{
  "CVSS 2.0": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Tuxera Inc., \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb, \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\", \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "9 (Debian GNU/Linux), 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 8 (Debian GNU/Linux), 10 (Debian GNU/Linux), 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb (Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb), 1.7 (Astra Linux Special Edition), \u0434\u043e 2021.8.22 (NTFS-3G), 4.7 (Astra Linux Special Edition), - (\u0410\u043b\u044c\u0442 8 \u0421\u041f), \u0434\u043e 2.3 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx), \u0434\u043e 16.01.2023 (\u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0414\u043b\u044f NTFS-3G:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp\n\n\u0414\u043b\u044f \u041e\u0421 Debian:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://security-tracker.debian.org/tracker/CVE-2021-33289\n\n\u0414\u043b\u044f Astra Linux:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2021-1126SE17\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-0114SE47\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20220829SE16\n\n\u0414\u043b\u044f \u0410\u043b\u044c\u0442 8 \u0421\u041f :\nhttps://altsp.su/obnovleniya-bezopasnosti/\n\n\u0414\u043b\u044f \u041e\u0421\u041e\u041d \u041e\u0441\u043d\u043e\u0432\u0430:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f ntfs-3g \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 1:2017.3.23AR.3-3+deb10u1\n\n\u0414\u043b\u044f Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 ntfs-3g \u0434\u043e 1:2016.2.22AR.1+dfsg-1+deb9u3+ci202301271355+astra1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se81-bulletin-20230315SE81\n\n\u0414\u043b\u044f \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f ntfs-3g \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 1:2016.2.22AR.1+dfsg-1+deb9u3",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "20.08.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "21.11.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "17.01.2022",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-00257",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2021-33289",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), NTFS-3G, \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 8 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u043b\u044c\u0442 8 \u0421\u041f -  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb \u0434\u043e 16.01.2023  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b NTFS \u0434\u043b\u044f \u043c\u043e\u0434\u0443\u043b\u044f FUSE NTFS-3G, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0437\u0430\u043f\u0438\u0441\u044c\u044e \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u044c \u0438\u0445 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0417\u0430\u043f\u0438\u0441\u044c \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 (CWE-787)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b NTFS \u0434\u043b\u044f \u043c\u043e\u0434\u0443\u043b\u044f FUSE NTFS-3G \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0437\u0430\u043f\u0438\u0441\u044c\u044e \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u044c \u0438\u0445 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e MFT \u0440\u0430\u0437\u0434\u0435\u043b\u0430 \u0432 NTFS \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-33289\nhttps://security-tracker.debian.org/tracker/CVE-2021-33289\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2021-1126SE17\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-0114SE47\nhttps://altsp.su/obnovleniya-bezopasnosti/\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20220829SE16\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.3/\nhttps://wiki.astralinux.ru/astra-linux-se81-bulletin-20230315SE81\nhttps://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-787",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,9)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)"
}

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-33289",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-33289"
    }
  },
  "description": "Tuxera NTFS-3G\u662f\u82ac\u5170Tuxera\u516c\u53f8\u7684\u4e00\u5957\u5f00\u6e90\u7684\u3001\u8de8\u5e73\u53f0\u7684\u7528\u4e8e\u652f\u6301NTFS\u5206\u533a\u8bfb\u5199\u7684\u9a71\u52a8\u7a0b\u5e8f\u3002\n\nNTFS-3G\u57282021.8.22\u4e4b\u524d\u7248\u672c\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5e94\u7528\u5bf9\u67d0\u4e9bNTFS\u5143\u6570\u636e\u7684\u4e0d\u6b63\u786e\u9a8c\u8bc1\u9020\u6210\u7684\uff0c\u653b\u51fb\u8005\u5229\u7528\u5143\u6570\u636e\u53ef\u80fd\u4f1a\u5bfc\u81f4\u7f13\u51b2\u533a\u6ea2\u51fa\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://github.com/tuxera/ntfs-3g\u3002",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-72277",
  "openTime": "2021-09-22",
  "patchDescription": "Tuxera NTFS-3G\u662f\u82ac\u5170Tuxera\u516c\u53f8\u7684\u4e00\u5957\u5f00\u6e90\u7684\u3001\u8de8\u5e73\u53f0\u7684\u7528\u4e8e\u652f\u6301NTFS\u5206\u533a\u8bfb\u5199\u7684\u9a71\u52a8\u7a0b\u5e8f\u3002\r\n\r\nNTFS-3G\u57282021.8.22\u4e4b\u524d\u7248\u672c\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5e94\u7528\u5bf9\u67d0\u4e9bNTFS\u5143\u6570\u636e\u7684\u4e0d\u6b63\u786e\u9a8c\u8bc1\u9020\u6210\u7684\uff0c\u653b\u51fb\u8005\u5229\u7528\u5143\u6570\u636e\u53ef\u80fd\u4f1a\u5bfc\u81f4\u7f13\u51b2\u533a\u6ea2\u51fa\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Tuxera NTFS-3G\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2021-72277\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Tuxera Tuxera NTFS-3G \u003c2021.8.22"
