Vulnerability-Lookup

CVE-2021-41079 (GCVE-0-2021-41079)

Vulnerability from cvelistv5 – Published: 2021-09-16 14:40 – Updated: 2024-08-04 02:59

Title

Apache Tomcat DoS with unexpected TLS packet

Summary

Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service.

Severity

No CVSS data available.

CWE

CWE-20 - Improper Input Validation

Assigner

apache

References

6 references

URL	Tags
https://lists.apache.org/thread.html/rccdef0349fd…	x_refsource_MISC
https://lists.debian.org/debian-lts-announce/2021…	mailing-listx_refsource_MLIST
https://security.netapp.com/advisory/ntap-2021100…	x_refsource_CONFIRM
https://lists.apache.org/thread.html/rb4de81ac647…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r6b6b674e3f1…	mailing-listx_refsource_MLIST
https://www.debian.org/security/2021/dsa-4986	vendor-advisoryx_refsource_DEBIAN

Impacted products

1 product

Vendor	Product	Version
Apache Software Foundation	Apache Tomcat	Affected: Apache Tomcat 8.5 8.5.0 to 8.5.63 Affected: Apache Tomcat 9 9.0.0-M1 to 9.0.43 Affected: Apache Tomcat 10 10.0.0-M1 to 10.0.2

Credits

The Apache Tomcat security team would like to thank Thomas Wozenilek for originally reporting this issue and David Frankson of Infinite Campus for also providing a test case that reproduced the issue.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:59:31.226Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E"
          },
          {
            "name": "[debian-lts-announce] 20210922 [SECURITY] [DLA 2764-1] tomcat8 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20211008-0005/"
          },
          {
            "name": "[tomcat-dev] 20211014 [SECURITY] CVE-2021-42340 Apache Tomcat DoS",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe%40%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-users] 20211014 [SECURITY] CVE-2021-42340 Apache Tomcat DoS",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a%40%3Cusers.tomcat.apache.org%3E"
          },
          {
            "name": "DSA-4986",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2021/dsa-4986"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Apache Tomcat",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "status": "affected",
              "version": "Apache Tomcat 8.5 8.5.0 to 8.5.63"
            },
            {
              "status": "affected",
              "version": "Apache Tomcat 9 9.0.0-M1 to 9.0.43"
            },
            {
              "status": "affected",
              "version": "Apache Tomcat 10 10.0.0-M1 to 10.0.2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "The Apache Tomcat security team would like to thank Thomas Wozenilek for originally reporting this issue and David Frankson of Infinite Campus for also providing a test case that reproduced the issue."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "other": "high"
            },
            "type": "unknown"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-15T14:06:10.000Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E"
        },
        {
          "name": "[debian-lts-announce] 20210922 [SECURITY] [DLA 2764-1] tomcat8 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20211008-0005/"
        },
        {
          "name": "[tomcat-dev] 20211014 [SECURITY] CVE-2021-42340 Apache Tomcat DoS",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe%40%3Cdev.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-users] 20211014 [SECURITY] CVE-2021-42340 Apache Tomcat DoS",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a%40%3Cusers.tomcat.apache.org%3E"
        },
        {
          "name": "DSA-4986",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2021/dsa-4986"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Apache Tomcat DoS with unexpected TLS packet",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "ID": "CVE-2021-41079",
          "STATE": "PUBLIC",
          "TITLE": "Apache Tomcat DoS with unexpected TLS packet"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Apache Tomcat",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_name": "Apache Tomcat 8.5",
                            "version_value": "8.5.0 to 8.5.63"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "Apache Tomcat 9",
                            "version_value": "9.0.0-M1 to 9.0.43"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "Apache Tomcat 10",
                            "version_value": "10.0.0-M1 to 10.0.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Apache Software Foundation"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "The Apache Tomcat security team would like to thank Thomas Wozenilek for originally reporting this issue and David Frankson of Infinite Campus for also providing a test case that reproduced the issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": [
          {
            "other": "high"
          }
        ],
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20 Improper Input Validation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E",
              "refsource": "MISC",
              "url": "https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E"
            },
            {
              "name": "[debian-lts-announce] 20210922 [SECURITY] [DLA 2764-1] tomcat8 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20211008-0005/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20211008-0005/"
            },
            {
              "name": "[tomcat-dev] 20211014 [SECURITY] CVE-2021-42340 Apache Tomcat DoS",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-users] 20211014 [SECURITY] CVE-2021-42340 Apache Tomcat DoS",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a@%3Cusers.tomcat.apache.org%3E"
            },
            {
              "name": "DSA-4986",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2021/dsa-4986"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2021-41079",
    "datePublished": "2021-09-16T14:40:25.000Z",
    "dateReserved": "2021-09-15T00:00:00.000Z",
    "dateUpdated": "2024-08-04T02:59:31.226Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2021-41079",
      "date": "2026-05-25",
      "epss": "0.00103",
      "percentile": "0.27625"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.5.0\", \"versionEndExcluding\": \"8.5.64\", \"matchCriteriaId\": \"D843545D-7FB7-4893-9D8F-3E0B301F622A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.0.0\", \"versionEndExcluding\": \"9.0.44\", \"matchCriteriaId\": \"D1913B71-5187-4648-878E-81CB62D17F8A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.0.0\", \"versionEndIncluding\": \"10.0.2\", \"matchCriteriaId\": \"CB83F761-FB97-4573-AB91-C15121E25240\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:management_services_for_element_software_and_netapp_hci:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FDAC85F0-93AF-4BE3-AE1A-8ADAF1CDF9AB\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service.\"}, {\"lang\": \"es\", \"value\": \"Apache Tomcat versiones 8.5.0 hasta 8.5.63, versiones 9.0.0-M1 hasta 9.0.43 y versiones 10.0.0-M1 hasta 10.0.2, no comprueban apropiadamente los paquetes TLS entrantes. Cuando Tomcat estaba configurado para usar NIO+OpenSSL o NIO2+OpenSSL para TLS, un paquete especialmente dise\\u00f1ado pod\\u00eda usarse para desencadenar un bucle infinito resultando en una denegaci\\u00f3n de servicio\"}]",
      "id": "CVE-2021-41079",
      "lastModified": "2024-11-21T06:25:24.313",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:N/A:P\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2021-09-16T15:15:07.690",
      "references": "[{\"url\": \"https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a%40%3Cusers.tomcat.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20211008-0005/\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2021/dsa-4986\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a%40%3Cusers.tomcat.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe%40%3Cdev.tomcat.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20211008-0005/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2021/dsa-4986\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "security@apache.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security@apache.org\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-835\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-41079\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2021-09-16T15:15:07.690\",\"lastModified\":\"2024-11-21T06:25:24.313\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service.\"},{\"lang\":\"es\",\"value\":\"Apache Tomcat versiones 8.5.0 hasta 8.5.63, versiones 9.0.0-M1 hasta 9.0.43 y versiones 10.0.0-M1 hasta 10.0.2, no comprueban apropiadamente los paquetes TLS entrantes. Cuando Tomcat estaba configurado para usar NIO+OpenSSL o NIO2+OpenSSL para TLS, un paquete especialmente dise\u00f1ado pod\u00eda usarse para desencadenar un bucle infinito resultando en una denegaci\u00f3n de servicio\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-835\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.5.0\",\"versionEndExcluding\":\"8.5.64\",\"matchCriteriaId\":\"D843545D-7FB7-4893-9D8F-3E0B301F622A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0.0\",\"versionEndExcluding\":\"9.0.44\",\"matchCriteriaId\":\"D1913B71-5187-4648-878E-81CB62D17F8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndIncluding\":\"10.0.2\",\"matchCriteriaId\":\"CB83F761-FB97-4573-AB91-C15121E25240\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:management_services_for_element_software_and_netapp_hci:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDAC85F0-93AF-4BE3-AE1A-8ADAF1CDF9AB\"}]}]}],\"references\":[{\"url\":\"https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a%40%3Cusers.tomcat.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20211008-0005/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-4986\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a%40%3Cusers.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20211008-0005/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-4986\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}

CERTFR-2024-AVI-0240

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, une exécution de code arbitraire et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	IBM	Spectrum	Spectrum Protect Plus versions 10.1.x antérieures à 10.1.16.1
	IBM	QRadar SIEM	QRadar SIEM M7 Appliances versions antérieures à 7.5 sans le microgiciel 4.0.0

References

Title

Publication Time

CERTFR-2024-AVI-0240

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	IBM	Spectrum	Spectrum Protect Plus versions 10.1.x antérieures à 10.1.16.1
	IBM	QRadar SIEM	QRadar SIEM M7 Appliances versions antérieures à 7.5 sans le microgiciel 4.0.0

References

Title

Publication Time

BDU:2022-02994

Vulnerability from fstec - Published: 14.10.2021

Title

Уязвимость сервера приложений Apache Tomcat, существующая из-за недостаточной проверки входных данных, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость сервера приложений Apache Tomcat существует из-за недостаточной проверки входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании при помощи специально сформированного пакета

Severity


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vendor

Сообщество свободного программного обеспечения, Red Hat Inc., Novell Inc., Apache Software Foundation, ООО «РусБИТех-Астра», АО «ИВК», АО "НППКТ", АО «НТЦ ИТ РОСА», АО «Концерн ВНИИНС»

Software Name

Debian GNU/Linux, Red Hat Enterprise Linux, Red Hat JBoss Fuse, Suse Linux Enterprise Server, OpenSUSE Leap, Tomcat, Astra Linux Special Edition (запись в едином реестре российских программ №369), Альт 8 СП (запись в едином реестре российских программ №4305), ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913), РОСА ХРОМ (запись в едином реестре российских программ №1607), ОС ОН «Стрелец» (запись в едином реестре российских программ №6177)

