Search for packages
| purl | pkg:rpm/redhat/ovirt-engine-ui-extensions@1.2.5-1?arch=el8ev |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-gj58-zp49-2bdc
Aliases: CVE-2019-20921 GHSA-7c82-mp33-r854 |
Cross-site scripting in bootstrap-select bootstrap-select before 1.13.6 allows Cross-Site Scripting (XSS). It does not escape title values in OPTION elements. This may allow attackers to execute arbitrary JavaScript in a victim's browser. | There are no reported fixed by versions. |
|
VCID-v1ua-7a48-a7b1
Aliases: CVE-2020-28458 GHSA-m7j4-fhg6-xf5v |
datatables.net vulnerable to Prototype Pollution due to incomplete fix All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:20:55.632943+00:00 | RedHat Importer | Affected by | VCID-gj58-zp49-2bdc | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20921.json | 38.0.0 |
| 2026-04-01T14:04:06.849797+00:00 | RedHat Importer | Affected by | VCID-v1ua-7a48-a7b1 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28458.json | 38.0.0 |