  },
  "referenceLink": "https://vigilance.fr/vulnerability/NTFS-3G-multiple-vulnerabilities-36281",
  "serverity": "\u4f4e",
  "submitTime": "2021-09-03",
  "title": "Tuxera NTFS-3G\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2021-72277\uff09"
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:tuxera:ntfs-3g:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBE087A1-98D1-4F40-9CC9-D90116B23E0C",
              "versionEndExcluding": "2021.8.22",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
              "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
              "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In NTFS-3G versions \u003c 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution."
    },
    {
      "lang": "es",
      "value": "En NTFS-3G versiones anteriores a 2021.8.22, cuando se suministra una secci\u00f3n MFT especialmente manipulada en una imagen NTFS, puede producirse un desbordamiento del b\u00fafer de la pila y permitir la ejecuci\u00f3n de c\u00f3digo"
    }
  ],
  "id": "CVE-2021-33289",
  "lastModified": "2024-11-21T06:08:39.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-09-07T14:15:11.617",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Product",
        "Vendor Advisory"
      ],
      "url": "http://ntfs-3g.com"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/08/30/1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00013.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/766ISTT3KCARKFUIQT7N6WV6T63XOKG3/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSEKTKHO5HFZHWZNJNBJZA56472KRUZI/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202301-01"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2021/dsa-4971"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Product",
        "Vendor Advisory"
      ],
      "url": "http://ntfs-3g.com"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/08/30/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00013.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/766ISTT3KCARKFUIQT7N6WV6T63XOKG3/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSEKTKHO5HFZHWZNJNBJZA56472KRUZI/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202301-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2021/dsa-4971"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

{
  "affected": [],
  "aliases": [
    "CVE-2021-33289"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-09-07T14:15:00Z",
    "severity": "HIGH"
  },
  "details": "In Tuxera NTFS-3G versions \u003c 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution.",
  "id": "GHSA-r663-2xfr-f623",
  "modified": "2023-01-11T09:30:32Z",
  "published": "2022-05-24T19:13:12Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33289"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00013.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/766ISTT3KCARKFUIQT7N6WV6T63XOKG3"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HSEKTKHO5HFZHWZNJNBJZA56472KRUZI"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202301-01"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2021/dsa-4971"
    },
    {
      "type": "WEB",
      "url": "http://ntfs-3g.com"
    },
    {
      "type": "WEB",
      "url": "http://tuxera.com"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2021/08/30/1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

{
  "GSD": {
    "alias": "CVE-2021-33289",
    "description": "In NTFS-3G versions \u003c 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution.",
    "id": "GSD-2021-33289",
    "references": [
      "https://www.suse.com/security/cve/CVE-2021-33289.html",
      "https://www.debian.org/security/2021/dsa-4971",
      "https://access.redhat.com/errata/RHSA-2021:3704",
      "https://access.redhat.com/errata/RHSA-2021:3703",
      "https://advisories.mageia.org/CVE-2021-33289.html",
      "https://security.archlinux.org/CVE-2021-33289",
      "https://linux.oracle.com/cve/CVE-2021-33289.html",
      "https://access.redhat.com/errata/RHSA-2022:1759"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-33289"
      ],
      "details": "In NTFS-3G versions \u003c 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution.",
      "id": "GSD-2021-33289",
      "modified": "2023-12-13T01:23:18.160355Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2021-33289",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "In NTFS-3G versions \u003c 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://ntfs-3g.com",
            "refsource": "MISC",
            "url": "http://ntfs-3g.com"
          },
          {
            "name": "[oss-security] 20210830 NTFS3G-SA-2021-0001: Multiple buffer overflows in all versions of NTFS-3G",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2021/08/30/1"
          },
          {
            "name": "https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp",
            "refsource": "MISC",
            "url": "https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp"
          },
          {
            "name": "DSA-4971",
            "refsource": "DEBIAN",
            "url": "https://www.debian.org/security/2021/dsa-4971"
          },
          {
            "name": "FEDORA-2021-e7c8ba6301",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/766ISTT3KCARKFUIQT7N6WV6T63XOKG3/"
          },
          {
            "name": "FEDORA-2021-5b1dac797b",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HSEKTKHO5HFZHWZNJNBJZA56472KRUZI/"