Software Version

9 (Debian GNU/Linux), 8 (Red Hat Enterprise Linux), 7 (Red Hat JBoss Fuse), 12 SP5 (Suse Linux Enterprise Server), 10 (Debian GNU/Linux), 6 (Red Hat JBoss Fuse), 15-LTSS (Suse Linux Enterprise Server), 15.2 (OpenSUSE Leap), 12 SP4-ESPOS (Suse Linux Enterprise Server), 12 SP4-LTSS (Suse Linux Enterprise Server), 15 SP1-BCL (Suse Linux Enterprise Server), 15 SP1-LTSS (Suse Linux Enterprise Server), 15.3 (OpenSUSE Leap), 11 (Debian GNU/Linux), от 8.5.0 до8.5.64 (Tomcat), от 9.0.0 до 9.0.44 (Tomcat), 1.7 (Astra Linux Special Edition), - (Альт 8 СП), от 10.0.0 до 10.0.2 включительно (Tomcat), до 2.5 (ОСОН ОСнова Оnyx), 12.4 (РОСА ХРОМ), до 16.01.2023 (ОС ОН «Стрелец»)

Possible Mitigations

Использование рекомендаций: https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a@%3Cusers.tomcat.apache.org%3E https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E Для программных продуктов Red Hat Inc.: https://access.redhat.com/security/cve/cve-2021-41079 Для Debian GNU/Linux: https://www.debian.org/security/2021/dsa-4986 Для программных продуктов Novell Inc.: https://www.suse.com/security/cve/CVE-2021-41079.html Для Astra Linux: использование рекомендаций производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2021-1126SE17 Для ОСОН Основа: Обновление программного обеспечения tomcat9 до версии 9.0.43+repack-2~deb11u3osnova1 Для операционной системы РОСА ХРОМ: https://abf.rosalinux.ru/advisories/ROSA-SA-2023-2258 Для ОС ОН «Стрелец»: Обновление программного обеспечения tomcat8 до версии 8.5.54-0+deb9u8 Для ОС Альт 8 СП: установка обновления из публичного репозитория программного средства: https://altsp.su/obnovleniya-bezopasnosti/

Reference

https://access.redhat.com/security/cve/cve-2021-41079 https://www.debian.org/security/2021/dsa-4986 https://nvd.nist.gov/vuln/detail/CVE-2021-41079 https://www.suse.com/security/cve/CVE-2021-41079.html https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a@%3Cusers.tomcat.apache.org%3E https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E https://wiki.astralinux.ru/astra-linux-se17-bulletin-2021-1126SE17 https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.5/ https://abf.rosalinux.ru/advisories/ROSA-SA-2023-2258 https://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023 https://altsp.su/obnovleniya-bezopasnosti/

CWE

CWE-20

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Red Hat Inc., Novell Inc., Apache Software Foundation, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb, \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\", \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb, \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "9 (Debian GNU/Linux), 8 (Red Hat Enterprise Linux), 7 (Red Hat JBoss Fuse), 12 SP5 (Suse Linux Enterprise Server), 10 (Debian GNU/Linux), 6 (Red Hat JBoss Fuse), 15-LTSS (Suse Linux Enterprise Server), 15.2 (OpenSUSE Leap), 12 SP4-ESPOS (Suse Linux Enterprise Server), 12 SP4-LTSS (Suse Linux Enterprise Server), 15 SP1-BCL (Suse Linux Enterprise Server), 15 SP1-LTSS (Suse Linux Enterprise Server), 15.3 (OpenSUSE Leap), 11 (Debian GNU/Linux), \u043e\u0442 8.5.0 \u0434\u043e8.5.64 (Tomcat), \u043e\u0442 9.0.0 \u0434\u043e 9.0.44 (Tomcat), 1.7 (Astra Linux Special Edition), - (\u0410\u043b\u044c\u0442 8 \u0421\u041f), \u043e\u0442 10.0.0 \u0434\u043e 10.0.2 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Tomcat), \u0434\u043e 2.5 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx), 12.4 (\u0420\u041e\u0421\u0410 \u0425\u0420\u041e\u041c), \u0434\u043e 16.01.2023 (\u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439: \nhttps://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a@%3Cusers.tomcat.apache.org%3E \nhttps://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe@%3Cdev.tomcat.apache.org%3E \nhttps://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E \n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/cve-2021-41079\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://www.debian.org/security/2021/dsa-4986\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://www.suse.com/security/cve/CVE-2021-41079.html\n\n\u0414\u043b\u044f Astra Linux:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2021-1126SE17\n\n\u0414\u043b\u044f \u041e\u0421\u041e\u041d \u041e\u0441\u043d\u043e\u0432\u0430:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f tomcat9 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 9.0.43+repack-2~deb11u3osnova1\n\n\u0414\u043b\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0420\u041e\u0421\u0410 \u0425\u0420\u041e\u041c: https://abf.rosalinux.ru/advisories/ROSA-SA-2023-2258\n\n\u0414\u043b\u044f \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f tomcat8 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 8.5.54-0+deb9u8\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u043b\u044c\u0442 8 \u0421\u041f: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430: https://altsp.su/obnovleniya-bezopasnosti/",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "14.10.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "29.07.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "17.05.2022",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-02994",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2021-41079",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, Red Hat Enterprise Linux, Red Hat JBoss Fuse, Suse Linux Enterprise Server, OpenSUSE Leap, Tomcat, Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), \u0420\u041e\u0421\u0410 \u0425\u0420\u041e\u041c (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161607), \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 , Red Hat Inc. Red Hat Enterprise Linux 8 , Novell Inc. Suse Linux Enterprise Server 12 SP5 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , Novell Inc. Suse Linux Enterprise Server 15-LTSS , Novell Inc. OpenSUSE Leap 15.2 , Novell Inc. Suse Linux Enterprise Server 12 SP4-ESPOS , Novell Inc. Suse Linux Enterprise Server 12 SP4-LTSS , Novell Inc. Suse Linux Enterprise Server 15 SP1-BCL , Novell Inc. Suse Linux Enterprise Server 15 SP1-LTSS , Novell Inc. OpenSUSE Leap 15.3 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u043b\u044c\u0442 8 \u0421\u041f -  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb \u0420\u041e\u0421\u0410 \u0425\u0420\u041e\u041c 12.4  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161607), \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb \u0434\u043e 16.01.2023  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 Apache Tomcat, \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0430\u044f \u0438\u0437-\u0437\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 Apache Tomcat \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u0430\u043a\u0435\u0442\u0430",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://access.redhat.com/security/cve/cve-2021-41079\nhttps://www.debian.org/security/2021/dsa-4986\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-41079\nhttps://www.suse.com/security/cve/CVE-2021-41079.html\nhttps://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a@%3Cusers.tomcat.apache.org%3E \nhttps://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe@%3Cdev.tomcat.apache.org%3E \nhttps://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2021-1126SE17\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.5/\nhttps://abf.rosalinux.ru/advisories/ROSA-SA-2023-2258\nhttps://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023\nhttps://altsp.su/obnovleniya-bezopasnosti/",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,1)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}

bit-tomcat-2021-41079

Vulnerability from bitnami_vulndb

Published

2024-03-06 11:09

Modified

2026-03-20 09:47

Summary

Apache Tomcat DoS with unexpected TLS packet

Details

Apache Tomcat 8.5.0 to 8.5.63, 9.0.0 to 9.0.43 and 10.0.0 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service.

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Bitnami",
        "name": "tomcat",
        "purl": "pkg:bitnami/tomcat"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.5.0"
            },
            {
              "fixed": "8.5.64"
            },
            {
              "introduced": "9.0.0"
            },
            {
              "fixed": "9.0.44"
            },
            {
              "introduced": "10.0.0"
            },
            {
              "fixed": "10.0.3"
            }
          ],
          "type": "SEMVER"
        }
      ],
      "severity": [
        {
          "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "type": "CVSS_V3"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-41079"
  ],
  "database_specific": {
    "cpes": [
      "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*"
    ],
    "severity": "High"
  },
  "details": "Apache Tomcat 8.5.0 to 8.5.63, 9.0.0 to 9.0.43 and 10.0.0 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service.",
  "id": "BIT-tomcat-2021-41079",
  "modified": "2026-03-20T09:47:33.381Z",
  "published": "2024-03-06T11:09:56.377Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a%40%3Cusers.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20211008-0005/"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2021/dsa-4986"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41079"
    }
  ],
  "schema_version": "1.5.0",
  "summary": "Apache Tomcat DoS with unexpected TLS packet"
}

FKIE_CVE-2021-41079

Vulnerability from fkie_nvd - Published: 2021-09-16 15:15 - Updated: 2024-11-21 06:25

Severity

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
security@apache.org	https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a%40%3Cusers.tomcat.apache.org%3E
security@apache.org	https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe%40%3Cdev.tomcat.apache.org%3E
security@apache.org	https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E	Mailing List, Vendor Advisory
security@apache.org	https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html	Mailing List, Third Party Advisory
security@apache.org	https://security.netapp.com/advisory/ntap-20211008-0005/	Third Party Advisory
security@apache.org	https://www.debian.org/security/2021/dsa-4986	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a%40%3Cusers.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E	Mailing List, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20211008-0005/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2021/dsa-4986	Third Party Advisory

Impacted products

Vendor	Product	Version
apache	tomcat	*
apache	tomcat	*
apache	tomcat	*
debian	debian_linux	9.0
debian	debian_linux	10.0
debian	debian_linux	11.0
netapp	management_services_for_element_software_and_netapp_hci	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D843545D-7FB7-4893-9D8F-3E0B301F622A",
              "versionEndExcluding": "8.5.64",
              "versionStartIncluding": "8.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1913B71-5187-4648-878E-81CB62D17F8A",
              "versionEndExcluding": "9.0.44",
              "versionStartIncluding": "9.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB83F761-FB97-4573-AB91-C15121E25240",
              "versionEndIncluding": "10.0.2",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:netapp:management_services_for_element_software_and_netapp_hci:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDAC85F0-93AF-4BE3-AE1A-8ADAF1CDF9AB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service."
    },
    {
      "lang": "es",
      "value": "Apache Tomcat versiones 8.5.0 hasta 8.5.63, versiones 9.0.0-M1 hasta 9.0.43 y versiones 10.0.0-M1 hasta 10.0.2, no comprueban apropiadamente los paquetes TLS entrantes. Cuando Tomcat estaba configurado para usar NIO+OpenSSL o NIO2+OpenSSL para TLS, un paquete especialmente dise\u00f1ado pod\u00eda usarse para desencadenar un bucle infinito resultando en una denegaci\u00f3n de servicio"
    }
  ],
  "id": "CVE-2021-41079",
  "lastModified": "2024-11-21T06:25:24.313",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-09-16T15:15:07.690",
  "references": [
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a%40%3Cusers.tomcat.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Mailing List",
        "Vendor Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20211008-0005/"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2021/dsa-4986"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a%40%3Cusers.tomcat.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Vendor Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20211008-0005/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2021/dsa-4986"
    }
  ],
  "sourceIdentifier": "security@apache.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "security@apache.org",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-835"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-59G9-7GFX-C72P

