Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-41742 (GCVE-0-2022-41742)
Vulnerability from cvelistv5
Published
2022-10-19 21:20
Modified
2025-05-08 18:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| F5 | NGINX |
Version: Mainline < 1.23.2 Version: Stable < 1.22.1 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:49:44.037Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K28112382"
},
{
"name": "FEDORA-2022-b0f5bc2175",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/"
},
{
"name": "FEDORA-2022-97de53f202",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/"
},
{
"name": "FEDORA-2022-12721789aa",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/"
},
{
"name": "DSA-5281",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5281"
},
{
"name": "[debian-lts-announce] 20221122 [SECURITY] [DLA 3203-1] nginx security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230120-0005/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-41742",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T18:11:21.947795Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-08T18:11:30.671Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "NGINX",
"vendor": "F5",
"versions": [
{
"lessThan": "1.23.2",
"status": "affected",
"version": "Mainline",
"versionType": "custom"
},
{
"lessThan": "1.22.1",
"status": "affected",
"version": "Stable",
"versionType": "custom"
}
]
},
{
"product": "NGINX Plus",
"vendor": "F5",
"versions": [
{
"lessThan": "R27-p1",
"status": "affected",
"version": "R27",
"versionType": "custom"
},
{
"lessThan": "R26-p1",
"status": "affected",
"version": "R1",
"versionType": "custom"
}
]
},
{
"product": "NGINX Open Source Subscription",
"vendor": "F5",
"versions": [
{
"lessThan": "R2 P1",
"status": "affected",
"version": "R2",
"versionType": "custom"
},
{
"lessThan": "R1 P1",
"status": "affected",
"version": "R1",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-10-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-20T00:00:00.000Z",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"url": "https://support.f5.com/csp/article/K28112382"
},
{
"name": "FEDORA-2022-b0f5bc2175",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/"
},
{
"name": "FEDORA-2022-97de53f202",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/"
},
{
"name": "FEDORA-2022-12721789aa",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/"
},
{
"name": "DSA-5281",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5281"
},
{
"name": "[debian-lts-announce] 20221122 [SECURITY] [DLA 3203-1] nginx security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230120-0005/"
}
],
"source": {
"defect": [
"NWA-1396"
],
"discovery": "EXTERNAL"
},
"title": "NGINX ngx_http_mp4_module vulnerability CVE-2022-41742",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2022-41742",
"datePublished": "2022-10-19T21:20:50.106Z",
"dateReserved": "2022-09-28T00:00:00.000Z",
"dateUpdated": "2025-05-08T18:11:30.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2022-41742\",\"sourceIdentifier\":\"f5sirt@f5.com\",\"published\":\"2022-10-19T22:15:12.717\",\"lastModified\":\"2024-11-21T07:23:46.447\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.\"},{\"lang\":\"es\",\"value\":\"NGINX Open Source anteriores as versiones 1.23.2 y 1.22.1, NGINX Open Source Subscription versiones anteriores a R2 P1 y R1 P1, y NGINX Plus versiones anteriores a R27 P1 y R26 P1, presentan una vulnerabilidad en el m\u00f3dulo ngx_http_mp4_module que podr\u00eda permitir a un atacante local causar un bloqueo del proceso del trabajador, o podr\u00eda resultar en una divulgaci\u00f3n de la memoria del proceso del trabajador mediante el uso de un archivo de audio o v\u00eddeo especialmente dise\u00f1ado. El problema afecta s\u00f3lo a los productos NGINX que son construidos con el m\u00f3dulo ngx_http_mp4_module, cuando es usada la directiva mp4 en el archivo de configuraci\u00f3n. Adem\u00e1s, el ataque s\u00f3lo es posible si un atacante puede desencadenar el procesamiento de un archivo de audio o v\u00eddeo especialmente dise\u00f1ado con el m\u00f3dulo ngx_http_mp4_module\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"f5sirt@f5.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.2},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"f5sirt@f5.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx:*:*:*:*:open_source:*:*:*\",\"versionStartIncluding\":\"1.1.3\",\"versionEndIncluding\":\"1.22.0\",\"matchCriteriaId\":\"37C2C47D-5B99-4A7F-8EE8-4E5988BA7CB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx:*:*:*:*:plus:*:*:*\",\"versionStartIncluding\":\"r22\",\"versionEndIncluding\":\"r27\",\"matchCriteriaId\":\"B1966323-7D3A-4102-AAB8-C007745BB766\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx:1.23.0:*:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"34B07066-845C-45AA-9F0E-576B10EF02EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx:1.23.1:*:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"8FC6884B-0C16-4ACF-8264-4AC34B9167CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx:r1:*:*:*:open_source_subscription:*:*:*\",\"matchCriteriaId\":\"666D5C24-4F5A-44D9-B22C-6F0C46164B82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx:r2:*:*:*:open_source_subscription:*:*:*\",\"matchCriteriaId\":\"0EF2AA63-F4C2-476D-BDAE-2D4F63C74867\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.9.0\",\"versionEndIncluding\":\"1.12.4\",\"matchCriteriaId\":\"D4106C27-B217-4601-98E7-88067B60CE98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0.0\",\"versionEndIncluding\":\"2.4.0\",\"matchCriteriaId\":\"0CEF860F-EF1E-4AAC-9122-F3A4A1510196\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E30D0E6F-4AE8-4284-8716-991DFA48CC5D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]}],\"references\":[{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html\",\"source\":\"f5sirt@f5.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/\",\"source\":\"f5sirt@f5.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/\",\"source\":\"f5sirt@f5.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/\",\"source\":\"f5sirt@f5.com\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20230120-0005/\",\"source\":\"f5sirt@f5.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K28112382\",\"source\":\"f5sirt@f5.com\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5281\",\"source\":\"f5sirt@f5.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20230120-0005/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K28112382\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5281\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://support.f5.com/csp/article/K28112382\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/\", \"name\": \"FEDORA-2022-b0f5bc2175\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/\", \"name\": \"FEDORA-2022-97de53f202\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/\", \"name\": \"FEDORA-2022-12721789aa\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5281\", \"name\": \"DSA-5281\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html\", \"name\": \"[debian-lts-announce] 20221122 [SECURITY] [DLA 3203-1] nginx security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20230120-0005/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T12:49:44.037Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-41742\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-08T18:11:21.947795Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-08T18:11:26.173Z\"}}], \"cna\": {\"title\": \"NGINX ngx_http_mp4_module vulnerability CVE-2022-41742\", \"source\": {\"defect\": [\"NWA-1396\"], \"discovery\": \"EXTERNAL\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.1, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"F5\", \"product\": \"NGINX\", \"versions\": [{\"status\": \"affected\", \"version\": \"Mainline\", \"lessThan\": \"1.23.2\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"Stable\", \"lessThan\": \"1.22.1\", \"versionType\": \"custom\"}]}, {\"vendor\": \"F5\", \"product\": \"NGINX Plus\", \"versions\": [{\"status\": \"affected\", \"version\": \"R27\", \"lessThan\": \"R27-p1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"R1\", \"lessThan\": \"R26-p1\", \"versionType\": \"custom\"}]}, {\"vendor\": \"F5\", \"product\": \"NGINX Open Source Subscription\", \"versions\": [{\"status\": \"affected\", \"version\": \"R2\", \"lessThan\": \"R2 P1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"R1\", \"lessThan\": \"R1 P1\", \"versionType\": \"custom\"}]}], \"datePublic\": \"2022-10-19T00:00:00.000Z\", \"references\": [{\"url\": \"https://support.f5.com/csp/article/K28112382\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/\", \"name\": \"FEDORA-2022-b0f5bc2175\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/\", \"name\": \"FEDORA-2022-97de53f202\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/\", \"name\": \"FEDORA-2022-12721789aa\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5281\", \"name\": \"DSA-5281\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html\", \"name\": \"[debian-lts-announce] 20221122 [SECURITY] [DLA 3203-1] nginx security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20230120-0005/\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787 Out-of-bounds Write\"}]}], \"providerMetadata\": {\"orgId\": \"9dacffd4-cb11-413f-8451-fbbfd4ddc0ab\", \"shortName\": \"f5\", \"dateUpdated\": \"2023-01-20T00:00:00.000Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2022-41742\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-08T18:11:30.671Z\", \"dateReserved\": \"2022-09-28T00:00:00.000Z\", \"assignerOrgId\": \"9dacffd4-cb11-413f-8451-fbbfd4ddc0ab\", \"datePublished\": \"2022-10-19T21:20:50.106Z\", \"assignerShortName\": \"f5\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
suse-su-2023:0210-1
Vulnerability from csaf_suse
Published
2023-01-30 16:25
Modified
2023-01-30 16:25
Summary
Security update for nginx
Notes
Title of the patch
Security update for nginx
Description of the patch
This update for nginx fixes the following issues:
- CVE-2022-41741: Handle duplicated atoms in mp4 streams, to mitigate out-of-bound reads. (bsc#1204526)
- CVE-2022-41742: Handle duplicated atoms in mp4 streams, to mitigate out-of-bound reads. (bsc#1204527)
Patchnames
SUSE-2023-210,SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-210,SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-210,SUSE-SLE-Product-SLES_SAP-15-SP2-2023-210,SUSE-Storage-7-2023-210
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for nginx",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for nginx fixes the following issues:\n\n- CVE-2022-41741: Handle duplicated atoms in mp4 streams, to mitigate out-of-bound reads. (bsc#1204526)\n- CVE-2022-41742: Handle duplicated atoms in mp4 streams, to mitigate out-of-bound reads. (bsc#1204527)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-210,SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-210,SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-210,SUSE-SLE-Product-SLES_SAP-15-SP2-2023-210,SUSE-Storage-7-2023-210",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_0210-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:0210-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230210-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:0210-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013593.html"
},
{
"category": "self",
"summary": "SUSE Bug 1204526",
"url": "https://bugzilla.suse.com/1204526"
},
{
"category": "self",
"summary": "SUSE Bug 1204527",
"url": "https://bugzilla.suse.com/1204527"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41741 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41742 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41742/"
}
],
"title": "Security update for nginx",
"tracking": {
"current_release_date": "2023-01-30T16:25:39Z",
"generator": {
"date": "2023-01-30T16:25:39Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:0210-1",
"initial_release_date": "2023-01-30T16:25:39Z",
"revision_history": [
{
"date": "2023-01-30T16:25:39Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "nginx-1.16.1-150200.3.12.1.aarch64",
"product": {
"name": "nginx-1.16.1-150200.3.12.1.aarch64",
"product_id": "nginx-1.16.1-150200.3.12.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1.16.1-150200.3.12.1.i586",
"product": {
"name": "nginx-1.16.1-150200.3.12.1.i586",
"product_id": "nginx-1.16.1-150200.3.12.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-source-1.16.1-150200.3.12.1.noarch",
"product": {
"name": "nginx-source-1.16.1-150200.3.12.1.noarch",
"product_id": "nginx-source-1.16.1-150200.3.12.1.noarch"
}
},
{
"category": "product_version",
"name": "vim-plugin-nginx-1.16.1-150200.3.12.1.noarch",
"product": {
"name": "vim-plugin-nginx-1.16.1-150200.3.12.1.noarch",
"product_id": "vim-plugin-nginx-1.16.1-150200.3.12.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1.16.1-150200.3.12.1.ppc64le",
"product": {
"name": "nginx-1.16.1-150200.3.12.1.ppc64le",
"product_id": "nginx-1.16.1-150200.3.12.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1.16.1-150200.3.12.1.s390x",
"product": {
"name": "nginx-1.16.1-150200.3.12.1.s390x",
"product_id": "nginx-1.16.1-150200.3.12.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1.16.1-150200.3.12.1.x86_64",
"product": {
"name": "nginx-1.16.1-150200.3.12.1.x86_64",
"product_id": "nginx-1.16.1-150200.3.12.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7",
"product": {
"name": "SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.16.1-150200.3.12.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.aarch64"
},
"product_reference": "nginx-1.16.1-150200.3.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.16.1-150200.3.12.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.x86_64"
},
"product_reference": "nginx-1.16.1-150200.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-source-1.16.1-150200.3.12.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nginx-source-1.16.1-150200.3.12.1.noarch"
},
"product_reference": "nginx-source-1.16.1-150200.3.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.16.1-150200.3.12.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.aarch64"
},
"product_reference": "nginx-1.16.1-150200.3.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.16.1-150200.3.12.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.ppc64le"
},
"product_reference": "nginx-1.16.1-150200.3.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.16.1-150200.3.12.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.s390x"
},
"product_reference": "nginx-1.16.1-150200.3.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.16.1-150200.3.12.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.x86_64"
},
"product_reference": "nginx-1.16.1-150200.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-source-1.16.1-150200.3.12.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-source-1.16.1-150200.3.12.1.noarch"
},
"product_reference": "nginx-source-1.16.1-150200.3.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.16.1-150200.3.12.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:nginx-1.16.1-150200.3.12.1.ppc64le"
},
"product_reference": "nginx-1.16.1-150200.3.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.16.1-150200.3.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:nginx-1.16.1-150200.3.12.1.x86_64"
},
"product_reference": "nginx-1.16.1-150200.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-source-1.16.1-150200.3.12.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:nginx-source-1.16.1-150200.3.12.1.noarch"
},
"product_reference": "nginx-source-1.16.1-150200.3.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.16.1-150200.3.12.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:nginx-1.16.1-150200.3.12.1.aarch64"
},
"product_reference": "nginx-1.16.1-150200.3.12.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.16.1-150200.3.12.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:nginx-1.16.1-150200.3.12.1.x86_64"
},
"product_reference": "nginx-1.16.1-150200.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-source-1.16.1-150200.3.12.1.noarch as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:nginx-source-1.16.1-150200.3.12.1.noarch"
},
"product_reference": "nginx-source-1.16.1-150200.3.12.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-41741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41741"
}
],
"notes": [
{
"category": "general",
"text": "NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to corrupt NGINX worker memory, resulting in its termination or potential other impact using a specially crafted audio or video file. The issue affects only NGINX products that are built with the ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:nginx-1.16.1-150200.3.12.1.aarch64",
"SUSE Enterprise Storage 7:nginx-1.16.1-150200.3.12.1.x86_64",
"SUSE Enterprise Storage 7:nginx-source-1.16.1-150200.3.12.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nginx-source-1.16.1-150200.3.12.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-source-1.16.1-150200.3.12.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nginx-1.16.1-150200.3.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nginx-1.16.1-150200.3.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nginx-source-1.16.1-150200.3.12.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41741",
"url": "https://www.suse.com/security/cve/CVE-2022-41741"
},
{
"category": "external",
"summary": "SUSE Bug 1204526 for CVE-2022-41741",
"url": "https://bugzilla.suse.com/1204526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:nginx-1.16.1-150200.3.12.1.aarch64",
"SUSE Enterprise Storage 7:nginx-1.16.1-150200.3.12.1.x86_64",