          },
          {
            "name": "[debian-lts-announce] 20211116 [SECURITY] [DLA 2819-1] ntfs-3g security update",
            "refsource": "MLIST",
            "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00013.html"
          },
          {
            "name": "GLSA-202301-01",
            "refsource": "GENTOO",
            "url": "https://security.gentoo.org/glsa/202301-01"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:tuxera:ntfs-3g:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2021.8.22",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2021-33289"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "In NTFS-3G versions \u003c 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-787"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://ntfs-3g.com",
              "refsource": "MISC",
              "tags": [
                "Product",
                "Vendor Advisory"
              ],
              "url": "http://ntfs-3g.com"
            },
            {
              "name": "https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp"
            },
            {
              "name": "[oss-security] 20210830 NTFS3G-SA-2021-0001: Multiple buffer overflows in all versions of NTFS-3G",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2021/08/30/1"
            },
            {
              "name": "DSA-4971",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.debian.org/security/2021/dsa-4971"
            },
            {
              "name": "FEDORA-2021-e7c8ba6301",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/766ISTT3KCARKFUIQT7N6WV6T63XOKG3/"
            },
            {
              "name": "FEDORA-2021-5b1dac797b",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HSEKTKHO5HFZHWZNJNBJZA56472KRUZI/"
            },
            {
              "name": "[debian-lts-announce] 20211116 [SECURITY] [DLA 2819-1] ntfs-3g security update",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00013.html"
            },
            {
              "name": "GLSA-202301-01",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202301-01"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.9,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.4,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2023-01-13T19:46Z",
      "publishedDate": "2021-09-07T14:15Z"
    }
  }
}

{
  "document": {
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2021-33289 In NTFS-3G versions \u003c 2021.8.22 when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. - VEX",
        "url": "https://msrc.microsoft.com/csaf/vex/2021/msrc_cve-2021-33289.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "In NTFS-3G versions \u003c 2021.8.22 when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution.",
    "tracking": {
      "current_release_date": "2021-12-16T00:00:00.000Z",
      "generator": {
        "date": "2025-10-19T22:11:41.950Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2021-33289",
      "initial_release_date": "2021-09-02T00:00:00.000Z",
      "revision_history": [
        {
          "date": "2021-12-16T00:00:00.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "2.0",
                "product": {
                  "name": "CBL Mariner 2.0",
                  "product_id": "17086"
                }
              }
            ],
            "category": "product_name",
            "name": "Azure Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003ccbl2 ntfs-3g 2021.8.22-1",
                "product": {
                  "name": "\u003ccbl2 ntfs-3g 2021.8.22-1",
                  "product_id": "1"
                }
              },
              {
                "category": "product_version",
                "name": "cbl2 ntfs-3g 2021.8.22-1",
                "product": {
                  "name": "cbl2 ntfs-3g 2021.8.22-1",
                  "product_id": "19484"
                }
              }
            ],
            "category": "product_name",
            "name": "ntfs-3g"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003ccbl2 ntfs-3g 2021.8.22-1 as a component of CBL Mariner 2.0",
          "product_id": "17086-1"
        },
        "product_reference": "1",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 ntfs-3g 2021.8.22-1 as a component of CBL Mariner 2.0",
          "product_id": "19484-17086"
        },
        "product_reference": "19484",
        "relates_to_product_reference": "17086"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-33289",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "general",
          "text": "mitre",
          "title": "Assigning CNA"
        }
      ],
      "product_status": {
        "fixed": [
          "19484-17086"
        ],
        "known_affected": [
          "17086-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-33289 In NTFS-3G versions \u003c 2021.8.22 when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. - VEX",
          "url": "https://msrc.microsoft.com/csaf/vex/2021/msrc_cve-2021-33289.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2021-12-16T00:00:00.000Z",
          "details": "2021.8.22-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "17086-1"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalsScore": 0.0,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 7.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "17086-1"
          ]
        }
      ],
      "title": "In NTFS-3G versions \u003c 2021.8.22 when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution."