Vulnerability from github – Published: 2021-09-20 20:45 – Updated: 2021-10-18 14:52

Summary

Infinite loop in Tomcat due to parsing error

Details

Severity

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat:tomcat"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "10.0.0"
            },
            {
              "fixed": "10.0.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat:tomcat"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "9.0.0"
            },
            {
              "fixed": "9.0.44"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat:tomcat"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.5.0"
            },
            {
              "fixed": "8.5.64"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-41079"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-835"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-09-17T18:01:45Z",
    "nvd_published_at": "2021-09-16T15:15:00Z",
    "severity": "HIGH"
  },
  "details": "Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service.",
  "id": "GHSA-59g9-7gfx-c72p",
  "modified": "2021-10-18T14:52:03Z",
  "published": "2021-09-20T20:45:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41079"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tomcat/commit/34115fb3c83f6cd97772232316a492a4cc5729e0"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/tomcat"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a@%3Cusers.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe@%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20211008-0005"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2021/dsa-4986"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Infinite loop in Tomcat due to parsing error"
}

GSD-2021-41079

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2021-41079

Aliases

CVE-2021-41079

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-41079",
    "description": "Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service.",
    "id": "GSD-2021-41079",
    "references": [
      "https://www.suse.com/security/cve/CVE-2021-41079.html",
      "https://www.debian.org/security/2021/dsa-4986",
      "https://access.redhat.com/errata/RHSA-2021:3743",
      "https://access.redhat.com/errata/RHSA-2021:3741",
      "https://advisories.mageia.org/CVE-2021-41079.html",
      "https://ubuntu.com/security/CVE-2021-41079",
      "https://access.redhat.com/errata/RHSA-2022:1179",
      "https://alas.aws.amazon.com/cve/html/CVE-2021-41079.html",
      "https://access.redhat.com/errata/RHSA-2022:5532"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-41079"
      ],
      "details": "Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service.",
      "id": "GSD-2021-41079",
      "modified": "2023-12-13T01:23:26.997531Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@apache.org",
        "ID": "CVE-2021-41079",
        "STATE": "PUBLIC",
        "TITLE": "Apache Tomcat DoS with unexpected TLS packet"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Apache Tomcat",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_name": "Apache Tomcat 8.5",
                          "version_value": "8.5.0 to 8.5.63"
                        },
                        {
                          "version_affected": "=",
                          "version_name": "Apache Tomcat 9",
                          "version_value": "9.0.0-M1 to 9.0.43"
                        },
                        {
                          "version_affected": "=",
                          "version_name": "Apache Tomcat 10",
                          "version_value": "10.0.0-M1 to 10.0.2"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Apache Software Foundation"
            }
          ]
        }
      },
      "credit": [
        {
          "lang": "eng",
          "value": "The Apache Tomcat security team would like to thank Thomas Wozenilek for originally reporting this issue and David Frankson of Infinite Campus for also providing a test case that reproduced the issue."
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "impact": [
        {
          "other": "high"
        }
      ],
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-20 Improper Input Validation"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E",
            "refsource": "MISC",
            "url": "https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E"
          },
          {
            "name": "[debian-lts-announce] 20210922 [SECURITY] [DLA 2764-1] tomcat8 security update",
            "refsource": "MLIST",
            "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20211008-0005/",
            "refsource": "CONFIRM",
            "url": "https://security.netapp.com/advisory/ntap-20211008-0005/"
          },
          {
            "name": "[tomcat-dev] 20211014 [SECURITY] CVE-2021-42340 Apache Tomcat DoS",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe@%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-users] 20211014 [SECURITY] CVE-2021-42340 Apache Tomcat DoS",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a@%3Cusers.tomcat.apache.org%3E"
          },
          {
            "name": "DSA-4986",
            "refsource": "DEBIAN",
            "url": "https://www.debian.org/security/2021/dsa-4986"
          }
        ]
      },
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "[8.5.0,8.5.64),[9.0.0,9.0.44),[10.0.0,10.0.2]",
          "affected_versions": "All versions starting from 8.5.0 before 8.5.64, all versions starting from 9.0.0 before 9.0.44, all versions starting from 10.0.0 up to 10.0.2",
          "cvss_v2": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-835",
            "CWE-937"
          ],
          "date": "2022-10-25",
          "description": "Apache Tomcat does not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service.",
          "fixed_versions": [
            "8.5.64",
            "9.0.44",
            "10.0.4"
          ],
          "identifier": "CVE-2021-41079",
          "identifiers": [
            "CVE-2021-41079"
          ],
          "not_impacted": "All versions before 8.5.0, all versions starting from 8.5.64 before 9.0.0, all versions starting from 9.0.44 before 10.0.0, all versions after 10.0.2",
          "package_slug": "maven/org.apache.tomcat.embed/tomcat-embed-core",
          "pubdate": "2021-09-16",
          "solution": "Upgrade to versions 8.5.64, 9.0.44, 10.0.4 or above.",
          "title": "Improper Input Validation",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2021-41079",
            "https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E"
          ],
          "uuid": "091b0345-b3fb-48b4-9169-62a1843761c6"
        },
        {
          "affected_range": "[8.5.0,8.5.64),[9.0.0,9.0.44),[10.0.0,10.0.2]",
          "affected_versions": "All versions starting from 8.5.0 before 8.5.64, all versions starting from 9.0.0 before 9.0.44, all versions starting from 10.0.0 up to 10.0.2",
          "cvss_v2": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-835",
            "CWE-937"
          ],
          "date": "2022-10-25",
          "description": "Apache Tomcat does not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service.",
          "fixed_versions": [
            "8.5.64",
            "9.0.44",
            "10.0.4"
          ],
          "identifier": "CVE-2021-41079",
          "identifiers": [
            "CVE-2021-41079"
          ],
          "not_impacted": "All versions before 8.5.0, all versions starting from 8.5.64 before 9.0.0, all versions starting from 9.0.44 before 10.0.0, all versions after 10.0.2",
          "package_slug": "maven/org.apache.tomcat/tomcat",
          "pubdate": "2021-09-16",
          "solution": "Upgrade to versions 8.5.64, 9.0.44, 10.0.4 or above.",
          "title": "Improper Input Validation",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2021-41079",
            "https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E"
          ],
          "uuid": "e2e445e9-0603-403c-a75a-99962c7416a6"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "10.0.2",
                "versionStartIncluding": "10.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "9.0.44",
                "versionStartIncluding": "9.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.5.64",
                "versionStartIncluding": "8.5.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:netapp:management_services_for_element_software_and_netapp_hci:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "ID": "CVE-2021-41079"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-835"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E",
              "refsource": "MISC",
              "tags": [
                "Mailing List",
                "Vendor Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E"
            },
            {
              "name": "[debian-lts-announce] 20210922 [SECURITY] [DLA 2764-1] tomcat8 security update",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00012.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20211008-0005/",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20211008-0005/"
            },
            {
              "name": "[tomcat-users] 20211014 [SECURITY] CVE-2021-42340 Apache Tomcat DoS",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Vendor Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/r6b6b674e3f168dd010e67dbe6848b866e2acf26371452fdae313b98a@%3Cusers.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20211014 [SECURITY] CVE-2021-42340 Apache Tomcat DoS",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Vendor Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/rb4de81ac647043541a32881099aa6eb5a23f1b7fd116f713f8ab9dbe@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "DSA-4986",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.debian.org/security/2021/dsa-4986"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2022-10-25T18:36Z",
      "publishedDate": "2021-09-16T15:15Z"
    }
  }
}

NCSC-2025-0123

Vulnerability from csaf_ncscnl - Published: 2025-04-16 08:37 - Updated: 2025-04-16 08:37

Summary

Kwetsbaarheden verholpen in Oracle Database Producten

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten: Oracle heeft kwetsbaarheden verholpen in diverse Oracle Database Producten en subsystemen, zoals Oracle Server, NoSQL, TimesTen, Secure Backup en Essbase.

Interpretaties: De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om een Denial-of-Service te veroorzaken of om ongeautoriseerde toegang te verkrijgen tot gevoelige gegevens en gegevens te manipuleren. Subcomponenten als de RDBMS Listener, Java VM, en andere componenten zijn specifiek kwetsbaar, met CVSS-scores variërend van 5.3 tot 7.5, wat duidt op een gematigd tot hoog risico.

Oplossingen: Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-385: Covert Timing Channel

CWE-347: Improper Verification of Cryptographic Signature

CWE-1286: Improper Validation of Syntactic Correctness of Input

CWE-125: Out-of-bounds Read

CWE-404: Improper Resource Shutdown or Release

CWE-400: Uncontrolled Resource Consumption

CWE-502: Deserialization of Untrusted Data

CWE-918: Server-Side Request Forgery (SSRF)

CWE-787: Out-of-bounds Write

CWE-20: Improper Input Validation

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-44: Path Equivalence: 'file.name' (Internal Dot)

CWE-226: Sensitive Information in Resource Not Removed Before Reuse

CWE-706: Use of Incorrectly-Resolved Name or Reference

CWE-669: Incorrect Resource Transfer Between Spheres

CWE-755: Improper Handling of Exceptional Conditions

CWE-178: Improper Handling of Case Sensitivity

CWE-193: Off-by-one Error

CWE-601: URL Redirection to Untrusted Site ('Open Redirect')

CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CWE-523: Unprotected Transport of Credentials

CWE-190: Integer Overflow or Wraparound

CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

CWE-285: Improper Authorization

CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CWE-284: Improper Access Control

CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CWE-476: NULL Pointer Dereference

CWE-459: Incomplete Cleanup

CWE-94: Improper Control of Generation of Code ('Code Injection')

CWE-770: Allocation of Resources Without Limits or Throttling

CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE-674: Uncontrolled Recursion

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CWE-122: Heap-based Buffer Overflow

CWE-121: Stack-based Buffer Overflow

CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE-269: Improper Privilege Management

CWE-287: Improper Authentication

CVE-2020-1935

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2020-1938

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-285 - Improper Authorization