"SUSE Enterprise Storage 7:nginx-source-1.16.1-150200.3.12.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nginx-source-1.16.1-150200.3.12.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-source-1.16.1-150200.3.12.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nginx-1.16.1-150200.3.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nginx-1.16.1-150200.3.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nginx-source-1.16.1-150200.3.12.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:nginx-1.16.1-150200.3.12.1.aarch64",
"SUSE Enterprise Storage 7:nginx-1.16.1-150200.3.12.1.x86_64",
"SUSE Enterprise Storage 7:nginx-source-1.16.1-150200.3.12.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nginx-source-1.16.1-150200.3.12.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-source-1.16.1-150200.3.12.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nginx-1.16.1-150200.3.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nginx-1.16.1-150200.3.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nginx-source-1.16.1-150200.3.12.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-01-30T16:25:39Z",
"details": "important"
}
],
"title": "CVE-2022-41741"
},
{
"cve": "CVE-2022-41742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41742"
}
],
"notes": [
{
"category": "general",
"text": "NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:nginx-1.16.1-150200.3.12.1.aarch64",
"SUSE Enterprise Storage 7:nginx-1.16.1-150200.3.12.1.x86_64",
"SUSE Enterprise Storage 7:nginx-source-1.16.1-150200.3.12.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nginx-source-1.16.1-150200.3.12.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-source-1.16.1-150200.3.12.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nginx-1.16.1-150200.3.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nginx-1.16.1-150200.3.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nginx-source-1.16.1-150200.3.12.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41742",
"url": "https://www.suse.com/security/cve/CVE-2022-41742"
},
{
"category": "external",
"summary": "SUSE Bug 1204527 for CVE-2022-41742",
"url": "https://bugzilla.suse.com/1204527"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:nginx-1.16.1-150200.3.12.1.aarch64",
"SUSE Enterprise Storage 7:nginx-1.16.1-150200.3.12.1.x86_64",
"SUSE Enterprise Storage 7:nginx-source-1.16.1-150200.3.12.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nginx-source-1.16.1-150200.3.12.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-source-1.16.1-150200.3.12.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nginx-1.16.1-150200.3.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nginx-1.16.1-150200.3.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nginx-source-1.16.1-150200.3.12.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:nginx-1.16.1-150200.3.12.1.aarch64",
"SUSE Enterprise Storage 7:nginx-1.16.1-150200.3.12.1.x86_64",
"SUSE Enterprise Storage 7:nginx-source-1.16.1-150200.3.12.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:nginx-source-1.16.1-150200.3.12.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-1.16.1-150200.3.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:nginx-source-1.16.1-150200.3.12.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nginx-1.16.1-150200.3.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nginx-1.16.1-150200.3.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:nginx-source-1.16.1-150200.3.12.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-01-30T16:25:39Z",
"details": "important"
}
],
"title": "CVE-2022-41742"
}
]
}
suse-su-2023:0293-1
Vulnerability from csaf_suse
Published
2023-02-07 09:38
Modified
2023-02-07 09:38
Summary
Security update for nginx
Notes
Title of the patch
Security update for nginx
Description of the patch
This update for nginx fixes the following issues:
- CVE-2022-41741: Handle duplicated atoms in mp4 streams, to mitigate out-of-bound reads. (bsc#1204526)
- CVE-2022-41742: Handle duplicated atoms in mp4 streams, to mitigate out-of-bound reads. (bsc#1204527)
Patchnames
SUSE-2023-293,SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-293,SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-293,SUSE-SLE-Product-SLES_SAP-15-SP1-2023-293,SUSE-Storage-6-2023-293
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for nginx",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for nginx fixes the following issues:\n\n- CVE-2022-41741: Handle duplicated atoms in mp4 streams, to mitigate out-of-bound reads. (bsc#1204526)\n- CVE-2022-41742: Handle duplicated atoms in mp4 streams, to mitigate out-of-bound reads. (bsc#1204527)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-293,SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-293,SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-293,SUSE-SLE-Product-SLES_SAP-15-SP1-2023-293,SUSE-Storage-6-2023-293",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_0293-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:0293-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230293-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:0293-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013644.html"
},
{
"category": "self",
"summary": "SUSE Bug 1204526",
"url": "https://bugzilla.suse.com/1204526"
},
{
"category": "self",
"summary": "SUSE Bug 1204527",
"url": "https://bugzilla.suse.com/1204527"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41741 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41742 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41742/"
}
],
"title": "Security update for nginx",
"tracking": {
"current_release_date": "2023-02-07T09:38:00Z",
"generator": {
"date": "2023-02-07T09:38:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:0293-1",
"initial_release_date": "2023-02-07T09:38:00Z",
"revision_history": [
{
"date": "2023-02-07T09:38:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "nginx-1.16.1-150100.6.19.1.aarch64",
"product": {
"name": "nginx-1.16.1-150100.6.19.1.aarch64",
"product_id": "nginx-1.16.1-150100.6.19.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1.16.1-150100.6.19.1.i586",
"product": {
"name": "nginx-1.16.1-150100.6.19.1.i586",
"product_id": "nginx-1.16.1-150100.6.19.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-source-1.16.1-150100.6.19.1.noarch",
"product": {
"name": "nginx-source-1.16.1-150100.6.19.1.noarch",
"product_id": "nginx-source-1.16.1-150100.6.19.1.noarch"
}
},
{
"category": "product_version",
"name": "vim-plugin-nginx-1.16.1-150100.6.19.1.noarch",
"product": {
"name": "vim-plugin-nginx-1.16.1-150100.6.19.1.noarch",
"product_id": "vim-plugin-nginx-1.16.1-150100.6.19.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1.16.1-150100.6.19.1.ppc64le",
"product": {
"name": "nginx-1.16.1-150100.6.19.1.ppc64le",
"product_id": "nginx-1.16.1-150100.6.19.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1.16.1-150100.6.19.1.s390x",
"product": {
"name": "nginx-1.16.1-150100.6.19.1.s390x",
"product_id": "nginx-1.16.1-150100.6.19.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1.16.1-150100.6.19.1.x86_64",
"product": {
"name": "nginx-1.16.1-150100.6.19.1.x86_64",
"product_id": "nginx-1.16.1-150100.6.19.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 6",
"product": {
"name": "SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.16.1-150100.6.19.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.aarch64"
},
"product_reference": "nginx-1.16.1-150100.6.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.16.1-150100.6.19.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.x86_64"
},
"product_reference": "nginx-1.16.1-150100.6.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-source-1.16.1-150100.6.19.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nginx-source-1.16.1-150100.6.19.1.noarch"
},
"product_reference": "nginx-source-1.16.1-150100.6.19.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.16.1-150100.6.19.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.aarch64"
},
"product_reference": "nginx-1.16.1-150100.6.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.16.1-150100.6.19.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.ppc64le"
},
"product_reference": "nginx-1.16.1-150100.6.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.16.1-150100.6.19.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.s390x"
},
"product_reference": "nginx-1.16.1-150100.6.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.16.1-150100.6.19.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.x86_64"
},
"product_reference": "nginx-1.16.1-150100.6.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-source-1.16.1-150100.6.19.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-source-1.16.1-150100.6.19.1.noarch"
},
"product_reference": "nginx-source-1.16.1-150100.6.19.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.16.1-150100.6.19.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:nginx-1.16.1-150100.6.19.1.ppc64le"
},
"product_reference": "nginx-1.16.1-150100.6.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.16.1-150100.6.19.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:nginx-1.16.1-150100.6.19.1.x86_64"
},
"product_reference": "nginx-1.16.1-150100.6.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-source-1.16.1-150100.6.19.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:nginx-source-1.16.1-150100.6.19.1.noarch"
},
"product_reference": "nginx-source-1.16.1-150100.6.19.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.16.1-150100.6.19.1.aarch64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:nginx-1.16.1-150100.6.19.1.aarch64"
},
"product_reference": "nginx-1.16.1-150100.6.19.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.16.1-150100.6.19.1.x86_64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:nginx-1.16.1-150100.6.19.1.x86_64"
},
"product_reference": "nginx-1.16.1-150100.6.19.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-source-1.16.1-150100.6.19.1.noarch as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:nginx-source-1.16.1-150100.6.19.1.noarch"
},
"product_reference": "nginx-source-1.16.1-150100.6.19.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-41741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41741"
}
],
"notes": [
{
"category": "general",
"text": "NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to corrupt NGINX worker memory, resulting in its termination or potential other impact using a specially crafted audio or video file. The issue affects only NGINX products that are built with the ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:nginx-1.16.1-150100.6.19.1.aarch64",
"SUSE Enterprise Storage 6:nginx-1.16.1-150100.6.19.1.x86_64",
"SUSE Enterprise Storage 6:nginx-source-1.16.1-150100.6.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nginx-source-1.16.1-150100.6.19.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-source-1.16.1-150100.6.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nginx-1.16.1-150100.6.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nginx-1.16.1-150100.6.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nginx-source-1.16.1-150100.6.19.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41741",
"url": "https://www.suse.com/security/cve/CVE-2022-41741"
},
{
"category": "external",
"summary": "SUSE Bug 1204526 for CVE-2022-41741",
"url": "https://bugzilla.suse.com/1204526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:nginx-1.16.1-150100.6.19.1.aarch64",
"SUSE Enterprise Storage 6:nginx-1.16.1-150100.6.19.1.x86_64",
"SUSE Enterprise Storage 6:nginx-source-1.16.1-150100.6.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nginx-source-1.16.1-150100.6.19.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-source-1.16.1-150100.6.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nginx-1.16.1-150100.6.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nginx-1.16.1-150100.6.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nginx-source-1.16.1-150100.6.19.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:nginx-1.16.1-150100.6.19.1.aarch64",
"SUSE Enterprise Storage 6:nginx-1.16.1-150100.6.19.1.x86_64",
"SUSE Enterprise Storage 6:nginx-source-1.16.1-150100.6.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nginx-source-1.16.1-150100.6.19.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-source-1.16.1-150100.6.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nginx-1.16.1-150100.6.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nginx-1.16.1-150100.6.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nginx-source-1.16.1-150100.6.19.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-02-07T09:38:00Z",
"details": "important"
}
],
"title": "CVE-2022-41741"
},
{
"cve": "CVE-2022-41742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41742"
}
],
"notes": [
{
"category": "general",
"text": "NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:nginx-1.16.1-150100.6.19.1.aarch64",
"SUSE Enterprise Storage 6:nginx-1.16.1-150100.6.19.1.x86_64",
"SUSE Enterprise Storage 6:nginx-source-1.16.1-150100.6.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nginx-source-1.16.1-150100.6.19.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-source-1.16.1-150100.6.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nginx-1.16.1-150100.6.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nginx-1.16.1-150100.6.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nginx-source-1.16.1-150100.6.19.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41742",
"url": "https://www.suse.com/security/cve/CVE-2022-41742"
},
{
"category": "external",
"summary": "SUSE Bug 1204527 for CVE-2022-41742",
"url": "https://bugzilla.suse.com/1204527"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:nginx-1.16.1-150100.6.19.1.aarch64",
"SUSE Enterprise Storage 6:nginx-1.16.1-150100.6.19.1.x86_64",
"SUSE Enterprise Storage 6:nginx-source-1.16.1-150100.6.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nginx-source-1.16.1-150100.6.19.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-source-1.16.1-150100.6.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nginx-1.16.1-150100.6.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nginx-1.16.1-150100.6.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nginx-source-1.16.1-150100.6.19.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:nginx-1.16.1-150100.6.19.1.aarch64",
"SUSE Enterprise Storage 6:nginx-1.16.1-150100.6.19.1.x86_64",
"SUSE Enterprise Storage 6:nginx-source-1.16.1-150100.6.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:nginx-source-1.16.1-150100.6.19.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-1.16.1-150100.6.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:nginx-source-1.16.1-150100.6.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nginx-1.16.1-150100.6.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nginx-1.16.1-150100.6.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:nginx-source-1.16.1-150100.6.19.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-02-07T09:38:00Z",
"details": "important"
}
],
"title": "CVE-2022-41742"
}
]
}
suse-su-2023:0205-1
Vulnerability from csaf_suse
Published
2023-01-27 15:14
Modified
2023-01-27 15:14
Summary
Security update for nginx
Notes
Title of the patch
Security update for nginx
Description of the patch
This update for nginx fixes the following issues:
- CVE-2022-41741: Handle duplicated atoms in mp4 streams, to mitigate out-of-bound reads. (bsc#1204526)
- CVE-2022-41742: Handle duplicated atoms in mp4 streams, to mitigate out-of-bound reads. (bsc#1204527)
Patchnames
SUSE-2023-205,SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-205,SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-205,SUSE-SLE-Product-RT-15-SP3-2023-205,SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-205,SUSE-SLE-Product-SLES_SAP-15-SP3-2023-205,SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-205,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2023-205,SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-205,SUSE-Storage-7.1-2023-205,openSUSE-SLE-15.4-2023-205
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for nginx",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for nginx fixes the following issues:\n\n- CVE-2022-41741: Handle duplicated atoms in mp4 streams, to mitigate out-of-bound reads. (bsc#1204526)\n- CVE-2022-41742: Handle duplicated atoms in mp4 streams, to mitigate out-of-bound reads. (bsc#1204527)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-205,SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-205,SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-205,SUSE-SLE-Product-RT-15-SP3-2023-205,SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-205,SUSE-SLE-Product-SLES_SAP-15-SP3-2023-205,SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-205,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2023-205,SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-205,SUSE-Storage-7.1-2023-205,openSUSE-SLE-15.4-2023-205",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_0205-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:0205-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230205-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:0205-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013565.html"
},
{
"category": "self",
"summary": "SUSE Bug 1204526",
"url": "https://bugzilla.suse.com/1204526"
},
{
"category": "self",
"summary": "SUSE Bug 1204527",
"url": "https://bugzilla.suse.com/1204527"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41741 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41742 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41742/"
}
],
"title": "Security update for nginx",
"tracking": {
"current_release_date": "2023-01-27T15:14:38Z",
"generator": {
"date": "2023-01-27T15:14:38Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:0205-1",
"initial_release_date": "2023-01-27T15:14:38Z",
"revision_history": [
{