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for ntfs-3g_ntfsprogs",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for ntfs-3g_ntfsprogs fixes the following issues:\n\nUpdate to version 2021.8.22 (bsc#1189720):\n\n* Fixed compile error when building with libfuse \u003c 2.8.0\n* Fixed obsolete macros in configure.ac\n* Signalled support of UTIME_OMIT to external libfuse2\n* Fixed an improper macro usage in ntfscp.c\n* Updated the repository change in the README\n* Fixed vulnerability threats caused by maliciously tampered NTFS partitions\n* Security fixes: CVE-2021-33285, CVE-2021-33286, CVE-2021-33287,\n  CVE-2021-33289, CVE-2021-35266, CVE-2021-35267, CVE-2021-35268,\n  CVE-2021-35269, CVE-2021-39251, CVE-2021-39252, CVE-2021-39253,\n  CVE_2021-39254, CVE-2021-39255, CVE-2021-39256, CVE-2021-39257,\n  CVE-2021-39258, CVE-2021-39259, CVE-2021-39260, CVE-2021-39261,\n  CVE-2021-39262, CVE-2021-39263.\n\n- Library soversion is now 89\n\n* Changes in version 2017.3.23\n* Delegated processing of special reparse points to external plugins\n* Allowed kernel cacheing by lowntfs-3g when not using Posix ACLs\n* Enabled fallback to read-only mount when the volume is hibernated\n* Made a full check for whether an extended attribute is allowed\n* Moved secaudit and usermap to ntfsprogs (now ntfssecaudit and ntfsusermap)\n* Enabled encoding broken UTF-16 into broken UTF-8\n* Autoconfigured selecting \u003csys/sysmacros.h\u003e vs \u003csys/mkdev\u003e\n* Allowed using the full library API on systems without extended attributes support\n* Fixed DISABLE_PLUGINS as the condition for not using plugins\n* Corrected validation of multi sector transfer protected records\n* Denied creating/removing files from $Extend\n* Returned the size of locale encoded target as the size of symlinks\n\nThis update was imported from the SUSE:SLE-15:Update update project.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-2021-1244",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_1244-1.json"
      },
      {
        "category": "self",
        "summary": "URL for openSUSE-SU-2021:1244-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6I22R7EMWP6WBQIXDCKB4KJMMB67TMZK/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for openSUSE-SU-2021:1244-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6I22R7EMWP6WBQIXDCKB4KJMMB67TMZK/"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1189720",
        "url": "https://bugzilla.suse.com/1189720"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9755 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9755/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-33285 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-33285/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-33286 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-33286/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-33287 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-33287/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-33289 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-33289/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-35266 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-35266/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-35267 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-35267/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-35268 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-35268/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-35269 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-35269/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39251 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39251/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39252 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39252/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39253 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39253/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39255 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39255/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39256 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39256/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39257 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39257/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39258 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39258/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39259 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39259/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39260 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39260/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39261 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39261/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39262 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39262/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39263 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39263/"
      }
    ],
    "title": "Security update for ntfs-3g_ntfsprogs",
    "tracking": {
      "current_release_date": "2021-09-09T06:21:47Z",
      "generator": {
        "date": "2021-09-09T06:21:47Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2021:1244-1",
      "initial_release_date": "2021-09-09T06:21:47Z",
      "revision_history": [
        {
          "date": "2021-09-09T06:21:47Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
                "product": {
                  "name": "libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
                  "product_id": "libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
                "product": {
                  "name": "libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
                  "product_id": "libntfs-3g87-2021.8.22-lp152.5.3.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "ntfs-3g-2021.8.22-lp152.5.3.1.i586",
                "product": {
                  "name": "ntfs-3g-2021.8.22-lp152.5.3.1.i586",
                  "product_id": "ntfs-3g-2021.8.22-lp152.5.3.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "ntfsprogs-2021.8.22-lp152.5.3.1.i586",
                "product": {
                  "name": "ntfsprogs-2021.8.22-lp152.5.3.1.i586",
                  "product_id": "ntfsprogs-2021.8.22-lp152.5.3.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
                "product": {
                  "name": "ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
                  "product_id": "ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
                "product": {
                  "name": "libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
                  "product_id": "libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
                "product": {