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2020-9484

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2020-11996

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2020-13935

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2020-13943

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2020-36843

4.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE-347 - Improper Verification of Cryptographic Signature

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2021-24122

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2021-25122

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2021-25329

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2021-30640

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-287 - Improper Authentication

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2021-33037

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2021-41079

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2021-41184

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2021-42575

CWE-20 - Improper Input Validation

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2021-43980

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2022-3786

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-193 - Off-by-one Error

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2022-25762

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CWE-226 - Sensitive Information in Resource Not Removed Before Reuse

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2022-42252

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2023-28708

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2023-34053

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2023-41080

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2023-42795

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-459 - Incomplete Cleanup

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2023-44487

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2023-45648

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2023-46589

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-6763

CWE-1286 - Improper Validation of Syntactic Correctness of Input

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-8176

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-121 - Stack-based Buffer Overflow

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-8184

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-9143

CWE-787 - Out-of-bounds Write

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-11053

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-11233

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

CWE-122 - Heap-based Buffer Overflow

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-11234

7.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

CWE-20 - Improper Input Validation

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-11236

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-787 - Out-of-bounds Write

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-13176

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-385 - Covert Timing Channel

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-23672

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-459 - Incomplete Cleanup

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-24549

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-36114

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

CWE-125 - Out-of-bounds Read

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-37891

4.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

CWE-669 - Incorrect Resource Transfer Between Spheres

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-38819

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-38820

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-284 - Improper Access Control

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-38999

10.0 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-39338

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CWE-918 - Server-Side Request Forgery (SSRF)

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-47554

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-47561

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-53382

4.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N

CWE-94 - Improper Control of Generation of Code ('Code Injection')