"date": "2023-01-27T15:14:38Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "nginx-1.19.8-150300.3.12.1.aarch64",
"product": {
"name": "nginx-1.19.8-150300.3.12.1.aarch64",
"product_id": "nginx-1.19.8-150300.3.12.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1.19.8-150300.3.12.1.i586",
"product": {
"name": "nginx-1.19.8-150300.3.12.1.i586",
"product_id": "nginx-1.19.8-150300.3.12.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-source-1.19.8-150300.3.12.1.noarch",
"product": {
"name": "nginx-source-1.19.8-150300.3.12.1.noarch",
"product_id": "nginx-source-1.19.8-150300.3.12.1.noarch"
}
},
{
"category": "product_version",
"name": "vim-plugin-nginx-1.19.8-150300.3.12.1.noarch",
"product": {
"name": "vim-plugin-nginx-1.19.8-150300.3.12.1.noarch",
"product_id": "vim-plugin-nginx-1.19.8-150300.3.12.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1.19.8-150300.3.12.1.ppc64le",
"product": {
"name": "nginx-1.19.8-150300.3.12.1.ppc64le",
"product_id": "nginx-1.19.8-150300.3.12.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1.19.8-150300.3.12.1.s390x",
"product": {
"name": "nginx-1.19.8-150300.3.12.1.s390x",
"product_id": "nginx-1.19.8-150300.3.12.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1.19.8-150300.3.12.1.x86_64",
"product": {
"name": "nginx-1.19.8-150300.3.12.1.x86_64",
"product_id": "nginx-1.19.8-150300.3.12.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Real Time 15 SP3",
"product_id": "SUSE Linux Enterprise Real Time 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_rt:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.2",
"product": {
"name": "SUSE Manager Proxy 4.2",
"product_id": "SUSE Manager Proxy 4.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:4.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Retail Branch Server 4.2",
"product": {
"name": "SUSE Manager Retail Branch Server 4.2",
"product_id": "SUSE Manager Retail Branch Server 4.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-retail-branch-server:4.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.2",
"product": {
"name": "SUSE Manager Server 4.2",
"product_id": "SUSE Manager Server 4.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.19.8-150300.3.12.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:nginx-1.19.8-150300.3.12.1.aarch64"
},
"product_reference": "nginx-1.19.8-150300.3.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.19.8-150300.3.12.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:nginx-1.19.8-150300.3.12.1.x86_64"
},
"product_reference": "nginx-1.19.8-150300.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-source-1.19.8-150300.3.12.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:nginx-source-1.19.8-150300.3.12.1.noarch"
},
"product_reference": "nginx-source-1.19.8-150300.3.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.19.8-150300.3.12.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.aarch64"
},
"product_reference": "nginx-1.19.8-150300.3.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.19.8-150300.3.12.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.x86_64"
},
"product_reference": "nginx-1.19.8-150300.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-source-1.19.8-150300.3.12.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nginx-source-1.19.8-150300.3.12.1.noarch"
},
"product_reference": "nginx-source-1.19.8-150300.3.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.19.8-150300.3.12.1.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP3",
"product_id": "SUSE Linux Enterprise Real Time 15 SP3:nginx-1.19.8-150300.3.12.1.x86_64"
},
"product_reference": "nginx-1.19.8-150300.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-source-1.19.8-150300.3.12.1.noarch as component of SUSE Linux Enterprise Real Time 15 SP3",
"product_id": "SUSE Linux Enterprise Real Time 15 SP3:nginx-source-1.19.8-150300.3.12.1.noarch"
},
"product_reference": "nginx-source-1.19.8-150300.3.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.19.8-150300.3.12.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.aarch64"
},
"product_reference": "nginx-1.19.8-150300.3.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.19.8-150300.3.12.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.ppc64le"
},
"product_reference": "nginx-1.19.8-150300.3.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.19.8-150300.3.12.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.s390x"
},
"product_reference": "nginx-1.19.8-150300.3.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.19.8-150300.3.12.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.x86_64"
},
"product_reference": "nginx-1.19.8-150300.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-source-1.19.8-150300.3.12.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-source-1.19.8-150300.3.12.1.noarch"
},
"product_reference": "nginx-source-1.19.8-150300.3.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.19.8-150300.3.12.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:nginx-1.19.8-150300.3.12.1.ppc64le"
},
"product_reference": "nginx-1.19.8-150300.3.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.19.8-150300.3.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:nginx-1.19.8-150300.3.12.1.x86_64"
},
"product_reference": "nginx-1.19.8-150300.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-source-1.19.8-150300.3.12.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:nginx-source-1.19.8-150300.3.12.1.noarch"
},
"product_reference": "nginx-source-1.19.8-150300.3.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.19.8-150300.3.12.1.x86_64 as component of SUSE Manager Proxy 4.2",
"product_id": "SUSE Manager Proxy 4.2:nginx-1.19.8-150300.3.12.1.x86_64"
},
"product_reference": "nginx-1.19.8-150300.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-source-1.19.8-150300.3.12.1.noarch as component of SUSE Manager Proxy 4.2",
"product_id": "SUSE Manager Proxy 4.2:nginx-source-1.19.8-150300.3.12.1.noarch"
},
"product_reference": "nginx-source-1.19.8-150300.3.12.1.noarch",
"relates_to_product_reference": "SUSE Manager Proxy 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.19.8-150300.3.12.1.x86_64 as component of SUSE Manager Retail Branch Server 4.2",
"product_id": "SUSE Manager Retail Branch Server 4.2:nginx-1.19.8-150300.3.12.1.x86_64"
},
"product_reference": "nginx-1.19.8-150300.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-source-1.19.8-150300.3.12.1.noarch as component of SUSE Manager Retail Branch Server 4.2",
"product_id": "SUSE Manager Retail Branch Server 4.2:nginx-source-1.19.8-150300.3.12.1.noarch"
},
"product_reference": "nginx-source-1.19.8-150300.3.12.1.noarch",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.19.8-150300.3.12.1.ppc64le as component of SUSE Manager Server 4.2",
"product_id": "SUSE Manager Server 4.2:nginx-1.19.8-150300.3.12.1.ppc64le"
},
"product_reference": "nginx-1.19.8-150300.3.12.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.19.8-150300.3.12.1.s390x as component of SUSE Manager Server 4.2",
"product_id": "SUSE Manager Server 4.2:nginx-1.19.8-150300.3.12.1.s390x"
},
"product_reference": "nginx-1.19.8-150300.3.12.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.19.8-150300.3.12.1.x86_64 as component of SUSE Manager Server 4.2",
"product_id": "SUSE Manager Server 4.2:nginx-1.19.8-150300.3.12.1.x86_64"
},
"product_reference": "nginx-1.19.8-150300.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-source-1.19.8-150300.3.12.1.noarch as component of SUSE Manager Server 4.2",
"product_id": "SUSE Manager Server 4.2:nginx-source-1.19.8-150300.3.12.1.noarch"
},
"product_reference": "nginx-source-1.19.8-150300.3.12.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.19.8-150300.3.12.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:nginx-1.19.8-150300.3.12.1.aarch64"
},
"product_reference": "nginx-1.19.8-150300.3.12.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.19.8-150300.3.12.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:nginx-1.19.8-150300.3.12.1.x86_64"
},
"product_reference": "nginx-1.19.8-150300.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-source-1.19.8-150300.3.12.1.noarch as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:nginx-source-1.19.8-150300.3.12.1.noarch"
},
"product_reference": "nginx-source-1.19.8-150300.3.12.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-plugin-nginx-1.19.8-150300.3.12.1.noarch as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:vim-plugin-nginx-1.19.8-150300.3.12.1.noarch"
},
"product_reference": "vim-plugin-nginx-1.19.8-150300.3.12.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-41741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41741"
}
],
"notes": [
{
"category": "general",
"text": "NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to corrupt NGINX worker memory, resulting in its termination or potential other impact using a specially crafted audio or video file. The issue affects only NGINX products that are built with the ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:nginx-1.19.8-150300.3.12.1.aarch64",
"SUSE Enterprise Storage 7.1:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Enterprise Storage 7.1:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:nginx-1.19.8-150300.3.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP3:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nginx-1.19.8-150300.3.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Manager Proxy 4.2:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Manager Proxy 4.2:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Manager Retail Branch Server 4.2:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Manager Retail Branch Server 4.2:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Manager Server 4.2:nginx-1.19.8-150300.3.12.1.ppc64le",
"SUSE Manager Server 4.2:nginx-1.19.8-150300.3.12.1.s390x",
"SUSE Manager Server 4.2:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Manager Server 4.2:nginx-source-1.19.8-150300.3.12.1.noarch",
"openSUSE Leap 15.4:vim-plugin-nginx-1.19.8-150300.3.12.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41741",
"url": "https://www.suse.com/security/cve/CVE-2022-41741"
},
{
"category": "external",
"summary": "SUSE Bug 1204526 for CVE-2022-41741",
"url": "https://bugzilla.suse.com/1204526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:nginx-1.19.8-150300.3.12.1.aarch64",
"SUSE Enterprise Storage 7.1:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Enterprise Storage 7.1:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:nginx-1.19.8-150300.3.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP3:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nginx-1.19.8-150300.3.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Manager Proxy 4.2:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Manager Proxy 4.2:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Manager Retail Branch Server 4.2:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Manager Retail Branch Server 4.2:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Manager Server 4.2:nginx-1.19.8-150300.3.12.1.ppc64le",
"SUSE Manager Server 4.2:nginx-1.19.8-150300.3.12.1.s390x",
"SUSE Manager Server 4.2:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Manager Server 4.2:nginx-source-1.19.8-150300.3.12.1.noarch",
"openSUSE Leap 15.4:vim-plugin-nginx-1.19.8-150300.3.12.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:nginx-1.19.8-150300.3.12.1.aarch64",
"SUSE Enterprise Storage 7.1:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Enterprise Storage 7.1:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:nginx-1.19.8-150300.3.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP3:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nginx-1.19.8-150300.3.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Manager Proxy 4.2:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Manager Proxy 4.2:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Manager Retail Branch Server 4.2:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Manager Retail Branch Server 4.2:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Manager Server 4.2:nginx-1.19.8-150300.3.12.1.ppc64le",
"SUSE Manager Server 4.2:nginx-1.19.8-150300.3.12.1.s390x",
"SUSE Manager Server 4.2:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Manager Server 4.2:nginx-source-1.19.8-150300.3.12.1.noarch",
"openSUSE Leap 15.4:vim-plugin-nginx-1.19.8-150300.3.12.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-01-27T15:14:38Z",
"details": "important"
}
],
"title": "CVE-2022-41741"
},
{
"cve": "CVE-2022-41742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41742"
}
],
"notes": [
{
"category": "general",
"text": "NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:nginx-1.19.8-150300.3.12.1.aarch64",
"SUSE Enterprise Storage 7.1:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Enterprise Storage 7.1:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:nginx-1.19.8-150300.3.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP3:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nginx-1.19.8-150300.3.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Manager Proxy 4.2:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Manager Proxy 4.2:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Manager Retail Branch Server 4.2:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Manager Retail Branch Server 4.2:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Manager Server 4.2:nginx-1.19.8-150300.3.12.1.ppc64le",
"SUSE Manager Server 4.2:nginx-1.19.8-150300.3.12.1.s390x",
"SUSE Manager Server 4.2:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Manager Server 4.2:nginx-source-1.19.8-150300.3.12.1.noarch",
"openSUSE Leap 15.4:vim-plugin-nginx-1.19.8-150300.3.12.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41742",
"url": "https://www.suse.com/security/cve/CVE-2022-41742"
},
{
"category": "external",
"summary": "SUSE Bug 1204527 for CVE-2022-41742",
"url": "https://bugzilla.suse.com/1204527"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:nginx-1.19.8-150300.3.12.1.aarch64",
"SUSE Enterprise Storage 7.1:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Enterprise Storage 7.1:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:nginx-1.19.8-150300.3.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP3:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nginx-1.19.8-150300.3.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Manager Proxy 4.2:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Manager Proxy 4.2:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Manager Retail Branch Server 4.2:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Manager Retail Branch Server 4.2:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Manager Server 4.2:nginx-1.19.8-150300.3.12.1.ppc64le",
"SUSE Manager Server 4.2:nginx-1.19.8-150300.3.12.1.s390x",
"SUSE Manager Server 4.2:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Manager Server 4.2:nginx-source-1.19.8-150300.3.12.1.noarch",
"openSUSE Leap 15.4:vim-plugin-nginx-1.19.8-150300.3.12.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:nginx-1.19.8-150300.3.12.1.aarch64",
"SUSE Enterprise Storage 7.1:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Enterprise Storage 7.1:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:nginx-1.19.8-150300.3.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP3:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nginx-1.19.8-150300.3.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Manager Proxy 4.2:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Manager Proxy 4.2:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Manager Retail Branch Server 4.2:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Manager Retail Branch Server 4.2:nginx-source-1.19.8-150300.3.12.1.noarch",
"SUSE Manager Server 4.2:nginx-1.19.8-150300.3.12.1.ppc64le",
"SUSE Manager Server 4.2:nginx-1.19.8-150300.3.12.1.s390x",
"SUSE Manager Server 4.2:nginx-1.19.8-150300.3.12.1.x86_64",
"SUSE Manager Server 4.2:nginx-source-1.19.8-150300.3.12.1.noarch",
"openSUSE Leap 15.4:vim-plugin-nginx-1.19.8-150300.3.12.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-01-27T15:14:38Z",
"details": "important"
}
],
"title": "CVE-2022-41742"
}
]
}
suse-su-2023:0212-1
Vulnerability from csaf_suse
Published
2023-01-30 16:26
Modified
2023-01-30 16:26
Summary
Security update for nginx
Notes
Title of the patch
Security update for nginx
Description of the patch
This update for nginx fixes the following issues:
- CVE-2022-41741: Handle duplicated atoms in mp4 streams, to mitigate out-of-bound reads. (bsc#1204526)
- CVE-2022-41742: Handle duplicated atoms in mp4 streams, to mitigate out-of-bound reads. (bsc#1204527)
Patchnames
SUSE-2023-212,SUSE-SLE-Module-Server-Applications-15-SP4-2023-212,openSUSE-SLE-15.4-2023-212
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for nginx",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for nginx fixes the following issues:\n\n- CVE-2022-41741: Handle duplicated atoms in mp4 streams, to mitigate out-of-bound reads. (bsc#1204526) \n- CVE-2022-41742: Handle duplicated atoms in mp4 streams, to mitigate out-of-bound reads. (bsc#1204527) \n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-212,SUSE-SLE-Module-Server-Applications-15-SP4-2023-212,openSUSE-SLE-15.4-2023-212",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_0212-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:0212-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230212-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:0212-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013597.html"
},
{
"category": "self",
"summary": "SUSE Bug 1204526",
"url": "https://bugzilla.suse.com/1204526"
},
{
"category": "self",
"summary": "SUSE Bug 1204527",
