MGASA-2014-0559

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2010-5312

Published: 31 Dec 2014, 12:28

Last modified:16 Apr 2026, 06:23

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

31 Dec 2014, 12:28

Published

Vulnerability first disclosed

16 Apr 2026, 06:23

Last Modified

Vulnerability information updated

Description

Updated couchdb packages fix CVE-2010-5312 Updated couchdb packages fix security vulnerability: Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option (CVE-2010-5312). The embedded copy of jQuery UI in couchdb has been updated to version 1.10.4 to fix this issue.

Affected Systems

mageia•couchdb
< 1.4.0-2.5.mga4

References (3)

https://advisories.mageia.org/MGASA-2014-0559.html
https://bugs.mageia.org/show_bug.cgi?id=14788
https://lists.fedoraproject.org/pipermail/package-announce/2014-December/145767.html