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-57699

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2025-21578

6.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2025-24813

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2025-24970

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2025-25193

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2025-26791

4.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2025-30694

5.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2025-30701

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2025-30702

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2025-30733

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2025-30736

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

References

58 references

URL	Category
https://www.oracle.com/security-alerts/cpuapr2025.html	external
https://api.ncsc.nl/velma/v1/vulnerabilities/2020…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2020…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2020…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2020…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2020…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2020…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2020…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2021…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2021…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2021…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2021…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2021…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2021…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2021…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2021…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2021…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Oracle heeft kwetsbaarheden verholpen in diverse Oracle Database Producten en subsystemen, zoals Oracle Server, NoSQL, TimesTen, Secure Backup en Essbase.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om een Denial-of-Service te veroorzaken of om ongeautoriseerde toegang te verkrijgen tot gevoelige gegevens en gegevens te manipuleren. Subcomponenten als de RDBMS Listener, Java VM, en andere componenten zijn specifiek kwetsbaar, met CVSS-scores vari\u00ebrend van 5.3 tot 7.5, wat duidt op een gematigd tot hoog risico.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Covert Timing Channel",
        "title": "CWE-385"
      },
      {
        "category": "general",
        "text": "Improper Verification of Cryptographic Signature",
        "title": "CWE-347"
      },
      {
        "category": "general",
        "text": "Improper Validation of Syntactic Correctness of Input",
        "title": "CWE-1286"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Read",
        "title": "CWE-125"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Deserialization of Untrusted Data",
        "title": "CWE-502"
      },
      {
        "category": "general",
        "text": "Server-Side Request Forgery (SSRF)",
        "title": "CWE-918"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      },
      {
        "category": "general",
        "text": "Path Equivalence: \u0027file.name\u0027 (Internal Dot)",
        "title": "CWE-44"
      },
      {
        "category": "general",
        "text": "Sensitive Information in Resource Not Removed Before Reuse",
        "title": "CWE-226"
      },
      {
        "category": "general",
        "text": "Use of Incorrectly-Resolved Name or Reference",
        "title": "CWE-706"
      },
      {
        "category": "general",
        "text": "Incorrect Resource Transfer Between Spheres",
        "title": "CWE-669"
      },
      {
        "category": "general",
        "text": "Improper Handling of Exceptional Conditions",
        "title": "CWE-755"
      },
      {
        "category": "general",
        "text": "Improper Handling of Case Sensitivity",
        "title": "CWE-178"
      },
      {
        "category": "general",
        "text": "Off-by-one Error",
        "title": "CWE-193"
      },
      {
        "category": "general",
        "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
        "title": "CWE-601"
      },
      {
        "category": "general",
        "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
        "title": "CWE-444"
      },
      {
        "category": "general",
        "text": "Unprotected Transport of Credentials",
        "title": "CWE-523"
      },
      {
        "category": "general",
        "text": "Integer Overflow or Wraparound",
        "title": "CWE-190"
      },
      {
        "category": "general",
        "text": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute",
        "title": "CWE-614"
      },
      {
        "category": "general",
        "text": "Improper Authorization",
        "title": "CWE-285"
      },
      {
        "category": "general",
        "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
        "title": "CWE-362"
      },
      {
        "category": "general",
        "text": "Improper Access Control",
        "title": "CWE-284"
      },
      {
        "category": "general",
        "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
        "title": "CWE-1321"
      },
      {
        "category": "general",
        "text": "NULL Pointer Dereference",
        "title": "CWE-476"
      },
      {
        "category": "general",
        "text": "Incomplete Cleanup",
        "title": "CWE-459"
      },
      {
        "category": "general",
        "text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
        "title": "CWE-94"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
        "title": "CWE-74"
      },
      {
        "category": "general",
        "text": "Uncontrolled Recursion",
        "title": "CWE-674"
      },
      {
        "category": "general",
        "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
        "title": "CWE-22"
      },
      {
        "category": "general",
        "text": "Exposure of Sensitive Information to an Unauthorized Actor",
        "title": "CWE-200"
      },
      {
        "category": "general",
        "text": "Heap-based Buffer Overflow",
        "title": "CWE-122"
      },
      {
        "category": "general",
        "text": "Stack-based Buffer Overflow",
        "title": "CWE-121"
      },
      {
        "category": "general",
        "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
        "title": "CWE-120"
      },
      {
        "category": "general",
        "text": "Improper Privilege Management",
        "title": "CWE-269"
      },
      {
        "category": "general",
        "text": "Improper Authentication",
        "title": "CWE-287"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; nvd; oracle",
        "url": "https://www.oracle.com/security-alerts/cpuapr2025.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Oracle Database Producten",
    "tracking": {
      "current_release_date": "2025-04-16T08:37:39.412900Z",
      "generator": {
        "date": "2025-02-25T15:15:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.0"
        }
      },
      "id": "NCSC-2025-0123",
      "initial_release_date": "2025-04-16T08:37:39.412900Z",
      "revision_history": [
        {
          "date": "2025-04-16T08:37:39.412900Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/22.1",
                    "product": {
                      "name": "vers:unknown/22.1",
                      "product_id": "CSAFPID-1304603"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Database Server"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/13.5.0.0",
                    "product": {
                      "name": "vers:unknown/13.5.0.0",
                      "product_id": "CSAFPID-1201359"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Enterprise Manager for Oracle Database"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/\u003e=19.1.0.0.0|\u003c=19.26.0.0.250219",
                    "product": {
                      "name": "vers:unknown/\u003e=19.1.0.0.0|\u003c=19.26.0.0.250219",
                      "product_id": "CSAFPID-2698376"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/\u003e=21.3|\u003c=21.17",
                    "product": {
                      "name": "vers:unknown/\u003e=21.3|\u003c=21.17",
                      "product_id": "CSAFPID-2698377"
                    }
                  }
                ],
                "category": "product_name",
                "name": "GoldenGate"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/23.1",
                    "product": {
                      "name": "vers:oracle/23.1",
                      "product_id": "CSAFPID-1238473"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/2.0",
                    "product": {
                      "name": "vers:unknown/2.0",
                      "product_id": "CSAFPID-1237753"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/20.2",
                    "product": {
                      "name": "vers:unknown/20.2",
                      "product_id": "CSAFPID-1238475"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/23.1",
                    "product": {
                      "name": "vers:unknown/23.1",
                      "product_id": "CSAFPID-1296375"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/none",
                    "product": {
                      "name": "vers:unknown/none",
                      "product_id": "CSAFPID-1237603"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Big Data Spatial and Graph"
              }
            ],
            "category": "product_family",
            "name": "Oracle"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003e=19.3|\u003c=19.22",
                "product": {
                  "name": "vers:oracle/\u003e=19.3|\u003c=19.22",
                  "product_id": "CSAFPID-1145825"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003e=21.3|\u003c=21.13",
                "product": {
                  "name": "vers:oracle/\u003e=21.3|\u003c=21.13",
                  "product_id": "CSAFPID-1145826"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Database Server"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=19.3|\u003c=19.26",
                    "product": {
                      "name": "vers:oracle/\u003e=19.3|\u003c=19.26",
                      "product_id": "CSAFPID-2698969",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=21.3|\u003c=21.17",
                    "product": {
                      "name": "vers:oracle/\u003e=21.3|\u003c=21.17",
                      "product_id": "CSAFPID-2698968",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=21.4|\u003c=21.16",
                    "product": {
                      "name": "vers:oracle/\u003e=21.4|\u003c=21.16",
                      "product_id": "CSAFPID-1839905",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=23.4|\u003c=23.7",
                    "product": {
                      "name": "vers:oracle/\u003e=23.4|\u003c=23.7",
                      "product_id": "CSAFPID-2698934",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Database Server"
              }
            ],
            "category": "product_family",
            "name": "Oracle Database Server"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/13.5.0.0",
                "product": {
                  "name": "vers:oracle/13.5.0.0",
                  "product_id": "CSAFPID-1144644"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Enterprise Manager for Oracle Database"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/1.5.0",
                    "product": {
                      "name": "vers:oracle/1.5.0",
                      "product_id": "CSAFPID-2699002",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/1.6.0",
                    "product": {
                      "name": "vers:oracle/1.6.0",
                      "product_id": "CSAFPID-2699003",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/1.6.1",
                    "product": {
                      "name": "vers:oracle/1.6.1",
                      "product_id": "CSAFPID-2699004",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle NoSQL Database"
              }
            ],
            "category": "product_family",
            "name": "Oracle NoSQL Database"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=22.1.1.1.0|\u003c=22.1.1.30.0",
                    "product": {
                      "name": "vers:oracle/\u003e=22.1.1.1.0|\u003c=22.1.1.30.0",
                      "product_id": "CSAFPID-2699053",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle TimesTen In-Memory Database"
              }
            ],
            "category": "product_family",
            "name": "Oracle TimesTen In-Memory Database"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/25.1.0",
                    "product": {
                      "name": "vers:oracle/25.1.0",
                      "product_id": "CSAFPID-2698932",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/25.2.0",
                    "product": {
                      "name": "vers:oracle/25.2.0",
                      "product_id": "CSAFPID-2698931",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=23.8.0|\u003c=23.11.0",
                    "product": {
                      "name": "vers:oracle/\u003e=23.8.0|\u003c=23.11.0",
                      "product_id": "CSAFPID-2698930",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=24.1.0|\u003c=24.11.0",
                    "product": {
                      "name": "vers:oracle/\u003e=24.1.0|\u003c=24.11.0",
                      "product_id": "CSAFPID-2698933",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Autonomous Health Framework"
              }
            ],
            "category": "product_family",
            "name": "Oracle Autonomous Health Framework"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/21.7.1.0.0",
                    "product": {
                      "name": "vers:oracle/21.7.1.0.0",
                      "product_id": "CSAFPID-2698943",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Essbase"
              }
            ],
            "category": "product_family",
            "name": "Oracle Essbase"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.10",
                    "product": {
                      "name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.10",
                      "product_id": "CSAFPID-2698949",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "GoldenGate Stream Analytics"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.26.0.0.250219",
                    "product": {
                      "name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.26.0.0.250219",
                      "product_id": "CSAFPID-2698941",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=21.3|\u003c=21.17",
                    "product": {
                      "name": "vers:oracle/\u003e=21.3|\u003c=21.17",
                      "product_id": "CSAFPID-2698942",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=23.4|\u003c=23.7",
                    "product": {
                      "name": "vers:oracle/\u003e=23.4|\u003c=23.7",
                      "product_id": "CSAFPID-2699022",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle GoldenGate"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.18",
                    "product": {
                      "name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.18",
                      "product_id": "CSAFPID-1839977",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=21.3.0.0.0|\u003c=21.16.0.0.0",
                    "product": {
                      "name": "vers:oracle/\u003e=21.3.0.0.0|\u003c=21.16.0.0.0",
                      "product_id": "CSAFPID-1840034",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=23.4|\u003c=23.6",
                    "product": {
                      "name": "vers:oracle/\u003e=23.4|\u003c=23.6",
                      "product_id": "CSAFPID-1840035",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle GoldenGate Big Data and Application Adapters"
              }
            ],
            "category": "product_family",
            "name": "Oracle GoldenGate"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.7",
                "product": {
                  "name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.7",
                  "product_id": "CSAFPID-1144602"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle GoldenGate Stream Analytics"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003c23.1",
                "product": {
                  "name": "vers:oracle/\u003c23.1",
                  "product_id": "CSAFPID-1145800"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:unknown/2.0",
                "product": {
                  "name": "vers:unknown/2.0",
                  "product_id": "CSAFPID-356315",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:unknown/23.1",
                "product": {
                  "name": "vers:unknown/23.1",
                  "product_id": "CSAFPID-356152"
                }
              }
            ],
            "category": "product_name",
            "name": "Big Data Spatial and Graph"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/23.4.3",
                    "product": {
                      "name": "vers:oracle/23.4.3",
                      "product_id": "CSAFPID-2699065",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.3.0",
                    "product": {
                      "name": "vers:oracle/24.3.0",
                      "product_id": "CSAFPID-2699066",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/23.4.4",
                    "product": {
                      "name": "vers:oracle/23.4.4",
                      "product_id": "CSAFPID-1840017",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.4.0",
                    "product": {
                      "name": "vers:oracle/24.4.0",
                      "product_id": "CSAFPID-1840013",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Graph Server and Client"
              }
            ],
            "category": "product_family",
            "name": "Oracle Graph Server and Client"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003c=22.4.7",
                "product": {
                  "name": "vers:oracle/\u003c=22.4.7",
                  "product_id": "CSAFPID-1145419",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003c=23.4.2",
                "product": {
                  "name": "vers:oracle/\u003c=23.4.2",
                  "product_id": "CSAFPID-1145421",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003c=24.1.0",
                "product": {
                  "name": "vers:oracle/\u003c=24.1.0",
                  "product_id": "CSAFPID-1145422",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Graph Server and Client"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/3.0.6",
                "product": {
                  "name": "vers:oracle/3.0.6",
                  "product_id": "CSAFPID-1145420",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Big Data Spatial and Graph"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/12.1.0.1",
                    "product": {
                      "name": "vers:oracle/12.1.0.1",
                      "product_id": "CSAFPID-2699109",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/12.1.0.2",
                    "product": {
                      "name": "vers:oracle/12.1.0.2",
                      "product_id": "CSAFPID-2699107",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/12.1.0.3",
                    "product": {
                      "name": "vers:oracle/12.1.0.3",
                      "product_id": "CSAFPID-2699106",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/18.1.0.0",
                    "product": {
                      "name": "vers:oracle/18.1.0.0",
                      "product_id": "CSAFPID-2699110",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/18.1.0.1",
                    "product": {
                      "name": "vers:oracle/18.1.0.1",
                      "product_id": "CSAFPID-2698972",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/18.1.0.2",
                    "product": {
                      "name": "vers:oracle/18.1.0.2",
                      "product_id": "CSAFPID-2699108",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Secure Backup"
              }
            ],
            "category": "product_family",
            "name": "Oracle Secure Backup"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:semver/19.3|\u003c=19.26",
                "product": {
                  "name": "vers:semver/19.3|\u003c=19.26",
                  "product_id": "CSAFPID-2698485"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:semver/21.3|\u003c=21.17",
                "product": {
                  "name": "vers:semver/21.3|\u003c=21.17",
                  "product_id": "CSAFPID-2698486"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:semver/23.4|\u003c=23.7",
                "product": {
                  "name": "vers:semver/23.4|\u003c=23.7",
                  "product_id": "CSAFPID-2698487"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Database Server"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:semver/12.1.0.1",
                "product": {
                  "name": "vers:semver/12.1.0.1",
                  "product_id": "CSAFPID-2698463"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:semver/12.1.0.2",
                "product": {
                  "name": "vers:semver/12.1.0.2",
                  "product_id": "CSAFPID-2698464"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:semver/12.1.0.3",
                "product": {
                  "name": "vers:semver/12.1.0.3",
                  "product_id": "CSAFPID-2698465"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:semver/18.1.0.0",
                "product": {
                  "name": "vers:semver/18.1.0.0",
                  "product_id": "CSAFPID-2698466"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:semver/18.1.0.1",
                "product": {
                  "name": "vers:semver/18.1.0.1",
                  "product_id": "CSAFPID-2698467"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:semver/18.1.0.2",
                "product": {
                  "name": "vers:semver/18.1.0.2",
                  "product_id": "CSAFPID-2698468"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Secure Backup"
          }
        ],
        "category": "vendor",
        "name": "Oracle Corporation"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-1935",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-1935",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-1935.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2020-1935"
    },
    {
      "cve": "CVE-2020-1938",
      "cwe": {
        "id": "CWE-285",
        "name": "Improper Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Authorization",
          "title": "CWE-285"
        },
        {
          "category": "other",
          "text": "Improper Privilege Management",
          "title": "CWE-269"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-1938",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-1938.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2020-1938"
    },
    {
      "cve": "CVE-2020-9484",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-9484",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-9484.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2020-9484"
    },
    {
      "cve": "CVE-2020-11996",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-11996",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-11996.json"
        }
      ],
      "title": "CVE-2020-11996"
    },
    {
      "cve": "CVE-2020-13935",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-13935",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-13935.json"
        }
      ],
      "title": "CVE-2020-13935"
    },
    {
      "cve": "CVE-2020-13943",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-13943",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-13943.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2020-13943"
    },
    {
      "cve": "CVE-2020-36843",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Verification of Cryptographic Signature",
          "title": "CWE-347"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-36843",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-36843.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2020-36843"
    },
    {
      "cve": "CVE-2021-24122",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-24122",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-24122.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2021-24122"
    },
    {
      "cve": "CVE-2021-25122",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-25122",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-25122.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2021-25122"
    },
    {
      "cve": "CVE-2021-25329",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-25329",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-25329.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2021-25329"
    },
    {
      "cve": "CVE-2021-30640",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Authentication",
          "title": "CWE-287"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-30640",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-30640.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2021-30640"
    },
    {
      "cve": "CVE-2021-33037",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-33037",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-33037.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2021-33037"
    },
    {
      "cve": "CVE-2021-41079",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-41079",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-41079.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2021-41079"
    },
    {
      "cve": "CVE-2021-41184",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-41184",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-41184.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2021-41184"
    },
    {
      "cve": "CVE-2021-42575",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-42575",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-42575.json"
        }
      ],
      "title": "CVE-2021-42575"
    },
    {
      "cve": "CVE-2021-43980",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
          "title": "CWE-362"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-43980",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-43980.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2021-43980"
    },
    {
      "cve": "CVE-2022-3786",
      "cwe": {
        "id": "CWE-193",
        "name": "Off-by-one Error"
      },
      "notes": [
        {
          "category": "other",
          "text": "Off-by-one Error",
          "title": "CWE-193"
        },
        {
          "category": "other",
          "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
          "title": "CWE-120"
        },
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        },
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-3786",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-3786.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2022-3786"
    },
    {
      "cve": "CVE-2022-25762",
      "cwe": {
        "id": "CWE-226",
        "name": "Sensitive Information in Resource Not Removed Before Reuse"
      },
      "notes": [
        {
          "category": "other",
          "text": "Sensitive Information in Resource Not Removed Before Reuse",
          "title": "CWE-226"
        },
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Improper Handling of Exceptional Conditions",
          "title": "CWE-755"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-25762",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-25762.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2022-25762"
    },
    {
      "cve": "CVE-2022-42252",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-42252",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42252.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2022-42252"
    },
    {
      "cve": "CVE-2023-28708",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        },
        {
          "category": "other",
          "text": "Unprotected Transport of Credentials",
          "title": "CWE-523"
        },
        {
          "category": "other",
          "text": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute",
          "title": "CWE-614"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-28708",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28708.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2023-28708"
    },
    {
      "cve": "CVE-2023-34053",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-34053",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-34053.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2023-34053"
    },
    {
      "cve": "CVE-2023-41080",
      "cwe": {
        "id": "CWE-601",
        "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
          "title": "CWE-601"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-41080",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-41080.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2023-41080"
    },
    {
      "cve": "CVE-2023-42795",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incomplete Cleanup",
          "title": "CWE-459"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-42795",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-42795.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2023-42795"
    },
    {
      "cve": "CVE-2023-44487",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-44487",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2023-44487"
    },
    {
      "cve": "CVE-2023-45648",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-45648",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45648.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2023-45648"
    },
    {
      "cve": "CVE-2023-46589",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-46589",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46589.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2023-46589"
    },
    {
      "cve": "CVE-2024-6763",
      "cwe": {
        "id": "CWE-1286",
        "name": "Improper Validation of Syntactic Correctness of Input"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Validation of Syntactic Correctness of Input",
          "title": "CWE-1286"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-6763",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6763.json"
        }
      ],
      "title": "CVE-2024-6763"
    },
    {
      "cve": "CVE-2024-8176",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        },
        {
          "category": "other",
          "text": "Uncontrolled Recursion",
          "title": "CWE-674"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-8176",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-8176.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-8176"
    },
    {
      "cve": "CVE-2024-8184",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-8184",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-8184.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-8184"
    },
    {
      "cve": "CVE-2024-9143",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-9143",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9143.json"
        }
      ],
      "title": "CVE-2024-9143"
    },
    {
      "cve": "CVE-2024-11053",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-11053",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11053.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-11053"
    },
    {
      "cve": "CVE-2024-11233",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-11233",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11233.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-11233"
    },
    {
      "cve": "CVE-2024-11234",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        },
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
          "title": "CWE-74"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-11234",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11234.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-11234"
    },
    {
      "cve": "CVE-2024-11236",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-11236",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11236.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-11236"
    },
    {
      "cve": "CVE-2024-13176",
      "cwe": {
        "id": "CWE-385",
        "name": "Covert Timing Channel"
      },
      "notes": [
        {
          "category": "other",
          "text": "Covert Timing Channel",
          "title": "CWE-385"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-13176",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-13176.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-13176"
    },
    {
      "cve": "CVE-2024-23672",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incomplete Cleanup",
          "title": "CWE-459"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-23672",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23672.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-23672"
    },
    {
      "cve": "CVE-2024-24549",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-24549",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-24549"
    },
    {
      "cve": "CVE-2024-36114",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-36114",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36114.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-36114"
    },
    {
      "cve": "CVE-2024-37891",
      "cwe": {
        "id": "CWE-669",
        "name": "Incorrect Resource Transfer Between Spheres"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Resource Transfer Between Spheres",
          "title": "CWE-669"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-37891",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-37891"
    },
    {
      "cve": "CVE-2024-38819",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38819",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38819.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-38819"
    },
    {
      "cve": "CVE-2024-38820",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        },
        {
          "category": "other",
          "text": "Improper Handling of Case Sensitivity",
          "title": "CWE-178"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38820",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-38820"
    },
    {
      "cve": "CVE-2024-38999",
      "cwe": {
        "id": "CWE-1321",
        "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
          "title": "CWE-1321"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38999",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 10.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-38999"
    },
    {
      "cve": "CVE-2024-39338",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Server-Side Request Forgery (SSRF)",
          "title": "CWE-918"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-39338",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39338.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-39338"
    },
    {
      "cve": "CVE-2024-47554",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-47554",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47554.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-47554"
    },
    {
      "cve": "CVE-2024-47561",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-47561",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-47561"
    },
    {
      "cve": "CVE-2024-53382",
      "cwe": {
        "id": "CWE-94",
        "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
          "title": "CWE-94"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-53382",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-53382.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-53382"
    },
    {
      "cve": "CVE-2024-57699",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Uncontrolled Recursion",
          "title": "CWE-674"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-57699",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-57699.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-57699"
    },
    {
      "cve": "CVE-2025-21578",
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21578",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21578.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-21578"
    },
    {
      "cve": "CVE-2025-24813",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        },
        {
          "category": "other",
          "text": "Path Equivalence: \u0027file.name\u0027 (Internal Dot)",
          "title": "CWE-44"
        },
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        },
        {
          "category": "other",
          "text": "Use of Incorrectly-Resolved Name or Reference",
          "title": "CWE-706"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-24813",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24813.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-24813"
    },
    {
      "cve": "CVE-2025-24970",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-24970",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24970.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-24970"
    },
    {
      "cve": "CVE-2025-25193",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-25193",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-25193.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-25193"
    },
    {
      "cve": "CVE-2025-26791",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-26791",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26791.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-26791"
    },
    {
      "cve": "CVE-2025-30694",
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-30694",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30694.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-30694"
    },
    {
      "cve": "CVE-2025-30701",
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-30701",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30701.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-30701"
    },
    {
      "cve": "CVE-2025-30702",
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-30702",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30702.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-30702"
    },
    {
      "cve": "CVE-2025-30733",
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-30733",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30733.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-30733"
    },
    {
      "cve": "CVE-2025-30736",
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-30736",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30736.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-30736"
    }
  ]
}