"url": "https://bugzilla.suse.com/1204527"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41741 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41742 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41742/"
}
],
"title": "Security update for nginx",
"tracking": {
"current_release_date": "2023-01-30T16:26:50Z",
"generator": {
"date": "2023-01-30T16:26:50Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:0212-1",
"initial_release_date": "2023-01-30T16:26:50Z",
"revision_history": [
{
"date": "2023-01-30T16:26:50Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "nginx-1.21.5-150400.3.3.1.aarch64",
"product": {
"name": "nginx-1.21.5-150400.3.3.1.aarch64",
"product_id": "nginx-1.21.5-150400.3.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1.21.5-150400.3.3.1.i586",
"product": {
"name": "nginx-1.21.5-150400.3.3.1.i586",
"product_id": "nginx-1.21.5-150400.3.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-source-1.21.5-150400.3.3.1.noarch",
"product": {
"name": "nginx-source-1.21.5-150400.3.3.1.noarch",
"product_id": "nginx-source-1.21.5-150400.3.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1.21.5-150400.3.3.1.ppc64le",
"product": {
"name": "nginx-1.21.5-150400.3.3.1.ppc64le",
"product_id": "nginx-1.21.5-150400.3.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1.21.5-150400.3.3.1.s390x",
"product": {
"name": "nginx-1.21.5-150400.3.3.1.s390x",
"product_id": "nginx-1.21.5-150400.3.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1.21.5-150400.3.3.1.x86_64",
"product": {
"name": "nginx-1.21.5-150400.3.3.1.x86_64",
"product_id": "nginx-1.21.5-150400.3.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-server-applications:15:sp4"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.21.5-150400.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.aarch64"
},
"product_reference": "nginx-1.21.5-150400.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.21.5-150400.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.ppc64le"
},
"product_reference": "nginx-1.21.5-150400.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.21.5-150400.3.3.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.s390x"
},
"product_reference": "nginx-1.21.5-150400.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.21.5-150400.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.x86_64"
},
"product_reference": "nginx-1.21.5-150400.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-source-1.21.5-150400.3.3.1.noarch as component of SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-source-1.21.5-150400.3.3.1.noarch"
},
"product_reference": "nginx-source-1.21.5-150400.3.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.21.5-150400.3.3.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.aarch64"
},
"product_reference": "nginx-1.21.5-150400.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.21.5-150400.3.3.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.ppc64le"
},
"product_reference": "nginx-1.21.5-150400.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.21.5-150400.3.3.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.s390x"
},
"product_reference": "nginx-1.21.5-150400.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.21.5-150400.3.3.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.x86_64"
},
"product_reference": "nginx-1.21.5-150400.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-source-1.21.5-150400.3.3.1.noarch as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:nginx-source-1.21.5-150400.3.3.1.noarch"
},
"product_reference": "nginx-source-1.21.5-150400.3.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-41741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41741"
}
],
"notes": [
{
"category": "general",
"text": "NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to corrupt NGINX worker memory, resulting in its termination or potential other impact using a specially crafted audio or video file. The issue affects only NGINX products that are built with the ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-source-1.21.5-150400.3.3.1.noarch",
"openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.aarch64",
"openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.ppc64le",
"openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.s390x",
"openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.x86_64",
"openSUSE Leap 15.4:nginx-source-1.21.5-150400.3.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41741",
"url": "https://www.suse.com/security/cve/CVE-2022-41741"
},
{
"category": "external",
"summary": "SUSE Bug 1204526 for CVE-2022-41741",
"url": "https://bugzilla.suse.com/1204526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-source-1.21.5-150400.3.3.1.noarch",
"openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.aarch64",
"openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.ppc64le",
"openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.s390x",
"openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.x86_64",
"openSUSE Leap 15.4:nginx-source-1.21.5-150400.3.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-source-1.21.5-150400.3.3.1.noarch",
"openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.aarch64",
"openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.ppc64le",
"openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.s390x",
"openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.x86_64",
"openSUSE Leap 15.4:nginx-source-1.21.5-150400.3.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-01-30T16:26:50Z",
"details": "important"
}
],
"title": "CVE-2022-41741"
},
{
"cve": "CVE-2022-41742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41742"
}
],
"notes": [
{
"category": "general",
"text": "NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-source-1.21.5-150400.3.3.1.noarch",
"openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.aarch64",
"openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.ppc64le",
"openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.s390x",
"openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.x86_64",
"openSUSE Leap 15.4:nginx-source-1.21.5-150400.3.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41742",
"url": "https://www.suse.com/security/cve/CVE-2022-41742"
},
{
"category": "external",
"summary": "SUSE Bug 1204527 for CVE-2022-41742",
"url": "https://bugzilla.suse.com/1204527"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-source-1.21.5-150400.3.3.1.noarch",
"openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.aarch64",
"openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.ppc64le",
"openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.s390x",
"openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.x86_64",
"openSUSE Leap 15.4:nginx-source-1.21.5-150400.3.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-1.21.5-150400.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:nginx-source-1.21.5-150400.3.3.1.noarch",
"openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.aarch64",
"openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.ppc64le",
"openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.s390x",
"openSUSE Leap 15.4:nginx-1.21.5-150400.3.3.1.x86_64",
"openSUSE Leap 15.4:nginx-source-1.21.5-150400.3.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-01-30T16:26:50Z",
"details": "important"
}
],
"title": "CVE-2022-41742"
}
]
}
icsa-24-165-13
Vulnerability from csaf_cisa
Published
2024-06-11 00:00
Modified
2025-05-06 06:00
Summary
Siemens SINEC Traffic Analyzer
Notes
Summary
SINEC Traffic Analyzer before V1.2 is affected by multiple vulnerabilities.
Siemens has released a new version for SINEC Traffic Analyzer and recommends to update to the latest version.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors
Energy
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens ProductCERT",
"summary": "reporting these vulnerabilities to CISA."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "SINEC Traffic Analyzer before V1.2 is affected by multiple vulnerabilities.\n\nSiemens has released a new version for SINEC Traffic Analyzer and recommends to update to the latest version.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "other",
"text": "This CISA CSAF advisory was converted from Siemens ProductCERT\u0027s CSAF advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Energy",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "SSA-196737: Multiple Vulnerabilities in SINEC Traffic Analyzer Before V1.2 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-196737.json"
},
{
"category": "self",
"summary": "SSA-196737: Multiple Vulnerabilities in SINEC Traffic Analyzer Before V1.2 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-196737.html"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-24-165-13 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-165-13.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-24-165-13 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-13"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Siemens SINEC Traffic Analyzer ",
"tracking": {
"current_release_date": "2025-05-06T06:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-24-165-13",
"initial_release_date": "2024-06-11T00:00:00.000000Z",
"revision_history": [
{
"date": "2024-06-11T00:00:00.000000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2025-02-11T00:00:00.000000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Updated the cvss vector"
},
{
"date": "2025-05-06T06:00:00.000000Z",
"legacy_version": "Revision",
"number": "3",
"summary": "Revision - Fixing typos"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV1.2",
"product": {
"name": "SINEC Traffic Analyzer (6GK8822-1BG01-0BA0)",
"product_id": "CSAFPID-0001",
"product_identification_helper": {
"model_numbers": [
"6GK8822-1BG01-0BA0"
]
}
}
}
],
"category": "product_name",
"name": "SINEC Traffic Analyzer (6GK8822-1BG01-0BA0)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-41742",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2022-41742"
},
{
"cve": "CVE-2024-35206",
"cwe": {
"id": "CWE-613",
"name": "Insufficient Session Expiration"
},
"notes": [
{
"category": "summary",
"text": "The affected application does not expire the session. This could allow an attacker to get unauthorized access.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35206"
},
{
"cve": "CVE-2024-35207",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"notes": [
{
"category": "summary",
"text": "The web interface of the affected devices are vulnerable to Cross-Site Request Forgery(CSRF) attacks. By tricking an authenticated victim user to click a malicious link, an attacker could perform arbitrary actions on the device on behalf of the victim user.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35207"
},
{
"cve": "CVE-2024-35208",
"cwe": {
"id": "CWE-522",
"name": "Insufficiently Protected Credentials"
},
"notes": [
{
"category": "summary",
"text": "The affected web server stored the password in cleartext. This could allow attacker in a privileged position to obtain access passwords.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35208"
},
{
"cve": "CVE-2024-35209",
"cwe": {
"id": "CWE-749",
"name": "Exposed Dangerous Method or Function"
},
"notes": [
{
"category": "summary",
"text": "The affected web server is allowing HTTP methods like PUT and Delete. This could allow an attacker to modify unauthorized files.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35209"
},
{
"cve": "CVE-2024-35210",
"cwe": {
"id": "CWE-319",
"name": "Cleartext Transmission of Sensitive Information"
},
"notes": [
{
"category": "summary",
"text": "The affected web server is not enforcing HSTS. This could allow an attacker to perform downgrade attacks exposing confidential information.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35210"
},
{
"cve": "CVE-2024-35211",
"cwe": {
"id": "CWE-614",
"name": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute"
},
"notes": [
{
"category": "summary",
"text": "The affected web server, after a successful login, sets the session cookie on the browser, without applying any security attributes (such as \u201cSecure\u201d, \u201cHttpOnly\u201d, or \u201cSameSite\u201d).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35211"
},
{
"cve": "CVE-2024-35212",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The affected application lacks input validation due to which an attacker can gain access to the Database entries.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35212"
}
]
}
ICSA-24-165-13
Vulnerability from csaf_cisa
Published
2024-06-11 00:00
Modified
2025-05-06 06:00
Summary
Siemens SINEC Traffic Analyzer
Notes
Summary
SINEC Traffic Analyzer before V1.2 is affected by multiple vulnerabilities.
Siemens has released a new version for SINEC Traffic Analyzer and recommends to update to the latest version.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors
Energy
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens ProductCERT",
"summary": "reporting these vulnerabilities to CISA."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "SINEC Traffic Analyzer before V1.2 is affected by multiple vulnerabilities.\n\nSiemens has released a new version for SINEC Traffic Analyzer and recommends to update to the latest version.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "other",
"text": "This CISA CSAF advisory was converted from Siemens ProductCERT\u0027s CSAF advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Energy",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "SSA-196737: Multiple Vulnerabilities in SINEC Traffic Analyzer Before V1.2 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-196737.json"
},
{
"category": "self",
"summary": "SSA-196737: Multiple Vulnerabilities in SINEC Traffic Analyzer Before V1.2 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-196737.html"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-24-165-13 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-165-13.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-24-165-13 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-13"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Siemens SINEC Traffic Analyzer ",
"tracking": {
"current_release_date": "2025-05-06T06:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-24-165-13",
"initial_release_date": "2024-06-11T00:00:00.000000Z",
"revision_history": [
{
"date": "2024-06-11T00:00:00.000000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2025-02-11T00:00:00.000000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Updated the cvss vector"
},
{
"date": "2025-05-06T06:00:00.000000Z",
"legacy_version": "Revision",
"number": "3",
"summary": "Revision - Fixing typos"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV1.2",
"product": {
"name": "SINEC Traffic Analyzer (6GK8822-1BG01-0BA0)",
"product_id": "CSAFPID-0001",
"product_identification_helper": {
"model_numbers": [
"6GK8822-1BG01-0BA0"
]
}
}
}
],
"category": "product_name",
"name": "SINEC Traffic Analyzer (6GK8822-1BG01-0BA0)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-41742",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2022-41742"
},
{
"cve": "CVE-2024-35206",
"cwe": {
"id": "CWE-613",
"name": "Insufficient Session Expiration"
},
"notes": [
{
"category": "summary",
"text": "The affected application does not expire the session. This could allow an attacker to get unauthorized access.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35206"
},
{
"cve": "CVE-2024-35207",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"notes": [
{
"category": "summary",
"text": "The web interface of the affected devices are vulnerable to Cross-Site Request Forgery(CSRF) attacks. By tricking an authenticated victim user to click a malicious link, an attacker could perform arbitrary actions on the device on behalf of the victim user.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35207"
},
{
"cve": "CVE-2024-35208",
"cwe": {
"id": "CWE-522",
"name": "Insufficiently Protected Credentials"
},
"notes": [
{
"category": "summary",
"text": "The affected web server stored the password in cleartext. This could allow attacker in a privileged position to obtain access passwords.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35208"
},
{
"cve": "CVE-2024-35209",
"cwe": {
"id": "CWE-749",
"name": "Exposed Dangerous Method or Function"
},
"notes": [
{
"category": "summary",
"text": "The affected web server is allowing HTTP methods like PUT and Delete. This could allow an attacker to modify unauthorized files.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35209"
},
{
"cve": "CVE-2024-35210",
"cwe": {
"id": "CWE-319",
"name": "Cleartext Transmission of Sensitive Information"
},
"notes": [
{
"category": "summary",
"text": "The affected web server is not enforcing HSTS. This could allow an attacker to perform downgrade attacks exposing confidential information.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35210"
},
{
"cve": "CVE-2024-35211",
"cwe": {
"id": "CWE-614",
"name": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute"
},
"notes": [
{
"category": "summary",
"text": "The affected web server, after a successful login, sets the session cookie on the browser, without applying any security attributes (such as \u201cSecure\u201d, \u201cHttpOnly\u201d, or \u201cSameSite\u201d).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35211"
},
{
"cve": "CVE-2024-35212",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The affected application lacks input validation due to which an attacker can gain access to the Database entries.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35212"
}
]
}
rhsa-2025:7402
Vulnerability from csaf_redhat
Published
2025-05-13 14:00
Modified
2025-10-28 02:03
Summary
Red Hat Security Advisory: nginx security update
Notes
Topic
An update for nginx is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.