                  "name": "libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
                  "product_id": "libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
                "product": {
                  "name": "ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
                  "product_id": "ntfs-3g-2021.8.22-lp152.5.3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
                "product": {
                  "name": "ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
                  "product_id": "ntfsprogs-2021.8.22-lp152.5.3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64",
                "product": {
                  "name": "ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64",
                  "product_id": "ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.2",
                "product": {
                  "name": "openSUSE Leap 15.2",
                  "product_id": "openSUSE Leap 15.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586 as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586"
        },
        "product_reference": "libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64 as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64"
        },
        "product_reference": "libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libntfs-3g87-2021.8.22-lp152.5.3.1.i586 as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586"
        },
        "product_reference": "libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64 as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64"
        },
        "product_reference": "libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ntfs-3g-2021.8.22-lp152.5.3.1.i586 as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586"
        },
        "product_reference": "ntfs-3g-2021.8.22-lp152.5.3.1.i586",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ntfs-3g-2021.8.22-lp152.5.3.1.x86_64 as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64"
        },
        "product_reference": "ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ntfsprogs-2021.8.22-lp152.5.3.1.i586 as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586"
        },
        "product_reference": "ntfsprogs-2021.8.22-lp152.5.3.1.i586",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ntfsprogs-2021.8.22-lp152.5.3.1.x86_64 as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64"
        },
        "product_reference": "ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586 as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586"
        },
        "product_reference": "ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64 as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
        },
        "product_reference": "ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-9755",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9755"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap buffer overflow, resulting in a crash or the ability to execute arbitrary code. In installations where /bin/ntfs-3g is a setuid-root binary, this could lead to a local escalation of privileges.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9755",
          "url": "https://www.suse.com/security/cve/CVE-2019-9755"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1130165 for CVE-2019-9755",
          "url": "https://bugzilla.suse.com/1130165"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-09-09T06:21:47Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-9755"
    },
    {
      "cve": "CVE-2021-33285",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-33285"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In NTFS-3G versions \u003c 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the \"bytes_in_use\" field should be less than the \"bytes_allocated\" field. When it is not, the parsing of the records proceeds into the wild.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-33285",
          "url": "https://www.suse.com/security/cve/CVE-2021-33285"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-09-09T06:21:47Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-33285"
    },
    {
      "cve": "CVE-2021-33286",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-33286"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In NTFS-3G versions \u003c 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-33286",
          "url": "https://www.suse.com/security/cve/CVE-2021-33286"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-09-09T06:21:47Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-33286"
    },
    {
      "cve": "CVE-2021-33287",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-33287"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In NTFS-3G versions \u003c 2021.8.22, when specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of service of the application.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-33287",
          "url": "https://www.suse.com/security/cve/CVE-2021-33287"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-09-09T06:21:47Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-33287"
    },
    {
      "cve": "CVE-2021-33289",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-33289"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In NTFS-3G versions \u003c 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-33289",
          "url": "https://www.suse.com/security/cve/CVE-2021-33289"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-09-09T06:21:47Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-33289"
    },
    {
      "cve": "CVE-2021-35266",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-35266"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In NTFS-3G versions \u003c 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code execution.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-35266",
          "url": "https://www.suse.com/security/cve/CVE-2021-35266"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-09-09T06:21:47Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-35266"
    },
    {
      "cve": "CVE-2021-35267",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-35267"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "NTFS-3G versions \u003c 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and MFTMirror allowing for code execution or escalation of privileges when setuid-root.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-35267",
          "url": "https://www.suse.com/security/cve/CVE-2021-35267"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-09-09T06:21:47Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-35267"
    },
    {
