.0 and < 13.1.3.4)
  • OR cpe:/a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* (Version >= 14.0.0 and < 14.1.2.5)
  • OR cpe:/a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* (Version >= 13.0.0 and < 13.1.3.4)
  • OR cpe:/a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* (Version >= 14.0.0 and < 14.1.2.5)
  • OR cpe:/a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* (Version >= 13.0.0 and < 13.1.3.4)
  • OR cpe:/a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* (Version >= 14.0.0 and < 14.1.2.5)
  • OR cpe:/a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* (Version >= 13.0.0 and < 13.1.3.4)
  • OR cpe:/a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* (Version >= 14.0.0 and < 14.1.2.5)
  • OR cpe:/a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* (Version >= 13.0.0 and < 13.1.3.4)
  • OR cpe:/a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* (Version >= 14.0.0 and < 14.1.2.5)
  • OR cpe:/a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* (Version >= 13.0.0 and < 13.1.3.4)
  • OR cpe:/a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* (Version >= 14.0.0 and < 14.1.2.5)
  • OR cpe:/a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* (Version >= 13.0.0 and < 13.1.3.4)
  • OR cpe:/a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* (Version >= 13.0.0 and < 13.1.3.4)
  • OR cpe:/a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* (Version >= 14.0.0 and < 14.1.2.5)
  • OR cpe:/a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* (Version >= 13.0.0 and < 13.1.3.4)
  • OR cpe:/a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* (Version >= 14.0.0 and < 14.1.2.5)

  • Configuration 3:
  • cpe:/a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*

  • Configuration 4:
  • cpe:/a:tenable:tenable.sc:*:*:*:*:*:*:*:* (Version < 5.19.0)

  • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

  • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

  • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

  • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

  • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

  • Configuration RedHat 6:
  • cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