Security Fix(es):
* nginx: Memory corruption in the ngx_http_mp4_module (CVE-2022-41741)
* nginx: Memory disclosure in the ngx_http_mp4_module (CVE-2022-41742)
* nginx: specially crafted MP4 file may cause denial of service (CVE-2024-7347)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for nginx is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. \n\nSecurity Fix(es):\n\n* nginx: Memory corruption in the ngx_http_mp4_module (CVE-2022-41741)\n\n* nginx: Memory disclosure in the ngx_http_mp4_module (CVE-2022-41742)\n\n* nginx: specially crafted MP4 file may cause denial of service (CVE-2024-7347)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:7402",
"url": "https://access.redhat.com/errata/RHSA-2025:7402"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2141495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141495"
},
{
"category": "external",
"summary": "2141496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141496"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_7402.json"
}
],
"title": "Red Hat Security Advisory: nginx security update",
"tracking": {
"current_release_date": "2025-10-28T02:03:02+00:00",
"generator": {
"date": "2025-10-28T02:03:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.10"
}
},
"id": "RHSA-2025:7402",
"initial_release_date": "2025-05-13T14:00:41+00:00",
"revision_history": [
{
"date": "2025-05-13T14:00:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-05-13T14:00:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-28T02:03:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::crb"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-2:1.20.1-22.el9_6.2.src",
"product": {
"name": "nginx-2:1.20.1-22.el9_6.2.src",
"product_id": "nginx-2:1.20.1-22.el9_6.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.20.1-22.el9_6.2?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-2:1.20.1-22.el9_6.2.aarch64",
"product": {
"name": "nginx-2:1.20.1-22.el9_6.2.aarch64",
"product_id": "nginx-2:1.20.1-22.el9_6.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.20.1-22.el9_6.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"product": {
"name": "nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"product_id": "nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.20.1-22.el9_6.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"product": {
"name": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"product_id": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.20.1-22.el9_6.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"product": {
"name": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"product_id": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.20.1-22.el9_6.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"product": {
"name": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"product_id": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.20.1-22.el9_6.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"product": {
"name": "nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"product_id": "nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.20.1-22.el9_6.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"product": {
"name": "nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"product_id": "nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.20.1-22.el9_6.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"product": {
"name": "nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"product_id": "nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.20.1-22.el9_6.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"product": {
"name": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"product_id": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.20.1-22.el9_6.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"product": {
"name": "nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"product_id": "nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.20.1-22.el9_6.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"product_id": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.20.1-22.el9_6.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"product": {
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"product_id": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.20.1-22.el9_6.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.20.1-22.el9_6.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"product": {
"name": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"product_id": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.20.1-22.el9_6.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"product": {
"name": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"product_id": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.20.1-22.el9_6.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"product": {
"name": "nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"product_id": "nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.20.1-22.el9_6.2?arch=aarch64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-2:1.20.1-22.el9_6.2.ppc64le",
"product": {
"name": "nginx-2:1.20.1-22.el9_6.2.ppc64le",
"product_id": "nginx-2:1.20.1-22.el9_6.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.20.1-22.el9_6.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"product": {
"name": "nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"product_id": "nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.20.1-22.el9_6.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"product": {
"name": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"product_id": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.20.1-22.el9_6.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"product": {
"name": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"product_id": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.20.1-22.el9_6.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"product": {
"name": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"product_id": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.20.1-22.el9_6.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"product": {
"name": "nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"product_id": "nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.20.1-22.el9_6.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"product": {
"name": "nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"product_id": "nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.20.1-22.el9_6.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"product": {
"name": "nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"product_id": "nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.20.1-22.el9_6.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"product": {
"name": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"product_id": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.20.1-22.el9_6.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"product": {
"name": "nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"product_id": "nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.20.1-22.el9_6.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"product_id": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.20.1-22.el9_6.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"product": {
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"product_id": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.20.1-22.el9_6.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.20.1-22.el9_6.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"product": {
"name": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"product_id": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.20.1-22.el9_6.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"product": {
"name": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"product_id": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.20.1-22.el9_6.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"product": {
"name": "nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"product_id": "nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.20.1-22.el9_6.2?arch=ppc64le\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-2:1.20.1-22.el9_6.2.x86_64",
"product": {
"name": "nginx-2:1.20.1-22.el9_6.2.x86_64",
"product_id": "nginx-2:1.20.1-22.el9_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.20.1-22.el9_6.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"product": {
"name": "nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"product_id": "nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.20.1-22.el9_6.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"product": {
"name": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"product_id": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.20.1-22.el9_6.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"product": {
"name": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"product_id": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.20.1-22.el9_6.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"product": {
"name": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"product_id": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.20.1-22.el9_6.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"product": {
"name": "nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"product_id": "nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.20.1-22.el9_6.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"product": {
"name": "nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"product_id": "nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.20.1-22.el9_6.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"product": {
"name": "nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"product_id": "nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.20.1-22.el9_6.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"product": {
"name": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"product_id": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.20.1-22.el9_6.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"product": {
"name": "nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"product_id": "nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.20.1-22.el9_6.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"product_id": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.20.1-22.el9_6.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"product": {
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"product_id": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.20.1-22.el9_6.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.20.1-22.el9_6.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"product": {
"name": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"product_id": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.20.1-22.el9_6.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"product": {
"name": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"product_id": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.20.1-22.el9_6.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"product": {
"name": "nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"product_id": "nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.20.1-22.el9_6.2?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-2:1.20.1-22.el9_6.2.s390x",
"product": {
"name": "nginx-2:1.20.1-22.el9_6.2.s390x",
"product_id": "nginx-2:1.20.1-22.el9_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.20.1-22.el9_6.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-core-2:1.20.1-22.el9_6.2.s390x",
"product": {
"name": "nginx-core-2:1.20.1-22.el9_6.2.s390x",
"product_id": "nginx-core-2:1.20.1-22.el9_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.20.1-22.el9_6.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"product": {
"name": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"product_id": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.20.1-22.el9_6.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"product": {
"name": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"product_id": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.20.1-22.el9_6.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"product": {
"name": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"product_id": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.20.1-22.el9_6.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"product": {
"name": "nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"product_id": "nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.20.1-22.el9_6.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"product": {
"name": "nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"product_id": "nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.20.1-22.el9_6.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"product": {
"name": "nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"product_id": "nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.20.1-22.el9_6.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"product": {
"name": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"product_id": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.20.1-22.el9_6.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"product": {
"name": "nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"product_id": "nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.20.1-22.el9_6.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"product_id": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.20.1-22.el9_6.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"product": {
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"product_id": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.20.1-22.el9_6.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.20.1-22.el9_6.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"product": {
"name": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"product_id": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.20.1-22.el9_6.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"product": {
"name": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"product_id": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.20.1-22.el9_6.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"product": {
"name": "nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"product_id": "nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.20.1-22.el9_6.2?arch=s390x\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"product": {
"name": "nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"product_id": "nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-all-modules@1.20.1-22.el9_6.2?arch=noarch\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"product": {
"name": "nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"product_id": "nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-filesystem@1.20.1-22.el9_6.2?arch=noarch\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.20.1-22.el9_6.2.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.src"
},
"product_reference": "nginx-2:1.20.1-22.el9_6.2.src",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-all-modules-2:1.20.1-22.el9_6.2.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-all-modules-2:1.20.1-22.el9_6.2.noarch"
},
"product_reference": "nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-core-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-filesystem-2:1.20.1-22.el9_6.2.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-filesystem-2:1.20.1-22.el9_6.2.noarch"
},
"product_reference": "nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.20.1-22.el9_6.2.src as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.src"
},
"product_reference": "nginx-2:1.20.1-22.el9_6.2.src",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-all-modules-2:1.20.1-22.el9_6.2.noarch as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-all-modules-2:1.20.1-22.el9_6.2.noarch"
},
"product_reference": "nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-core-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-filesystem-2:1.20.1-22.el9_6.2.noarch as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-filesystem-2:1.20.1-22.el9_6.2.noarch"
},
"product_reference": "nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-41741",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2141495"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in NGINX\u0027s module, ngx_http_mp4_module. This flaw allows a local attacker to corrupt NGINX worker memory, resulting in its termination using a specially crafted audio or video file. The issue affects only NGINX products built with ngx_http_mp4_module when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger the processing of a specially crafted audio or video file with ngx_http_mp4_module.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nginx: Memory corruption in the ngx_http_mp4_module",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-787: Out-of-bounds Write vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines to apply the most restrictive settings necessary for operational requirements. Baseline configurations and system controls ensure secure software settings, while least functionality reduces the attack surface by disabling unauthorized services and ports. The environment employs IPS/IDS and antimalware solutions to detect and prevent malicious code exploiting out-of-bounds write vulnerabilities, using mechanisms such as file integrity monitoring and patch management. Robust input validation and error handling ensure all user inputs are thoroughly validated, preventing instability, data exposure, or privilege escalation. Finally, the platform uses memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) to strengthen resilience against out-of-bounds write exploits.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.src",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.src",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41741"
},
{
"category": "external",
"summary": "RHBZ#2141495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141495"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41741",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41741"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41741",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41741"
},
{
"category": "external",
"summary": "https://nginx.org/en/security_advisories.html",
"url": "https://nginx.org/en/security_advisories.html"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-13T14:00:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.src",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.src",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:7402"
},
{
"category": "workaround",
"details": "A mitigation for this vulnerability would be to disable the ngx_http_mp4_module module in your local Nginx environment.",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.src",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.src",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.src",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.src",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nginx: Memory corruption in the ngx_http_mp4_module"
},
{
"cve": "CVE-2022-41742",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2141496"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in NGINX\u2019s module, ngx_http_mp4_module. This flaw allows a local attacker to cause a worker process crash or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products built with ngx_http_mp4_module when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger the processing of a specially crafted audio or video file with ngx_http_mp4_module.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nginx: Memory disclosure in the ngx_http_mp4_module",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-787: Out-of-bounds Write vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines to apply the most restrictive settings necessary for operational requirements. Baseline configurations and system controls ensure secure software settings, while least functionality reduces the attack surface by disabling unauthorized services and ports. The environment employs IPS/IDS and antimalware solutions to detect and prevent malicious code exploiting out-of-bounds write vulnerabilities, using mechanisms such as file integrity monitoring and patch management. Robust input validation and error handling ensure all user inputs are thoroughly validated, preventing instability, data exposure, or privilege escalation. Finally, the platform uses memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) to strengthen resilience against out-of-bounds write exploits.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.src",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.src",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41742"
},
{
"category": "external",
"summary": "RHBZ#2141496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41742",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41742"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41742",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41742"
},
{
"category": "external",
"summary": "https://nginx.org/en/security_advisories.html",
"url": "https://nginx.org/en/security_advisories.html"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-13T14:00:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.src",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.src",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:7402"
},
{
"category": "workaround",
"details": "A mitigation for this vulnerability would be to disable the ngx_http_mp4_module module in your local Nginx environment.",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.src",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.src",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.src",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.src",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nginx: Memory disclosure in the ngx_http_mp4_module"
},
{
"cve": "CVE-2024-7347",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"discovery_date": "2024-08-14T15:23:37.876356+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2304966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the ngx_http_mp4_module module of Nginx. Processing a specially crafted MP4 file can trigger a buffer over-read and cause the nginx process to terminate, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nginx: specially crafted MP4 file may cause denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects configurations with the ngx_http_mp4_module module loaded and being used. Additionally, to exploit this flaw, an attacker must be able to send and process a specially crafted MP4 file with the ngx_http_mp4_module module.\n\nThis module can be disable via the configuration file if its functionality is not needed.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-126: Buffer Over-read vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nMemory access boundaries are enforced through secure coding practices, including bounds checking and automated detection of over-read conditions during development. Static analysis and peer reviews catch improper memory handling early, reducing the risk of vulnerabilities reaching production. Memory protection mechanisms restrict access to allocated regions at runtime, and process isolation contains memory faults within the affected workload. Additionally, a defense-in-depth monitoring strategy supports real-time detection of anomalous memory activity, enabling rapid response and limiting potential impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.src",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.src",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-7347"
},
{
"category": "external",
"summary": "RHBZ#2304966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-7347",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7347"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7347",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7347"
},
{
"category": "external",
"summary": "https://my.f5.com/manage/s/article/K000140529",
"url": "https://my.f5.com/manage/s/article/K000140529"
}
],
"release_date": "2024-08-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-13T14:00:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.src",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.src",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:7402"
},
{
"category": "workaround",
"details": "Restrict publishing of audio and video to trusted users only.",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.src",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.src",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.src",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.src",
"CRB-9.6.0.Z.MAIN.EUS:nginx-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-all-modules-2:1.20.1-22.el9_6.2.noarch",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-core-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-debugsource-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-filesystem-2:1.20.1-22.el9_6.2.noarch",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-devel-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-2:1.20.1-22.el9_6.2.x86_64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.aarch64",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.ppc64le",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.s390x",
"CRB-9.6.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-2:1.20.1-22.el9_6.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nginx: specially crafted MP4 file may cause denial of service"
}
]
}
rhsa-2025:7619
Vulnerability from csaf_redhat
Published
2025-05-14 16:21
Modified
2025-10-28 02:03
Summary
Red Hat Security Advisory: nginx security update
Notes
Topic
An update for nginx is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.