OPENSUSE-SU-2021:1490-1

Vulnerability from csaf_opensuse - Published: 2021-11-19 19:06 - Updated: 2021-11-19 19:06

Summary

Security update for tomcat

Severity

Moderate

Notes

Title of the patch: Security update for tomcat

Description of the patch: This update for tomcat fixes the following issues: - CVE-2021-30640: Escape parameters in JNDI Realm queries (bsc#1188279). - CVE-2021-33037: Process T-E header from both HTTP 1.0 and HTTP 1.1. clients (bsc#1188278). - CVE-2021-41079: Fixed a denial of service caused by an unexpected TLS packet (bsc#1190558). This update was imported from the SUSE:SLE-15-SP2:Update update project.

Patchnames: openSUSE-2021-1490

CVE-2021-30640

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

Affected products

Recommended 11 products

Product	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:tomcat-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-admin-webapps-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-docs-webapp-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-el-3_0-api-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-embed-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-javadoc-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-jsp-2_3-api-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-jsvc-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-lib-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-servlet-4_0-api-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-webapps-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix

Threats

Impact moderate

CVE-2021-33037

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected products

Recommended 11 products

Product	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:tomcat-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-admin-webapps-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-docs-webapp-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-el-3_0-api-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-embed-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-javadoc-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-jsp-2_3-api-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-jsvc-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-lib-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-servlet-4_0-api-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-webapps-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix

Threats

Impact moderate

CVE-2021-41079

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 11 products

Product	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:tomcat-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-admin-webapps-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-docs-webapp-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-el-3_0-api-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-embed-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-javadoc-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-jsp-2_3-api-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-jsvc-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-lib-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-servlet-4_0-api-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:tomcat-webapps-9.0.36-lp152.2.25.1.noarch	—	Vendor Fix