  • Configuration RedHat 7:
  • cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:getbootstrap:bootstrap:4.3.0:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:api_connect:2018.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:2018.4.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_license_key_server:8.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_information_queue:1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_information_queue:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_information_queue:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_information_queue:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_information_queue:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_secret_server:10.8:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_license_key_server:8.1.6.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_information_queue:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_license_key_server:8.1.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_license_key_server:8.1.6.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_license_key_server:8.1.6.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_license_key_server:8.1.6.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:engineering_workflow_management:7.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:engineering_workflow_management:7.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_security:1.7.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_analytics:11.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_analytics:11.1.7:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_analytics:11.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:business_automation_workflow:20.0.0.1:-:*:*:containers:*:*:*
  • OR cpe:/a:ibm:business_automation_workflow:20.0.0.1:*:*:*:traditional:*:*:*
  • OR cpe:/a:ibm:business_automation_workflow:20.0.0.2:*:*:*:traditional:*:*:*
  • OR cpe:/a:ibm:business_automation_workflow:21.0.1:*:*:*:traditional:*:*:*
  • OR cpe:/a:ibm:business_automation_workflow:20.0.0.2:-:*:*:containers:*:*:*
  • OR cpe:/a:ibm:business_automation_workflow:21.0.3:-:*:*:containers:*:*:*
  • OR cpe:/a:ibm:maximo_asset_management:7.6.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:robotic_process_automation:21.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:business_automation_workflow:21.0.2:-:*:*:containers:*:*:*
  • OR cpe:/a:ibm:business_automation_workflow:22.0.1:-:*:*:containers:*:*:*
  • OR cpe:/a:ibm:business_automation_workflow:22.0.1:*:*:*:traditional:*:*:*
  • OR cpe:/a:ibm:business_automation_workflow:21.0.3.1:*:*:*:traditional:*:*:*
  • OR cpe:/a:ibm:business_automation_workflow:22.0.2:-:*:*:containers:*:*:*
  • OR cpe:/a:ibm:business_automation_workflow:22.0.2:*:*:*:traditional:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:com.redhat.rhsa:def:20204670
    P
    RHSA-2020:4670: idm:DL1 and idm:client security, bug fix, and enhancement update (Moderate)
    2020-11-04
    oval:com.redhat.rhsa:def:20204847
    P
    RHSA-2020:4847: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (Moderate)
    2020-11-04
    oval:com.redhat.rhsa:def:20203936
    P
    RHSA-2020:3936: ipa security, bug fix, and enhancement update (Moderate)
    2020-09-29
    oval:com.ubuntu.disco:def:201983310000000
    V
    CVE-2019-8331 on Ubuntu 19.04 (disco) - medium.
    2019-02-20
    oval:com.ubuntu.bionic:def:20198331000
    V
    CVE-2019-8331 on Ubuntu 18.04 LTS (bionic) - medium.
    2019-02-20
    oval:com.ubuntu.cosmic:def:201983310000000
    V
    CVE-2019-8331 on Ubuntu 18.10 (cosmic) - medium.
    2019-02-20
    oval:com.ubuntu.cosmic:def:20198331000
    V
    CVE-2019-8331 on Ubuntu 18.10 (cosmic) - medium.
    2019-02-20
    oval:com.ubuntu.bionic:def:201983310000000
    V
    CVE-2019-8331 on Ubuntu 18.04 LTS (bionic) - medium.
    2019-02-20
    oval:com.ubuntu.trusty:def:20198331000
    V
    CVE-2019-8331 on Ubuntu 14.04 LTS (trusty) - medium.
    2019-02-20
    oval:com.ubuntu.xenial:def:201983310000000
    V
    CVE-2019-8331 on Ubuntu 16.04 LTS (xenial) - medium.
    2019-02-20
    oval:com.ubuntu.xenial:def:20198331000
    V
    CVE-2019-8331 on Ubuntu 16.04 LTS (xenial) - medium.
    2019-02-20
    BACK
    getbootstrap bootstrap *
    getbootstrap bootstrap *
    f5 big-ip local traffic manager *
    f5 big-ip application security manager *
    f5 big-ip access policy manager *
    f5 big-ip advanced firewall manager *
    f5 big-ip analytics *
    f5 big-ip application acceleration manager *
    f5 big-ip domain name system *
    f5 big-ip fraud protection service *
    f5 big-ip global traffic manager *
    f5 big-ip link controller *
    f5 big-ip access policy manager *
    f5 big-ip advanced firewall manager *
    f5 big-ip advanced firewall manager *
    f5 big-ip analytics *
    f5 big-ip analytics *
    f5 big-ip application acceleration manager *
    f5 big-ip application acceleration manager *
    f5 big-ip application security manager *
    f5 big-ip domain name system *
    f5 big-ip edge gateway *
    f5 big-ip edge gateway *
    f5 big-ip fraud protection service *
    f5 big-ip global traffic manager *
    f5 big-ip link controller *
    f5 big-ip local traffic manager *
    f5 big-ip local traffic manager *
    f5 big-ip policy enforcement manager *
    f5 big-ip policy enforcement manager *
    f5 big-ip webaccelerator *
    f5 big-ip webaccelerator *
    f5 big-ip access policy manager *
    f5 big-ip access policy manager *
    f5 big-ip advanced firewall manager *
    f5 big-ip analytics *
    f5 big-ip application acceleration manager *
    f5 big-ip application security manager *
    f5 big-ip application security manager *
    f5 big-ip domain name system *
    f5 big-ip domain name system *
    f5 big-ip edge gateway *
    f5 big-ip edge gateway *
    f5 big-ip fraud protection service *
    f5 big-ip fraud protection service *
    f5 big-ip global traffic manager *
    f5 big-ip global traffic manager *
    f5 big-ip link controller *
    f5 big-ip link controller *
    f5 big-ip local traffic manager *
    f5 big-ip policy enforcement manager *
    f5 big-ip policy enforcement manager *
    f5 big-ip webaccelerator *
    f5 big-ip webaccelerator *
    redhat virtualization manager 4.3
    tenable tenable.sc *
    getbootstrap bootstrap 4.3.0
    ibm api connect 2018.1
    ibm api connect 2018.4.1.3
    ibm rational license key server 8.1.6
    ibm security information queue 1.0.0
    ibm security information queue 1.0.1
    ibm security information queue 1.0.2
    ibm security information queue 1.0.3
    ibm security information queue 1.0.4
    ibm security secret server 10.8
    ibm rational license key server 8.1.6.2
    ibm security information queue 1.0.5
    ibm rational license key server 8.1.6.1
    ibm rational license key server 8.1.6.3
    ibm rational license key server 8.1.6.4
    ibm rational license key server 8.1.6.5
    ibm engineering workflow management 7.0.1
    ibm engineering workflow management 7.0.2
    ibm cloud pak for security 1.7.2.0
    ibm cognos analytics 11.2.0
    ibm cognos analytics 11.1.7
    ibm cognos analytics 11.2.1
    ibm business automation workflow 20.0.0.1 -
    ibm business automation workflow 20.0.0.1
    ibm business automation workflow 20.0.0.2
    ibm business automation workflow 21.0.1
    ibm business automation workflow 20.0.0.2 -
    ibm business automation workflow 21.0.3 -
    ibm maximo asset management 7.6.1.2
    ibm robotic process automation 21.0.0
    ibm business automation workflow 21.0.2 -
    ibm business automation workflow 22.0.1 -
    ibm business automation workflow 22.0.1
    ibm business automation workflow 21.0.3.1
    ibm business automation workflow 22.0.2 -
    ibm business automation workflow 22.0.2