Security Fix(es):
* nginx: Memory corruption in the ngx_http_mp4_module (CVE-2022-41741)
* nginx: Memory disclosure in the ngx_http_mp4_module (CVE-2022-41742)
* nginx: specially crafted MP4 file may cause denial of service (CVE-2024-7347)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for nginx is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. \n\nSecurity Fix(es):\n\n* nginx: Memory corruption in the ngx_http_mp4_module (CVE-2022-41741)\n\n* nginx: Memory disclosure in the ngx_http_mp4_module (CVE-2022-41742)\n\n* nginx: specially crafted MP4 file may cause denial of service (CVE-2024-7347)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:7619",
"url": "https://access.redhat.com/errata/RHSA-2025:7619"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2141495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141495"
},
{
"category": "external",
"summary": "2141496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141496"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_7619.json"
}
],
"title": "Red Hat Security Advisory: nginx security update",
"tracking": {
"current_release_date": "2025-10-28T02:03:06+00:00",
"generator": {
"date": "2025-10-28T02:03:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.10"
}
},
"id": "RHSA-2025:7619",
"initial_release_date": "2025-05-14T16:21:20+00:00",
"revision_history": [
{
"date": "2025-05-14T16:21:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-05-14T16:21:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-28T02:03:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.4::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product": {
"name": "Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.4::crb"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1:1.20.1-16.el9_4.3.src",
"product": {
"name": "nginx-1:1.20.1-16.el9_4.3.src",
"product_id": "nginx-1:1.20.1-16.el9_4.3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.20.1-16.el9_4.3?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1:1.20.1-16.el9_4.3.aarch64",
"product": {
"name": "nginx-1:1.20.1-16.el9_4.3.aarch64",
"product_id": "nginx-1:1.20.1-16.el9_4.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.20.1-16.el9_4.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"product": {
"name": "nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"product_id": "nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.20.1-16.el9_4.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"product": {
"name": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"product_id": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.20.1-16.el9_4.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"product": {
"name": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"product_id": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.20.1-16.el9_4.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"product": {
"name": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"product_id": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.20.1-16.el9_4.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"product": {
"name": "nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"product_id": "nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.20.1-16.el9_4.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"product": {
"name": "nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"product_id": "nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.20.1-16.el9_4.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"product": {
"name": "nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"product_id": "nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.20.1-16.el9_4.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"product": {
"name": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"product_id": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.20.1-16.el9_4.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"product": {
"name": "nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"product_id": "nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.20.1-16.el9_4.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"product_id": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.20.1-16.el9_4.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"product": {
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"product_id": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.20.1-16.el9_4.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.20.1-16.el9_4.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"product": {
"name": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"product_id": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.20.1-16.el9_4.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"product": {
"name": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"product_id": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.20.1-16.el9_4.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"product": {
"name": "nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"product_id": "nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.20.1-16.el9_4.3?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1:1.20.1-16.el9_4.3.ppc64le",
"product": {
"name": "nginx-1:1.20.1-16.el9_4.3.ppc64le",
"product_id": "nginx-1:1.20.1-16.el9_4.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.20.1-16.el9_4.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"product": {
"name": "nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"product_id": "nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.20.1-16.el9_4.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"product": {
"name": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"product_id": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.20.1-16.el9_4.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"product": {
"name": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"product_id": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.20.1-16.el9_4.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"product": {
"name": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"product_id": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.20.1-16.el9_4.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"product": {
"name": "nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"product_id": "nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.20.1-16.el9_4.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"product": {
"name": "nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"product_id": "nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.20.1-16.el9_4.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"product": {
"name": "nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"product_id": "nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.20.1-16.el9_4.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"product": {
"name": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"product_id": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.20.1-16.el9_4.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"product": {
"name": "nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"product_id": "nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.20.1-16.el9_4.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"product_id": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.20.1-16.el9_4.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"product": {
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"product_id": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.20.1-16.el9_4.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.20.1-16.el9_4.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"product": {
"name": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"product_id": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.20.1-16.el9_4.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"product": {
"name": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"product_id": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.20.1-16.el9_4.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"product": {
"name": "nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"product_id": "nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.20.1-16.el9_4.3?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1:1.20.1-16.el9_4.3.x86_64",
"product": {
"name": "nginx-1:1.20.1-16.el9_4.3.x86_64",
"product_id": "nginx-1:1.20.1-16.el9_4.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.20.1-16.el9_4.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"product": {
"name": "nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"product_id": "nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.20.1-16.el9_4.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"product": {
"name": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"product_id": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.20.1-16.el9_4.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"product": {
"name": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"product_id": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.20.1-16.el9_4.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"product": {
"name": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"product_id": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.20.1-16.el9_4.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"product": {
"name": "nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"product_id": "nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.20.1-16.el9_4.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"product": {
"name": "nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"product_id": "nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.20.1-16.el9_4.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"product": {
"name": "nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"product_id": "nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.20.1-16.el9_4.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"product": {
"name": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"product_id": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.20.1-16.el9_4.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"product": {
"name": "nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"product_id": "nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.20.1-16.el9_4.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"product_id": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.20.1-16.el9_4.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"product": {
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"product_id": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.20.1-16.el9_4.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.20.1-16.el9_4.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"product": {
"name": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"product_id": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.20.1-16.el9_4.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"product": {
"name": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"product_id": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.20.1-16.el9_4.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"product": {
"name": "nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"product_id": "nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.20.1-16.el9_4.3?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1:1.20.1-16.el9_4.3.s390x",
"product": {
"name": "nginx-1:1.20.1-16.el9_4.3.s390x",
"product_id": "nginx-1:1.20.1-16.el9_4.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.20.1-16.el9_4.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-core-1:1.20.1-16.el9_4.3.s390x",
"product": {
"name": "nginx-core-1:1.20.1-16.el9_4.3.s390x",
"product_id": "nginx-core-1:1.20.1-16.el9_4.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.20.1-16.el9_4.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"product": {
"name": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"product_id": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.20.1-16.el9_4.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"product": {
"name": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"product_id": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.20.1-16.el9_4.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"product": {
"name": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"product_id": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.20.1-16.el9_4.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"product": {
"name": "nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"product_id": "nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.20.1-16.el9_4.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"product": {
"name": "nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"product_id": "nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.20.1-16.el9_4.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"product": {
"name": "nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"product_id": "nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.20.1-16.el9_4.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"product": {
"name": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"product_id": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.20.1-16.el9_4.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"product": {
"name": "nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"product_id": "nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.20.1-16.el9_4.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"product_id": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.20.1-16.el9_4.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"product": {
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"product_id": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.20.1-16.el9_4.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.20.1-16.el9_4.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"product": {
"name": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"product_id": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.20.1-16.el9_4.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"product": {
"name": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"product_id": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.20.1-16.el9_4.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"product": {
"name": "nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"product_id": "nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.20.1-16.el9_4.3?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"product": {
"name": "nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"product_id": "nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-all-modules@1.20.1-16.el9_4.3?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"product": {
"name": "nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"product_id": "nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-filesystem@1.20.1-16.el9_4.3?arch=noarch\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.20.1-16.el9_4.3.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.src"
},
"product_reference": "nginx-1:1.20.1-16.el9_4.3.src",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-all-modules-1:1.20.1-16.el9_4.3.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-all-modules-1:1.20.1-16.el9_4.3.noarch"
},
"product_reference": "nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-core-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-filesystem-1:1.20.1-16.el9_4.3.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-filesystem-1:1.20.1-16.el9_4.3.noarch"
},
"product_reference": "nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.20.1-16.el9_4.3.src as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.src"
},
"product_reference": "nginx-1:1.20.1-16.el9_4.3.src",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-all-modules-1:1.20.1-16.el9_4.3.noarch as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-all-modules-1:1.20.1-16.el9_4.3.noarch"
},
"product_reference": "nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-core-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-filesystem-1:1.20.1-16.el9_4.3.noarch as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-filesystem-1:1.20.1-16.el9_4.3.noarch"
},
"product_reference": "nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64"
},
"product_reference": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le"
},
"product_reference": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x"
},
"product_reference": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64"
},
"product_reference": "nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-41741",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2141495"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in NGINX\u0027s module, ngx_http_mp4_module. This flaw allows a local attacker to corrupt NGINX worker memory, resulting in its termination using a specially crafted audio or video file. The issue affects only NGINX products built with ngx_http_mp4_module when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger the processing of a specially crafted audio or video file with ngx_http_mp4_module.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nginx: Memory corruption in the ngx_http_mp4_module",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-787: Out-of-bounds Write vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines to apply the most restrictive settings necessary for operational requirements. Baseline configurations and system controls ensure secure software settings, while least functionality reduces the attack surface by disabling unauthorized services and ports. The environment employs IPS/IDS and antimalware solutions to detect and prevent malicious code exploiting out-of-bounds write vulnerabilities, using mechanisms such as file integrity monitoring and patch management. Robust input validation and error handling ensure all user inputs are thoroughly validated, preventing instability, data exposure, or privilege escalation. Finally, the platform uses memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) to strengthen resilience against out-of-bounds write exploits.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.src",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.src",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41741"
},
{
"category": "external",
"summary": "RHBZ#2141495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141495"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41741",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41741"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41741",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41741"
},
{
"category": "external",
"summary": "https://nginx.org/en/security_advisories.html",
"url": "https://nginx.org/en/security_advisories.html"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-14T16:21:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.src",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.src",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:7619"
},
{
"category": "workaround",
"details": "A mitigation for this vulnerability would be to disable the ngx_http_mp4_module module in your local Nginx environment.",
"product_ids": [
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.src",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.src",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.src",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.src",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nginx: Memory corruption in the ngx_http_mp4_module"
},
{
"cve": "CVE-2022-41742",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2141496"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in NGINX\u2019s module, ngx_http_mp4_module. This flaw allows a local attacker to cause a worker process crash or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products built with ngx_http_mp4_module when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger the processing of a specially crafted audio or video file with ngx_http_mp4_module.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nginx: Memory disclosure in the ngx_http_mp4_module",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-787: Out-of-bounds Write vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines to apply the most restrictive settings necessary for operational requirements. Baseline configurations and system controls ensure secure software settings, while least functionality reduces the attack surface by disabling unauthorized services and ports. The environment employs IPS/IDS and antimalware solutions to detect and prevent malicious code exploiting out-of-bounds write vulnerabilities, using mechanisms such as file integrity monitoring and patch management. Robust input validation and error handling ensure all user inputs are thoroughly validated, preventing instability, data exposure, or privilege escalation. Finally, the platform uses memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) to strengthen resilience against out-of-bounds write exploits.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.src",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.src",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41742"
},
{
"category": "external",
"summary": "RHBZ#2141496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41742",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41742"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41742",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41742"
},
{
"category": "external",
"summary": "https://nginx.org/en/security_advisories.html",
"url": "https://nginx.org/en/security_advisories.html"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-14T16:21:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.src",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.src",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:7619"
},
{
"category": "workaround",
"details": "A mitigation for this vulnerability would be to disable the ngx_http_mp4_module module in your local Nginx environment.",
"product_ids": [
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.src",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.src",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.src",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.src",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nginx: Memory disclosure in the ngx_http_mp4_module"
},
{
"cve": "CVE-2024-7347",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"discovery_date": "2024-08-14T15:23:37.876356+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2304966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the ngx_http_mp4_module module of Nginx. Processing a specially crafted MP4 file can trigger a buffer over-read and cause the nginx process to terminate, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nginx: specially crafted MP4 file may cause denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects configurations with the ngx_http_mp4_module module loaded and being used. Additionally, to exploit this flaw, an attacker must be able to send and process a specially crafted MP4 file with the ngx_http_mp4_module module.\n\nThis module can be disable via the configuration file if its functionality is not needed.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-126: Buffer Over-read vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nMemory access boundaries are enforced through secure coding practices, including bounds checking and automated detection of over-read conditions during development. Static analysis and peer reviews catch improper memory handling early, reducing the risk of vulnerabilities reaching production. Memory protection mechanisms restrict access to allocated regions at runtime, and process isolation contains memory faults within the affected workload. Additionally, a defense-in-depth monitoring strategy supports real-time detection of anomalous memory activity, enabling rapid response and limiting potential impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.src",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.src",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-7347"
},
{
"category": "external",
"summary": "RHBZ#2304966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-7347",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7347"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7347",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7347"
},
{
"category": "external",
"summary": "https://my.f5.com/manage/s/article/K000140529",
"url": "https://my.f5.com/manage/s/article/K000140529"
}
],
"release_date": "2024-08-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-14T16:21:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.src",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.src",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:7619"
},
{
"category": "workaround",
"details": "Restrict publishing of audio and video to trusted users only.",
"product_ids": [
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.src",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.src",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.src",
"AppStream-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.src",
"CRB-9.4.0.Z.EUS:nginx-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-all-modules-1:1.20.1-16.el9_4.3.noarch",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-core-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-debugsource-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-filesystem-1:1.20.1-16.el9_4.3.noarch",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-devel-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-1:1.20.1-16.el9_4.3.x86_64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.aarch64",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.ppc64le",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.s390x",
"CRB-9.4.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-16.el9_4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nginx: specially crafted MP4 file may cause denial of service"
}
]
}
rhsa-2025:7546
Vulnerability from csaf_redhat
Published
2025-05-14 02:04
Modified
2025-10-28 02:03
Summary
Red Hat Security Advisory: nginx security update
Notes
Topic
An update for nginx is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.