Threats

Impact moderate

References

18 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://lists.opensuse.org/archives/list/security…	self
https://lists.opensuse.org/archives/list/security…	self
https://bugzilla.suse.com/1188278	self
https://bugzilla.suse.com/1188279	self
https://bugzilla.suse.com/1190558	self
https://www.suse.com/security/cve/CVE-2021-30640/	self
https://www.suse.com/security/cve/CVE-2021-33037/	self
https://www.suse.com/security/cve/CVE-2021-41079/	self
https://www.suse.com/security/cve/CVE-2021-30640	external
https://bugzilla.suse.com/1188279	external
https://bugzilla.suse.com/1200696	external
https://www.suse.com/security/cve/CVE-2021-33037	external
https://bugzilla.suse.com/1188278	external
https://bugzilla.suse.com/1200696	external
https://www.suse.com/security/cve/CVE-2021-41079	external
https://bugzilla.suse.com/1190558	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for tomcat",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for tomcat fixes the following issues:\n\n- CVE-2021-30640: Escape parameters in JNDI Realm queries (bsc#1188279).\n- CVE-2021-33037: Process T-E header from both HTTP 1.0 and HTTP 1.1. clients (bsc#1188278).\n- CVE-2021-41079: Fixed a denial of service caused by an unexpected TLS packet (bsc#1190558).\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update project.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-2021-1490",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_1490-1.json"
      },
      {
        "category": "self",
        "summary": "URL for openSUSE-SU-2021:1490-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5KJLIWWFI3SIH2EDCVQ6J6NITH5JTGPE/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for openSUSE-SU-2021:1490-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5KJLIWWFI3SIH2EDCVQ6J6NITH5JTGPE/"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1188278",
        "url": "https://bugzilla.suse.com/1188278"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1188279",
        "url": "https://bugzilla.suse.com/1188279"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1190558",
        "url": "https://bugzilla.suse.com/1190558"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-30640 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-30640/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-33037 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-33037/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-41079 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-41079/"
      }
    ],
    "title": "Security update for tomcat",
    "tracking": {
      "current_release_date": "2021-11-19T19:06:31Z",
      "generator": {
        "date": "2021-11-19T19:06:31Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2021:1490-1",
      "initial_release_date": "2021-11-19T19:06:31Z",
      "revision_history": [
        {
          "date": "2021-11-19T19:06:31Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-9.0.36-lp152.2.25.1.noarch",
                "product": {
                  "name": "tomcat-9.0.36-lp152.2.25.1.noarch",
                  "product_id": "tomcat-9.0.36-lp152.2.25.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-admin-webapps-9.0.36-lp152.2.25.1.noarch",
                "product": {
                  "name": "tomcat-admin-webapps-9.0.36-lp152.2.25.1.noarch",
                  "product_id": "tomcat-admin-webapps-9.0.36-lp152.2.25.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-docs-webapp-9.0.36-lp152.2.25.1.noarch",
                "product": {
                  "name": "tomcat-docs-webapp-9.0.36-lp152.2.25.1.noarch",
                  "product_id": "tomcat-docs-webapp-9.0.36-lp152.2.25.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-el-3_0-api-9.0.36-lp152.2.25.1.noarch",
                "product": {
                  "name": "tomcat-el-3_0-api-9.0.36-lp152.2.25.1.noarch",
                  "product_id": "tomcat-el-3_0-api-9.0.36-lp152.2.25.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-embed-9.0.36-lp152.2.25.1.noarch",
                "product": {
                  "name": "tomcat-embed-9.0.36-lp152.2.25.1.noarch",
                  "product_id": "tomcat-embed-9.0.36-lp152.2.25.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-javadoc-9.0.36-lp152.2.25.1.noarch",
                "product": {
                  "name": "tomcat-javadoc-9.0.36-lp152.2.25.1.noarch",
                  "product_id": "tomcat-javadoc-9.0.36-lp152.2.25.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-jsp-2_3-api-9.0.36-lp152.2.25.1.noarch",
                "product": {
                  "name": "tomcat-jsp-2_3-api-9.0.36-lp152.2.25.1.noarch",
                  "product_id": "tomcat-jsp-2_3-api-9.0.36-lp152.2.25.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-jsvc-9.0.36-lp152.2.25.1.noarch",
                "product": {
                  "name": "tomcat-jsvc-9.0.36-lp152.2.25.1.noarch",
                  "product_id": "tomcat-jsvc-9.0.36-lp152.2.25.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-lib-9.0.36-lp152.2.25.1.noarch",
                "product": {
                  "name": "tomcat-lib-9.0.36-lp152.2.25.1.noarch",
                  "product_id": "tomcat-lib-9.0.36-lp152.2.25.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-servlet-4_0-api-9.0.36-lp152.2.25.1.noarch",
                "product": {
                  "name": "tomcat-servlet-4_0-api-9.0.36-lp152.2.25.1.noarch",
                  "product_id": "tomcat-servlet-4_0-api-9.0.36-lp152.2.25.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-webapps-9.0.36-lp152.2.25.1.noarch",
                "product": {
                  "name": "tomcat-webapps-9.0.36-lp152.2.25.1.noarch",
                  "product_id": "tomcat-webapps-9.0.36-lp152.2.25.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.2",
                "product": {
                  "name": "openSUSE Leap 15.2",
                  "product_id": "openSUSE Leap 15.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-9.0.36-lp152.2.25.1.noarch as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:tomcat-9.0.36-lp152.2.25.1.noarch"
        },
        "product_reference": "tomcat-9.0.36-lp152.2.25.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-9.0.36-lp152.2.25.1.noarch as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:tomcat-admin-webapps-9.0.36-lp152.2.25.1.noarch"
        },
        "product_reference": "tomcat-admin-webapps-9.0.36-lp152.2.25.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-9.0.36-lp152.2.25.1.noarch as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:tomcat-docs-webapp-9.0.36-lp152.2.25.1.noarch"
        },
        "product_reference": "tomcat-docs-webapp-9.0.36-lp152.2.25.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-3_0-api-9.0.36-lp152.2.25.1.noarch as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:tomcat-el-3_0-api-9.0.36-lp152.2.25.1.noarch"
        },
        "product_reference": "tomcat-el-3_0-api-9.0.36-lp152.2.25.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-embed-9.0.36-lp152.2.25.1.noarch as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:tomcat-embed-9.0.36-lp152.2.25.1.noarch"
        },
        "product_reference": "tomcat-embed-9.0.36-lp152.2.25.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-9.0.36-lp152.2.25.1.noarch as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:tomcat-javadoc-9.0.36-lp152.2.25.1.noarch"
        },
        "product_reference": "tomcat-javadoc-9.0.36-lp152.2.25.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2_3-api-9.0.36-lp152.2.25.1.noarch as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:tomcat-jsp-2_3-api-9.0.36-lp152.2.25.1.noarch"
        },
        "product_reference": "tomcat-jsp-2_3-api-9.0.36-lp152.2.25.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-9.0.36-lp152.2.25.1.noarch as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:tomcat-jsvc-9.0.36-lp152.2.25.1.noarch"
        },
        "product_reference": "tomcat-jsvc-9.0.36-lp152.2.25.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-9.0.36-lp152.2.25.1.noarch as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:tomcat-lib-9.0.36-lp152.2.25.1.noarch"
        },
        "product_reference": "tomcat-lib-9.0.36-lp152.2.25.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-4_0-api-9.0.36-lp152.2.25.1.noarch as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:tomcat-servlet-4_0-api-9.0.36-lp152.2.25.1.noarch"
        },
        "product_reference": "tomcat-servlet-4_0-api-9.0.36-lp152.2.25.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-9.0.36-lp152.2.25.1.noarch as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:tomcat-webapps-9.0.36-lp152.2.25.1.noarch"
        },
        "product_reference": "tomcat-webapps-9.0.36-lp152.2.25.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-30640",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-30640"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:tomcat-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-admin-webapps-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-docs-webapp-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-el-3_0-api-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-embed-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-javadoc-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-jsp-2_3-api-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-jsvc-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-lib-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-servlet-4_0-api-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-webapps-9.0.36-lp152.2.25.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-30640",
          "url": "https://www.suse.com/security/cve/CVE-2021-30640"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1188279 for CVE-2021-30640",
          "url": "https://bugzilla.suse.com/1188279"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200696 for CVE-2021-30640",
          "url": "https://bugzilla.suse.com/1200696"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:tomcat-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-admin-webapps-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-docs-webapp-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-el-3_0-api-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-embed-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-javadoc-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-jsp-2_3-api-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-jsvc-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-lib-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-servlet-4_0-api-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-webapps-9.0.36-lp152.2.25.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:tomcat-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-admin-webapps-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-docs-webapp-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-el-3_0-api-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-embed-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-javadoc-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-jsp-2_3-api-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-jsvc-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-lib-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-servlet-4_0-api-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-webapps-9.0.36-lp152.2.25.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-11-19T19:06:31Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-30640"
    },
    {
      "cve": "CVE-2021-33037",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-33037"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: - Tomcat incorrectly ignored the transfer encoding header if the client declared it would only accept an HTTP/1.0 response; - Tomcat honoured the identify encoding; and - Tomcat did not ensure that, if present, the chunked encoding was the final encoding.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:tomcat-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-admin-webapps-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-docs-webapp-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-el-3_0-api-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-embed-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-javadoc-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-jsp-2_3-api-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-jsvc-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-lib-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-servlet-4_0-api-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-webapps-9.0.36-lp152.2.25.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-33037",
          "url": "https://www.suse.com/security/cve/CVE-2021-33037"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1188278 for CVE-2021-33037",
          "url": "https://bugzilla.suse.com/1188278"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200696 for CVE-2021-33037",
          "url": "https://bugzilla.suse.com/1200696"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:tomcat-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-admin-webapps-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-docs-webapp-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-el-3_0-api-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-embed-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-javadoc-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-jsp-2_3-api-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-jsvc-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-lib-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-servlet-4_0-api-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-webapps-9.0.36-lp152.2.25.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:tomcat-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-admin-webapps-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-docs-webapp-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-el-3_0-api-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-embed-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-javadoc-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-jsp-2_3-api-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-jsvc-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-lib-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-servlet-4_0-api-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-webapps-9.0.36-lp152.2.25.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-11-19T19:06:31Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-33037"
    },
    {
      "cve": "CVE-2021-41079",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-41079"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:tomcat-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-admin-webapps-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-docs-webapp-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-el-3_0-api-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-embed-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-javadoc-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-jsp-2_3-api-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-jsvc-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-lib-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-servlet-4_0-api-9.0.36-lp152.2.25.1.noarch",
          "openSUSE Leap 15.2:tomcat-webapps-9.0.36-lp152.2.25.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-41079",
          "url": "https://www.suse.com/security/cve/CVE-2021-41079"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1190558 for CVE-2021-41079",
          "url": "https://bugzilla.suse.com/1190558"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:tomcat-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-admin-webapps-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-docs-webapp-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-el-3_0-api-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-embed-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-javadoc-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-jsp-2_3-api-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-jsvc-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-lib-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-servlet-4_0-api-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-webapps-9.0.36-lp152.2.25.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:tomcat-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-admin-webapps-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-docs-webapp-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-el-3_0-api-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-embed-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-javadoc-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-jsp-2_3-api-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-jsvc-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-lib-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-servlet-4_0-api-9.0.36-lp152.2.25.1.noarch",
            "openSUSE Leap 15.2:tomcat-webapps-9.0.36-lp152.2.25.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-11-19T19:06:31Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-41079"
    }
  ]
}

OPENSUSE-SU-2021:3672-1

Vulnerability from csaf_opensuse - Published: 2021-11-16 13:50 - Updated: 2021-11-16 13:50

Summary

Security update for tomcat

Severity

Moderate

Notes

Title of the patch: Security update for tomcat

Patchnames: openSUSE-SLE-15.3-2021-3672

CVE-2021-30640

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

Affected products

Recommended 11 products

Product	Version	Remediation
Unresolved product id: openSUSE Leap 15.3:tomcat-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-admin-webapps-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-docs-webapp-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-el-3_0-api-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-embed-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-javadoc-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-jsp-2_3-api-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-jsvc-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-lib-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-servlet-4_0-api-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-webapps-9.0.36-13.1.noarch	—	Vendor Fix

Threats

Impact moderate

CVE-2021-33037

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected products

Recommended 11 products

Product	Version	Remediation
Unresolved product id: openSUSE Leap 15.3:tomcat-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-admin-webapps-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-docs-webapp-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-el-3_0-api-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-embed-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-javadoc-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-jsp-2_3-api-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-jsvc-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-lib-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-servlet-4_0-api-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-webapps-9.0.36-13.1.noarch	—	Vendor Fix

Threats

Impact moderate

CVE-2021-41079

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 11 products

Product	Version	Remediation
Unresolved product id: openSUSE Leap 15.3:tomcat-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-admin-webapps-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-docs-webapp-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-el-3_0-api-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-embed-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-javadoc-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-jsp-2_3-api-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-jsvc-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-lib-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-servlet-4_0-api-9.0.36-13.1.noarch	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:tomcat-webapps-9.0.36-13.1.noarch	—	Vendor Fix