      "cve": "CVE-2021-35268",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-35268"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In NTFS-3G versions \u003c 2021.8.22, when a specially crafted NTFS inode is loaded in the function ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of privileges.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-35268",
          "url": "https://www.suse.com/security/cve/CVE-2021-35268"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-09-09T06:21:47Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-35268"
    },
    {
      "cve": "CVE-2021-35269",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-35269"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "NTFS-3G versions \u003c 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation of privileges.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-35269",
          "url": "https://www.suse.com/security/cve/CVE-2021-35269"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-09-09T06:21:47Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-35269"
    },
    {
      "cve": "CVE-2021-39251",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39251"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G \u003c 2021.8.22.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39251",
          "url": "https://www.suse.com/security/cve/CVE-2021-39251"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-09-09T06:21:47Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39251"
    },
    {
      "cve": "CVE-2021-39252",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39252"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G \u003c 2021.8.22.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39252",
          "url": "https://www.suse.com/security/cve/CVE-2021-39252"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-09-09T06:21:47Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39252"
    },
    {
      "cve": "CVE-2021-39253",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39253"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G \u003c 2021.8.22.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39253",
          "url": "https://www.suse.com/security/cve/CVE-2021-39253"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-09-09T06:21:47Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39253"
    },
    {
      "cve": "CVE-2021-39255",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39255"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in ntfs_attr_find_in_attrdef, in NTFS-3G \u003c 2021.8.22.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39255",
          "url": "https://www.suse.com/security/cve/CVE-2021-39255"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-09-09T06:21:47Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39255"
    },
    {
      "cve": "CVE-2021-39256",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39256"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G \u003c 2021.8.22.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39256",
          "url": "https://www.suse.com/security/cve/CVE-2021-39256"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-09-09T06:21:47Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39256"
    },
    {
      "cve": "CVE-2021-39257",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39257"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G \u003c 2021.8.22.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39257",
          "url": "https://www.suse.com/security/cve/CVE-2021-39257"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-09-09T06:21:47Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39257"
    },
    {
      "cve": "CVE-2021-39258",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39258"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in NTFS-3G \u003c 2021.8.22.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39258",
          "url": "https://www.suse.com/security/cve/CVE-2021-39258"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-09-09T06:21:47Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39258"
    },
    {
      "cve": "CVE-2021-39259",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39259"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in ntfs_inode_lookup_by_name, in NTFS-3G \u003c 2021.8.22.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39259",
          "url": "https://www.suse.com/security/cve/CVE-2021-39259"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-09-09T06:21:47Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39259"
    },
    {
      "cve": "CVE-2021-39260",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39260"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G \u003c 2021.8.22.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39260",
          "url": "https://www.suse.com/security/cve/CVE-2021-39260"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-09-09T06:21:47Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39260"
    },
    {
      "cve": "CVE-2021-39261",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39261"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A crafted NTFS image can cause a heap-based buffer overflow in ntfs_compressed_pwrite in NTFS-3G \u003c 2021.8.22.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39261",
          "url": "https://www.suse.com/security/cve/CVE-2021-39261"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-09-09T06:21:47Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39261"
    },
    {
      "cve": "CVE-2021-39262",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39262"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G \u003c 2021.8.22.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39262",
          "url": "https://www.suse.com/security/cve/CVE-2021-39262"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-09-09T06:21:47Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39262"
    },
    {
      "cve": "CVE-2021-39263",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39263"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in ntfs_get_attribute_value, in NTFS-3G \u003c 2021.8.22.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
          "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39263",
          "url": "https://www.suse.com/security/cve/CVE-2021-39263"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g-devel-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:libntfs-3g87-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfs-3g-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-2021.8.22-lp152.5.3.1.x86_64",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.i586",
            "openSUSE Leap 15.2:ntfsprogs-extra-2021.8.22-lp152.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-09-09T06:21:47Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39263"
    }
  ]
}