Security Fix(es):
* nginx: Memory corruption in the ngx_http_mp4_module (CVE-2022-41741)
* nginx: Memory disclosure in the ngx_http_mp4_module (CVE-2022-41742)
* nginx: specially crafted MP4 file may cause denial of service (CVE-2024-7347)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for nginx is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. \n\nSecurity Fix(es):\n\n* nginx: Memory corruption in the ngx_http_mp4_module (CVE-2022-41741)\n\n* nginx: Memory disclosure in the ngx_http_mp4_module (CVE-2022-41742)\n\n* nginx: specially crafted MP4 file may cause denial of service (CVE-2024-7347)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:7546",
"url": "https://access.redhat.com/errata/RHSA-2025:7546"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2141495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141495"
},
{
"category": "external",
"summary": "2141496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141496"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_7546.json"
}
],
"title": "Red Hat Security Advisory: nginx security update",
"tracking": {
"current_release_date": "2025-10-28T02:03:03+00:00",
"generator": {
"date": "2025-10-28T02:03:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.10"
}
},
"id": "RHSA-2025:7546",
"initial_release_date": "2025-05-14T02:04:28+00:00",
"revision_history": [
{
"date": "2025-05-14T02:04:28+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-05-14T02:04:28+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-28T02:03:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.2::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product": {
"name": "Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.2::crb"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"product": {
"name": "nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"product_id": "nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.20.1-14.el9_2.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"product": {
"name": "nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"product_id": "nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.20.1-14.el9_2.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"product": {
"name": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"product_id": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.20.1-14.el9_2.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"product": {
"name": "nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"product_id": "nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.20.1-14.el9_2.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"product_id": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.20.1-14.el9_2.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"product": {
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"product_id": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.20.1-14.el9_2.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.20.1-14.el9_2.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"product": {
"name": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"product_id": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.20.1-14.el9_2.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"product": {
"name": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"product_id": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.20.1-14.el9_2.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-1:1.20.1-14.el9_2.3.aarch64",
"product": {
"name": "nginx-1:1.20.1-14.el9_2.3.aarch64",
"product_id": "nginx-1:1.20.1-14.el9_2.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.20.1-14.el9_2.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"product": {
"name": "nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"product_id": "nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.20.1-14.el9_2.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"product": {
"name": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"product_id": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.20.1-14.el9_2.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"product": {
"name": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"product_id": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.20.1-14.el9_2.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"product": {
"name": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"product_id": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.20.1-14.el9_2.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"product": {
"name": "nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"product_id": "nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.20.1-14.el9_2.3?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"product": {
"name": "nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"product_id": "nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.20.1-14.el9_2.3?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"product": {
"name": "nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"product_id": "nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.20.1-14.el9_2.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"product": {
"name": "nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"product_id": "nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.20.1-14.el9_2.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"product": {
"name": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"product_id": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.20.1-14.el9_2.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"product": {
"name": "nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"product_id": "nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.20.1-14.el9_2.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"product_id": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.20.1-14.el9_2.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"product": {
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"product_id": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.20.1-14.el9_2.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.20.1-14.el9_2.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"product": {
"name": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"product_id": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.20.1-14.el9_2.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"product": {
"name": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"product_id": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.20.1-14.el9_2.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-1:1.20.1-14.el9_2.3.ppc64le",
"product": {
"name": "nginx-1:1.20.1-14.el9_2.3.ppc64le",
"product_id": "nginx-1:1.20.1-14.el9_2.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.20.1-14.el9_2.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"product": {
"name": "nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"product_id": "nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.20.1-14.el9_2.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"product": {
"name": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"product_id": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.20.1-14.el9_2.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"product": {
"name": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"product_id": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.20.1-14.el9_2.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"product": {
"name": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"product_id": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.20.1-14.el9_2.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"product": {
"name": "nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"product_id": "nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.20.1-14.el9_2.3?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"product": {
"name": "nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"product_id": "nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.20.1-14.el9_2.3?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"product": {
"name": "nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"product_id": "nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.20.1-14.el9_2.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"product": {
"name": "nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"product_id": "nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.20.1-14.el9_2.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"product": {
"name": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"product_id": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.20.1-14.el9_2.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"product": {
"name": "nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"product_id": "nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.20.1-14.el9_2.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"product_id": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.20.1-14.el9_2.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"product": {
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"product_id": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.20.1-14.el9_2.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.20.1-14.el9_2.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"product": {
"name": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"product_id": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.20.1-14.el9_2.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"product": {
"name": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"product_id": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.20.1-14.el9_2.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-1:1.20.1-14.el9_2.3.x86_64",
"product": {
"name": "nginx-1:1.20.1-14.el9_2.3.x86_64",
"product_id": "nginx-1:1.20.1-14.el9_2.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.20.1-14.el9_2.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"product": {
"name": "nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"product_id": "nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.20.1-14.el9_2.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"product": {
"name": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"product_id": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.20.1-14.el9_2.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"product": {
"name": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"product_id": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.20.1-14.el9_2.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"product": {
"name": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"product_id": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.20.1-14.el9_2.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"product": {
"name": "nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"product_id": "nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.20.1-14.el9_2.3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"product": {
"name": "nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"product_id": "nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.20.1-14.el9_2.3?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"product": {
"name": "nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"product_id": "nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.20.1-14.el9_2.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"product": {
"name": "nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"product_id": "nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.20.1-14.el9_2.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"product": {
"name": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"product_id": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.20.1-14.el9_2.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"product": {
"name": "nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"product_id": "nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.20.1-14.el9_2.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"product_id": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.20.1-14.el9_2.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"product": {
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"product_id": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.20.1-14.el9_2.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.20.1-14.el9_2.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"product": {
"name": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"product_id": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.20.1-14.el9_2.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"product": {
"name": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"product_id": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.20.1-14.el9_2.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-1:1.20.1-14.el9_2.3.s390x",
"product": {
"name": "nginx-1:1.20.1-14.el9_2.3.s390x",
"product_id": "nginx-1:1.20.1-14.el9_2.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.20.1-14.el9_2.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-core-1:1.20.1-14.el9_2.3.s390x",
"product": {
"name": "nginx-core-1:1.20.1-14.el9_2.3.s390x",
"product_id": "nginx-core-1:1.20.1-14.el9_2.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.20.1-14.el9_2.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"product": {
"name": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"product_id": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.20.1-14.el9_2.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"product": {
"name": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"product_id": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.20.1-14.el9_2.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"product": {
"name": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"product_id": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.20.1-14.el9_2.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"product": {
"name": "nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"product_id": "nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.20.1-14.el9_2.3?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"product": {
"name": "nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"product_id": "nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.20.1-14.el9_2.3?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1:1.20.1-14.el9_2.3.src",
"product": {
"name": "nginx-1:1.20.1-14.el9_2.3.src",
"product_id": "nginx-1:1.20.1-14.el9_2.3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.20.1-14.el9_2.3?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"product": {
"name": "nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"product_id": "nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-all-modules@1.20.1-14.el9_2.3?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"product": {
"name": "nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"product_id": "nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-filesystem@1.20.1-14.el9_2.3?arch=noarch\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.20.1-14.el9_2.3.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.src"
},
"product_reference": "nginx-1:1.20.1-14.el9_2.3.src",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-all-modules-1:1.20.1-14.el9_2.3.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-all-modules-1:1.20.1-14.el9_2.3.noarch"
},
"product_reference": "nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-core-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-filesystem-1:1.20.1-14.el9_2.3.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-filesystem-1:1.20.1-14.el9_2.3.noarch"
},
"product_reference": "nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.20.1-14.el9_2.3.src as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.src"
},
"product_reference": "nginx-1:1.20.1-14.el9_2.3.src",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-all-modules-1:1.20.1-14.el9_2.3.noarch as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-all-modules-1:1.20.1-14.el9_2.3.noarch"
},
"product_reference": "nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-core-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-filesystem-1:1.20.1-14.el9_2.3.noarch as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-filesystem-1:1.20.1-14.el9_2.3.noarch"
},
"product_reference": "nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64"
},
"product_reference": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le"
},
"product_reference": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x"
},
"product_reference": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.2)",
"product_id": "CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64"
},
"product_reference": "nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"relates_to_product_reference": "CRB-9.2.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-41741",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2141495"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in NGINX\u0027s module, ngx_http_mp4_module. This flaw allows a local attacker to corrupt NGINX worker memory, resulting in its termination using a specially crafted audio or video file. The issue affects only NGINX products built with ngx_http_mp4_module when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger the processing of a specially crafted audio or video file with ngx_http_mp4_module.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nginx: Memory corruption in the ngx_http_mp4_module",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-787: Out-of-bounds Write vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines to apply the most restrictive settings necessary for operational requirements. Baseline configurations and system controls ensure secure software settings, while least functionality reduces the attack surface by disabling unauthorized services and ports. The environment employs IPS/IDS and antimalware solutions to detect and prevent malicious code exploiting out-of-bounds write vulnerabilities, using mechanisms such as file integrity monitoring and patch management. Robust input validation and error handling ensure all user inputs are thoroughly validated, preventing instability, data exposure, or privilege escalation. Finally, the platform uses memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) to strengthen resilience against out-of-bounds write exploits.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.src",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.src",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41741"
},
{
"category": "external",
"summary": "RHBZ#2141495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141495"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41741",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41741"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41741",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41741"
},
{
"category": "external",
"summary": "https://nginx.org/en/security_advisories.html",
"url": "https://nginx.org/en/security_advisories.html"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-14T02:04:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.src",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.src",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:7546"
},
{
"category": "workaround",
"details": "A mitigation for this vulnerability would be to disable the ngx_http_mp4_module module in your local Nginx environment.",
"product_ids": [
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.src",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.src",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.src",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.src",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nginx: Memory corruption in the ngx_http_mp4_module"
},
{
"cve": "CVE-2022-41742",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2141496"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in NGINX\u2019s module, ngx_http_mp4_module. This flaw allows a local attacker to cause a worker process crash or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products built with ngx_http_mp4_module when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger the processing of a specially crafted audio or video file with ngx_http_mp4_module.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nginx: Memory disclosure in the ngx_http_mp4_module",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-787: Out-of-bounds Write vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines to apply the most restrictive settings necessary for operational requirements. Baseline configurations and system controls ensure secure software settings, while least functionality reduces the attack surface by disabling unauthorized services and ports. The environment employs IPS/IDS and antimalware solutions to detect and prevent malicious code exploiting out-of-bounds write vulnerabilities, using mechanisms such as file integrity monitoring and patch management. Robust input validation and error handling ensure all user inputs are thoroughly validated, preventing instability, data exposure, or privilege escalation. Finally, the platform uses memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) to strengthen resilience against out-of-bounds write exploits.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.src",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.src",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41742"
},
{
"category": "external",
"summary": "RHBZ#2141496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41742",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41742"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41742",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41742"
},
{
"category": "external",
"summary": "https://nginx.org/en/security_advisories.html",
"url": "https://nginx.org/en/security_advisories.html"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-14T02:04:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.src",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.src",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:7546"
},
{
"category": "workaround",
"details": "A mitigation for this vulnerability would be to disable the ngx_http_mp4_module module in your local Nginx environment.",
"product_ids": [
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.src",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.src",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.src",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.src",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nginx: Memory disclosure in the ngx_http_mp4_module"
},
{
"cve": "CVE-2024-7347",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"discovery_date": "2024-08-14T15:23:37.876356+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2304966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the ngx_http_mp4_module module of Nginx. Processing a specially crafted MP4 file can trigger a buffer over-read and cause the nginx process to terminate, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nginx: specially crafted MP4 file may cause denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects configurations with the ngx_http_mp4_module module loaded and being used. Additionally, to exploit this flaw, an attacker must be able to send and process a specially crafted MP4 file with the ngx_http_mp4_module module.\n\nThis module can be disable via the configuration file if its functionality is not needed.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-126: Buffer Over-read vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nMemory access boundaries are enforced through secure coding practices, including bounds checking and automated detection of over-read conditions during development. Static analysis and peer reviews catch improper memory handling early, reducing the risk of vulnerabilities reaching production. Memory protection mechanisms restrict access to allocated regions at runtime, and process isolation contains memory faults within the affected workload. Additionally, a defense-in-depth monitoring strategy supports real-time detection of anomalous memory activity, enabling rapid response and limiting potential impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.src",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.src",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-7347"
},
{
"category": "external",