Threats

Impact moderate

References

18 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://lists.opensuse.org/archives/list/security…	self
https://lists.opensuse.org/archives/list/security…	self
https://bugzilla.suse.com/1188278	self
https://bugzilla.suse.com/1188279	self
https://bugzilla.suse.com/1190558	self
https://www.suse.com/security/cve/CVE-2021-30640/	self
https://www.suse.com/security/cve/CVE-2021-33037/	self
https://www.suse.com/security/cve/CVE-2021-41079/	self
https://www.suse.com/security/cve/CVE-2021-30640	external
https://bugzilla.suse.com/1188279	external
https://bugzilla.suse.com/1200696	external
https://www.suse.com/security/cve/CVE-2021-33037	external
https://bugzilla.suse.com/1188278	external
https://bugzilla.suse.com/1200696	external
https://www.suse.com/security/cve/CVE-2021-41079	external
https://bugzilla.suse.com/1190558	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for tomcat",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for tomcat fixes the following issues:\n\n- CVE-2021-30640: Escape parameters in JNDI Realm queries (bsc#1188279).\n- CVE-2021-33037: Process T-E header from both HTTP 1.0 and HTTP 1.1. clients (bsc#1188278).\n- CVE-2021-41079: Fixed a denial of service caused by an unexpected TLS packet (bsc#1190558).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-SLE-15.3-2021-3672",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_3672-1.json"
      },
      {
        "category": "self",
        "summary": "URL for openSUSE-SU-2021:3672-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5JSV3IQW2IZ4TG73GE2HYEJN52YYLT3T/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for openSUSE-SU-2021:3672-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5JSV3IQW2IZ4TG73GE2HYEJN52YYLT3T/"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1188278",
        "url": "https://bugzilla.suse.com/1188278"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1188279",
        "url": "https://bugzilla.suse.com/1188279"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1190558",
        "url": "https://bugzilla.suse.com/1190558"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-30640 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-30640/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-33037 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-33037/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-41079 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-41079/"
      }
    ],
    "title": "Security update for tomcat",
    "tracking": {
      "current_release_date": "2021-11-16T13:50:38Z",
      "generator": {
        "date": "2021-11-16T13:50:38Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2021:3672-1",
      "initial_release_date": "2021-11-16T13:50:38Z",
      "revision_history": [
        {
          "date": "2021-11-16T13:50:38Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-9.0.36-13.1.noarch",
                "product": {
                  "name": "tomcat-9.0.36-13.1.noarch",
                  "product_id": "tomcat-9.0.36-13.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-admin-webapps-9.0.36-13.1.noarch",
                "product": {
                  "name": "tomcat-admin-webapps-9.0.36-13.1.noarch",
                  "product_id": "tomcat-admin-webapps-9.0.36-13.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-docs-webapp-9.0.36-13.1.noarch",
                "product": {
                  "name": "tomcat-docs-webapp-9.0.36-13.1.noarch",
                  "product_id": "tomcat-docs-webapp-9.0.36-13.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-el-3_0-api-9.0.36-13.1.noarch",
                "product": {
                  "name": "tomcat-el-3_0-api-9.0.36-13.1.noarch",
                  "product_id": "tomcat-el-3_0-api-9.0.36-13.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-embed-9.0.36-13.1.noarch",
                "product": {
                  "name": "tomcat-embed-9.0.36-13.1.noarch",
                  "product_id": "tomcat-embed-9.0.36-13.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-javadoc-9.0.36-13.1.noarch",
                "product": {
                  "name": "tomcat-javadoc-9.0.36-13.1.noarch",
                  "product_id": "tomcat-javadoc-9.0.36-13.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-jsp-2_3-api-9.0.36-13.1.noarch",
                "product": {
                  "name": "tomcat-jsp-2_3-api-9.0.36-13.1.noarch",
                  "product_id": "tomcat-jsp-2_3-api-9.0.36-13.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-jsvc-9.0.36-13.1.noarch",
                "product": {
                  "name": "tomcat-jsvc-9.0.36-13.1.noarch",
                  "product_id": "tomcat-jsvc-9.0.36-13.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-lib-9.0.36-13.1.noarch",
                "product": {
                  "name": "tomcat-lib-9.0.36-13.1.noarch",
                  "product_id": "tomcat-lib-9.0.36-13.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-servlet-4_0-api-9.0.36-13.1.noarch",
                "product": {
                  "name": "tomcat-servlet-4_0-api-9.0.36-13.1.noarch",
                  "product_id": "tomcat-servlet-4_0-api-9.0.36-13.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-webapps-9.0.36-13.1.noarch",
                "product": {
                  "name": "tomcat-webapps-9.0.36-13.1.noarch",
                  "product_id": "tomcat-webapps-9.0.36-13.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.3",
                "product": {
                  "name": "openSUSE Leap 15.3",
                  "product_id": "openSUSE Leap 15.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-9.0.36-13.1.noarch as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:tomcat-9.0.36-13.1.noarch"
        },
        "product_reference": "tomcat-9.0.36-13.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-9.0.36-13.1.noarch as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:tomcat-admin-webapps-9.0.36-13.1.noarch"
        },
        "product_reference": "tomcat-admin-webapps-9.0.36-13.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-9.0.36-13.1.noarch as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:tomcat-docs-webapp-9.0.36-13.1.noarch"
        },
        "product_reference": "tomcat-docs-webapp-9.0.36-13.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-3_0-api-9.0.36-13.1.noarch as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:tomcat-el-3_0-api-9.0.36-13.1.noarch"
        },
        "product_reference": "tomcat-el-3_0-api-9.0.36-13.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-embed-9.0.36-13.1.noarch as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:tomcat-embed-9.0.36-13.1.noarch"
        },
        "product_reference": "tomcat-embed-9.0.36-13.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-9.0.36-13.1.noarch as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:tomcat-javadoc-9.0.36-13.1.noarch"
        },
        "product_reference": "tomcat-javadoc-9.0.36-13.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2_3-api-9.0.36-13.1.noarch as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:tomcat-jsp-2_3-api-9.0.36-13.1.noarch"
        },
        "product_reference": "tomcat-jsp-2_3-api-9.0.36-13.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-9.0.36-13.1.noarch as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:tomcat-jsvc-9.0.36-13.1.noarch"
        },
        "product_reference": "tomcat-jsvc-9.0.36-13.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-9.0.36-13.1.noarch as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:tomcat-lib-9.0.36-13.1.noarch"
        },
        "product_reference": "tomcat-lib-9.0.36-13.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-4_0-api-9.0.36-13.1.noarch as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:tomcat-servlet-4_0-api-9.0.36-13.1.noarch"
        },
        "product_reference": "tomcat-servlet-4_0-api-9.0.36-13.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-9.0.36-13.1.noarch as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:tomcat-webapps-9.0.36-13.1.noarch"
        },
        "product_reference": "tomcat-webapps-9.0.36-13.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-30640",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-30640"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:tomcat-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-admin-webapps-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-docs-webapp-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-el-3_0-api-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-embed-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-javadoc-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-jsp-2_3-api-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-jsvc-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-lib-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-servlet-4_0-api-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-webapps-9.0.36-13.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-30640",
          "url": "https://www.suse.com/security/cve/CVE-2021-30640"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1188279 for CVE-2021-30640",
          "url": "https://bugzilla.suse.com/1188279"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200696 for CVE-2021-30640",
          "url": "https://bugzilla.suse.com/1200696"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:tomcat-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-admin-webapps-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-docs-webapp-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-el-3_0-api-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-embed-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-javadoc-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-jsp-2_3-api-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-jsvc-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-lib-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-servlet-4_0-api-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-webapps-9.0.36-13.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:tomcat-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-admin-webapps-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-docs-webapp-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-el-3_0-api-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-embed-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-javadoc-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-jsp-2_3-api-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-jsvc-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-lib-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-servlet-4_0-api-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-webapps-9.0.36-13.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-11-16T13:50:38Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-30640"
    },
    {
      "cve": "CVE-2021-33037",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-33037"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: - Tomcat incorrectly ignored the transfer encoding header if the client declared it would only accept an HTTP/1.0 response; - Tomcat honoured the identify encoding; and - Tomcat did not ensure that, if present, the chunked encoding was the final encoding.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:tomcat-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-admin-webapps-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-docs-webapp-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-el-3_0-api-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-embed-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-javadoc-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-jsp-2_3-api-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-jsvc-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-lib-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-servlet-4_0-api-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-webapps-9.0.36-13.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-33037",
          "url": "https://www.suse.com/security/cve/CVE-2021-33037"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1188278 for CVE-2021-33037",
          "url": "https://bugzilla.suse.com/1188278"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200696 for CVE-2021-33037",
          "url": "https://bugzilla.suse.com/1200696"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:tomcat-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-admin-webapps-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-docs-webapp-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-el-3_0-api-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-embed-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-javadoc-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-jsp-2_3-api-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-jsvc-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-lib-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-servlet-4_0-api-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-webapps-9.0.36-13.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:tomcat-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-admin-webapps-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-docs-webapp-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-el-3_0-api-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-embed-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-javadoc-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-jsp-2_3-api-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-jsvc-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-lib-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-servlet-4_0-api-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-webapps-9.0.36-13.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-11-16T13:50:38Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-33037"
    },
    {
      "cve": "CVE-2021-41079",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-41079"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.3:tomcat-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-admin-webapps-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-docs-webapp-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-el-3_0-api-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-embed-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-javadoc-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-jsp-2_3-api-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-jsvc-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-lib-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-servlet-4_0-api-9.0.36-13.1.noarch",
          "openSUSE Leap 15.3:tomcat-webapps-9.0.36-13.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-41079",
          "url": "https://www.suse.com/security/cve/CVE-2021-41079"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1190558 for CVE-2021-41079",
          "url": "https://bugzilla.suse.com/1190558"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.3:tomcat-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-admin-webapps-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-docs-webapp-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-el-3_0-api-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-embed-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-javadoc-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-jsp-2_3-api-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-jsvc-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-lib-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-servlet-4_0-api-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-webapps-9.0.36-13.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.3:tomcat-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-admin-webapps-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-docs-webapp-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-el-3_0-api-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-embed-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-javadoc-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-jsp-2_3-api-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-jsvc-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-lib-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-servlet-4_0-api-9.0.36-13.1.noarch",
            "openSUSE Leap 15.3:tomcat-webapps-9.0.36-13.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-11-16T13:50:38Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-41079"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

Action not permitted

CVE-2021-41079 (GCVE-0-2021-41079)

Solution

Solution

Vulnerability from bitnami_vulndb

Tags

Sightings

Nomenclature