"summary": "RHBZ#2304966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-7347",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7347"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7347",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7347"
},
{
"category": "external",
"summary": "https://my.f5.com/manage/s/article/K000140529",
"url": "https://my.f5.com/manage/s/article/K000140529"
}
],
"release_date": "2024-08-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-14T02:04:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.src",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.src",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:7546"
},
{
"category": "workaround",
"details": "Restrict publishing of audio and video to trusted users only.",
"product_ids": [
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.src",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.src",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.src",
"AppStream-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"AppStream-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.src",
"CRB-9.2.0.Z.EUS:nginx-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-all-modules-1:1.20.1-14.el9_2.3.noarch",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-core-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-core-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-debugsource-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-filesystem-1:1.20.1-14.el9_2.3.noarch",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-devel-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-image-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-perl-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-mail-debuginfo-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-1:1.20.1-14.el9_2.3.x86_64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.aarch64",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.ppc64le",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.s390x",
"CRB-9.2.0.Z.EUS:nginx-mod-stream-debuginfo-1:1.20.1-14.el9_2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nginx: specially crafted MP4 file may cause denial of service"
}
]
}
gsd-2022-41742
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-41742",
"id": "GSD-2022-41742",
"references": [
"https://www.debian.org/security/2022/dsa-5281",
"https://advisories.mageia.org/CVE-2022-41742.html",
"https://www.suse.com/security/cve/CVE-2022-41742.html",
"https://ubuntu.com/security/CVE-2022-41742",
"https://alas.aws.amazon.com/cve/html/CVE-2022-41742.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-41742"
],
"details": "NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.",
"id": "GSD-2022-41742",
"modified": "2023-12-13T01:19:33.133680Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"DATE_PUBLIC": "2022-10-19T14:00:00.000Z",
"ID": "CVE-2022-41742",
"STATE": "PUBLIC",
"TITLE": "NGINX ngx_http_mp4_module vulnerability CVE-2022-41742"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NGINX",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Mainline",
"version_value": "1.23.2"
},
{
"version_affected": "\u003c",
"version_name": "Stable",
"version_value": "1.22.1"
}
]
}
},
{
"product_name": "NGINX Plus",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "R27",
"version_value": "R27-p1"
},
{
"version_affected": "\u003c",
"version_name": "R1",
"version_value": "R26-p1 "
}
]
}
},
{
"product_name": "NGINX Open Source Subscription",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "R2",
"version_value": "R2 P1"
},
{
"version_affected": "\u003c",
"version_name": "R1",
"version_value": "R1 P1"
}
]
}
}
]
},
"vendor_name": "F5"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787 Out-of-bounds Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/csp/article/K28112382",
"refsource": "MISC",
"url": "https://support.f5.com/csp/article/K28112382"
},
{
"name": "FEDORA-2022-b0f5bc2175",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/"
},
{
"name": "FEDORA-2022-97de53f202",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/"
},
{
"name": "FEDORA-2022-12721789aa",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/"
},
{
"name": "DSA-5281",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5281"
},
{
"name": "[debian-lts-announce] 20221122 [SECURITY] [DLA 3203-1] nginx security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20230120-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20230120-0005/"
}
]
},
"source": {
"defect": [
"NWA-1396"
],
"discovery": "EXTERNAL"
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.4.0",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.12.4",
"versionStartIncluding": "1.9.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:nginx:*:*:*:*:plus:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r27",
"versionStartIncluding": "r22",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:nginx:1.23.1:*:*:*:open_source:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:nginx:1.23.0:*:*:*:open_source:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:nginx:*:*:*:*:open_source:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.22.0",
"versionStartIncluding": "1.1.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:nginx:r2:*:*:*:open_source_subscription:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:nginx:r1:*:*:*:open_source_subscription:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"ID": "CVE-2022-41742"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/csp/article/K28112382",
"refsource": "MISC",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K28112382"
},
{
"name": "FEDORA-2022-b0f5bc2175",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/"
},
{
"name": "FEDORA-2022-97de53f202",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/"
},
{
"name": "FEDORA-2022-12721789aa",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/"
},
{
"name": "DSA-5281",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5281"
},
{
"name": "[debian-lts-announce] 20221122 [SECURITY] [DLA 3203-1] nginx security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20230120-0005/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20230120-0005/"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
},
"lastModifiedDate": "2023-02-10T17:02Z",
"publishedDate": "2022-10-19T22:15Z"
}
}
}
CERTFR-2024-AVI-0575
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | N/A | Junos OS versions 23.4 antérieures à 23.4R2 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 21.4-EVO antérieures à 21.4R2-EVO | ||
| Juniper Networks | N/A | Junos OS on QFX5000 Series and EX4600 Series versions 22.4 antérieures à 22.4R3 | ||
| Juniper Networks | N/A | Junos OS on MX Series versions 22.2 antérieures à 22.2R3-S3 | ||
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions 22.1-EVO antérieures à 22.1R3-S6-EVO | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions 22.4 antérieures à 22.4R3-S2 | ||
| Juniper Networks | N/A | Junos OS versions 23.2 antérieures à 23.2R2-S1 | ||
| Juniper Networks | N/A | Session Smart Router versions 6.2 antérieures à SSR-6.2.5-r2 | ||
| Juniper Networks | N/A | Junos OS on MX Series versions 22.1 antérieures à 22.1R3-S5 | ||
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions 22.4-EVO antérieures à 22.4R3-S2-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions 23.2-EVO antérieures à 23.2R2-EVO | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 21.4 antérieures à 21.4R3-S7 | ||
| Juniper Networks | N/A | Junos OS on MX Series with SPC3 line card versions 21.2 antérieures à 21.2R3-S8 | ||
| Juniper Networks | N/A | Junos OS versions 22.1 antérieures à 22.1R3-S6 | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.3 antérieures à 22.3R3 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 21.3-EVO antérieures à 21.3R3-S5-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 21.2-EVO antérieures à 21.2R3-S7-EVO | ||
| Juniper Networks | N/A | Junos OS versions antérieures à 20.4R3-S9 | ||
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions 23.4-EVO antérieures à 23.4R2-EVO | ||
| Juniper Networks | N/A | Junos OS versions 22.4 antérieures à 22.4R2-S2 | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions 22.2 antérieures à 22.2R3-S4 | ||
| Juniper Networks | N/A | Junos OS on MX Series versions 21.4 antérieures à 21.4R3-S6 | ||
| Juniper Networks | N/A | Junos OS on MX Series versions 22.4 antérieures à 22.4R3 | ||
| Juniper Networks | N/A | Junos OS on QFX5000 Series and EX4600 Series versions 22.3 antérieures à 22.3R3-S2 | ||
| Juniper Networks | N/A | Session Smart Router versions 6.1 antérieures à SSR-6.1.8-lts | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.4-EVO antérieures à 22.4R3-EVO | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 20.4 antérieures à 20.4R3-S10 | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.4 antérieures à 22.4R3 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 24.2-EVO antérieures à 24.2R2-EVO | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 22.4 antérieures à 22.4R3 | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.2 antérieures à 22.2R3-S1 | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 21.3 antérieures à 21.3R3-S5 | ||
| Juniper Networks | N/A | Junos OS on MX Series versions 23.2 antérieures à 23.2R2 | ||
| Juniper Networks | N/A | Junos OS on MX Series with SPC3 line card versions 22.3 antérieures à 22.3R3-S2 | ||
| Juniper Networks | N/A | Junos OS versions 21.4 antérieures à 21.4R2 | ||
| Juniper Networks | N/A | Junos OS on MX Series with SPC3 line card versions 22.2 antérieures à 22.2R3-S3 | ||
| Juniper Networks | N/A | Junos OS versions 23.4 antérieures à 23.4R1-S2 | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 22.2 antérieures à 22.2R3-S2 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.3-EVO antérieures à 22.3R3-S3-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions antérieures à 23.2R1-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions antérieures à 21.4R3-S8-EVO | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions 22.1 antérieures à 22.1R3-S6 | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 21.2 antérieures à 21.2R3-S6 | ||
| Juniper Networks | N/A | Junos OS on MX Series versions antérieures à 21.2R3-S6 | ||
| Juniper Networks | N/A | Junos OS on QFX5000 Series and EX4600 Series versions 22.2 antérieures à 22.2R3-S3 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 23.2-EVO antérieures à 23.2R1-S1-EVO | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 23.2 antérieures à 23.2R2 | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions 23.2 antérieures à 23.2R2 | ||
| Juniper Networks | N/A | Junos OS versions antérieures à 21.4R3-S8 | ||
| Juniper Networks | N/A | Junos OS Evolved versions antérieures à 22.4R3-EVO | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions 23.4 antérieures à 23.4R1-S1 | ||
| Juniper Networks | N/A | Junos OS on QFX5000 Series and EX4600 Series versions antérieures à 21.2R3-S7 | ||
| Juniper Networks | N/A | Session Smart Router versions antérieures à SSR-5.6.14 | ||
| Juniper Networks | N/A | Junos OS on QFX5000 Series and EX4600 Series versions 23.2 antérieures à 23.2R2 | ||
| Juniper Networks | N/A | Junos OS Evolved versions antérieures à 21.2R3-S8-EVO | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions antérieures à 21.2R3-S8 | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.1 antérieures à 22.1R3-S2 | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 22.3 antérieures à 22.3R3-S1 | ||
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions antérieures à 21.4R3-S7-EVO | ||
| Juniper Networks | N/A | Junos OS on QFX5000 Series and EX4600 Series versions 22.1 antérieures à 22.1R3-S5 | ||
| Juniper Networks | N/A | Junos OS on MX Series with SPC3 line card versions 21.4 antérieures à 21.4R3-S6 | ||
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions 22.3-EVO antérieures à 22.3R3-S3-EVO | ||
| Juniper Networks | N/A | Junos OS on MX Series with SPC3 line card versions 23.4 antérieures à 23.4R2 | ||
| Juniper Networks | N/A | Junos OS versions 22.3 antérieures à 22.3R1-S2 | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions 22.3 antérieures à 22.3R3-S3 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.3-EVO antérieures à 22.3R1-S1-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.4-EVO antérieures à 22.4R3-S3-EVO | ||
| Juniper Networks | N/A | Junos OS versions antérieures à 21.2R3-S8 | ||
| Juniper Networks | N/A | Junos Space versions antérieures à 24.1R1 | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 21.4 antérieures à 21.4R3-S6 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.3-EVO antérieures à 22.3R2-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 23.4-EVO antérieures à 23.4R2-EVO | ||
| Juniper Networks | N/A | Junos OS versions 22.4 antérieures à 22.4R3-S3 | ||
| Juniper Networks | N/A | Junos OS Evolved versions antérieures à 20.4R3-S10-EVO | ||
| Juniper Networks | N/A | Junos OS on MX Series with SPC3 line card versions 22.4 antérieures à 22.4R3-S1 | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.4 antérieures à 22.4R1-S2 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.4-EVO antérieures à 22.4R2-S2-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions antérieures à 21.2R3-S8-EVO | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.4 antérieures à 22.4R2 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 23.2-EVO antérieures à 23.2R2-S1-EVO | ||
| Juniper Networks | N/A | Junos OS on MX Series with SPC3 line card versions 22.1 antérieures à 22.1R3-S5 | ||
| Juniper Networks | N/A | Junos OS Evolved versions antérieures à before 22.1R3-EVO | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.3 antérieures à 22.3R2-S1 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 21.4-EVO antérieures à 21.4R3-S8-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions 22.2-EVO antérieures à 22.2R3-S4-EVO | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 22.1 antérieures à 22.1R3-S4 | ||
| Juniper Networks | N/A | Junos OS versions 21.3 antérieures à 21.3R3-S5 | ||
| Juniper Networks | N/A | Junos OS versions antérieures à 22.1R2-S2 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.1-EVO antérieures à 22.1R3-S6-EVO | ||
| Juniper Networks | N/A | Junos OS versions 22.2 antérieures à 22.2R3-S4 | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions 21.4 antérieures à 21.4R3-S7 | ||
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions 23.4-EVO antérieures à 23.4R1-S2-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions antérieures à 22.4R2-EVO | ||
| Juniper Networks | N/A | Junos OS on MX Series with SPC3 line card versions 23.2 antérieures à 23.2R2 | ||
| Juniper Networks | N/A | Junos OS versions 22.2 antérieures à 22.2R2-S1 | ||
| Juniper Networks | N/A | Junos OS versions 23.1 antérieures à 23.1R2 | ||
| Juniper Networks | N/A | Junos OS on MX Series versions 22.3 antérieures à 22.3R3-S2 | ||
| Juniper Networks | N/A | Junos OS versions 22.3 antérieures à 22.3R3-S3 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.2-EVO antérieures à 22.2R3-S4-EVO | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions antérieures à 21.2R3-S8 | ||
| Juniper Networks | N/A | Junos OS versions 22.3 antérieures à 22.3R2-S2 | ||
| Juniper Networks | N/A | Junos OS on QFX5000 Series and EX4600 Series versions 21.4 antérieures à 21.4R3-S6 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.2-EVO antérieures à 22.2R2-S1-EVO | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions 23.4 antérieures à 23.4R2 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 23.4-EVO antérieures à 23.4R1-S2-EVO |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos OS versions 23.4 ant\u00e9rieures \u00e0 23.4R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 21.4-EVO ant\u00e9rieures \u00e0 21.4R2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on QFX5000 Series and EX4600 Series versions 22.4 ant\u00e9rieures \u00e0 22.4R3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved on ACX7000 Series versions 22.1-EVO ant\u00e9rieures \u00e0 22.1R3-S6-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions 22.4 ant\u00e9rieures \u00e0 22.4R3-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 23.2 ant\u00e9rieures \u00e0 23.2R2-S1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Session Smart Router versions 6.2 ant\u00e9rieures \u00e0 SSR-6.2.5-r2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series versions 22.1 ant\u00e9rieures \u00e0 22.1R3-S5",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved on ACX7000 Series versions 22.4-EVO ant\u00e9rieures \u00e0 22.4R3-S2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved on ACX7000 Series versions 23.2-EVO ant\u00e9rieures \u00e0 23.2R2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 21.4 ant\u00e9rieures \u00e0 21.4R3-S7",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series with SPC3 line card versions 21.2 ant\u00e9rieures \u00e0 21.2R3-S8",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.1 ant\u00e9rieures \u00e0 22.1R3-S6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.3 ant\u00e9rieures \u00e0 22.3R3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 21.3-EVO ant\u00e9rieures \u00e0 21.3R3-S5-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 21.2-EVO ant\u00e9rieures \u00e0 21.2R3-S7-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 20.4R3-S9",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved on ACX7000 Series versions 23.4-EVO ant\u00e9rieures \u00e0 23.4R2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.4 ant\u00e9rieures \u00e0 22.4R2-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S4",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series versions 21.4 ant\u00e9rieures \u00e0 21.4R3-S6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series versions 22.4 ant\u00e9rieures \u00e0 22.4R3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on QFX5000 Series and EX4600 Series versions 22.3 ant\u00e9rieures \u00e0 22.3R3-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Session Smart Router versions 6.1 ant\u00e9rieures \u00e0 SSR-6.1.8-lts",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.4-EVO ant\u00e9rieures \u00e0 22.4R3-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 20.4 ant\u00e9rieures \u00e0 20.4R3-S10",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.4 ant\u00e9rieures \u00e0 22.4R3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 24.2-EVO ant\u00e9rieures \u00e0 24.2R2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 22.4 ant\u00e9rieures \u00e0 22.4R3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 21.3 ant\u00e9rieures \u00e0 21.3R3-S5",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series versions 23.2 ant\u00e9rieures \u00e0 23.2R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series with SPC3 line card versions 22.3 ant\u00e9rieures \u00e0 22.3R3-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 21.4 ant\u00e9rieures \u00e0 21.4R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series with SPC3 line card versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 23.4 ant\u00e9rieures \u00e0 23.4R1-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.3-EVO ant\u00e9rieures \u00e0 22.3R3-S3-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 23.2R1-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 21.4R3-S8-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions 22.1 ant\u00e9rieures \u00e0 22.1R3-S6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 21.2 ant\u00e9rieures \u00e0 21.2R3-S6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series versions ant\u00e9rieures \u00e0 21.2R3-S6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on QFX5000 Series and EX4600 Series versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 23.2-EVO ant\u00e9rieures \u00e0 23.2R1-S1-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 23.2 ant\u00e9rieures \u00e0 23.2R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions 23.2 ant\u00e9rieures \u00e0 23.2R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 21.4R3-S8",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 22.4R3-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions 23.4 ant\u00e9rieures \u00e0 23.4R1-S1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on QFX5000 Series and EX4600 Series versions ant\u00e9rieures \u00e0 21.2R3-S7",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Session Smart Router versions ant\u00e9rieures \u00e0 SSR-5.6.14",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on QFX5000 Series and EX4600 Series versions 23.2 ant\u00e9rieures \u00e0 23.2R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 21.2R3-S8-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions ant\u00e9rieures \u00e0 21.2R3-S8",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.1 ant\u00e9rieures \u00e0 22.1R3-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 22.3 ant\u00e9rieures \u00e0 22.3R3-S1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved on ACX7000 Series versions ant\u00e9rieures \u00e0 21.4R3-S7-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on QFX5000 Series and EX4600 Series versions 22.1 ant\u00e9rieures \u00e0 22.1R3-S5",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series with SPC3 line card versions 21.4 ant\u00e9rieures \u00e0 21.4R3-S6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved on ACX7000 Series versions 22.3-EVO ant\u00e9rieures \u00e0 22.3R3-S3-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series with SPC3 line card versions 23.4 ant\u00e9rieures \u00e0 23.4R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.3 ant\u00e9rieures \u00e0 22.3R1-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions 22.3 ant\u00e9rieures \u00e0 22.3R3-S3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.3-EVO ant\u00e9rieures \u00e0 22.3R1-S1-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.4-EVO ant\u00e9rieures \u00e0 22.4R3-S3-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 21.2R3-S8",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space versions ant\u00e9rieures \u00e0 24.1R1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 21.4 ant\u00e9rieures \u00e0 21.4R3-S6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.3-EVO ant\u00e9rieures \u00e0 22.3R2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 23.4-EVO ant\u00e9rieures \u00e0 23.4R2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.4 ant\u00e9rieures \u00e0 22.4R3-S3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 20.4R3-S10-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series with SPC3 line card versions 22.4 ant\u00e9rieures \u00e0 22.4R3-S1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.4 ant\u00e9rieures \u00e0 22.4R1-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.4-EVO ant\u00e9rieures \u00e0 22.4R2-S2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved on ACX7000 Series versions ant\u00e9rieures \u00e0 21.2R3-S8-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.4 ant\u00e9rieures \u00e0 22.4R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 23.2-EVO ant\u00e9rieures \u00e0 23.2R2-S1-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series with SPC3 line card versions 22.1 ant\u00e9rieures \u00e0 22.1R3-S5",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 before 22.1R3-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.3 ant\u00e9rieures \u00e0 22.3R2-S1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 21.4-EVO ant\u00e9rieures \u00e0 21.4R3-S8-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved on ACX7000 Series versions 22.2-EVO ant\u00e9rieures \u00e0 22.2R3-S4-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 22.1 ant\u00e9rieures \u00e0 22.1R3-S4",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 21.3 ant\u00e9rieures \u00e0 21.3R3-S5",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 22.1R2-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.1-EVO ant\u00e9rieures \u00e0 22.1R3-S6-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S4",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions 21.4 ant\u00e9rieures \u00e0 21.4R3-S7",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved on ACX7000 Series versions 23.4-EVO ant\u00e9rieures \u00e0 23.4R1-S2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 22.4R2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series with SPC3 line card versions 23.2 ant\u00e9rieures \u00e0 23.2R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.2 ant\u00e9rieures \u00e0 22.2R2-S1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 23.1 ant\u00e9rieures \u00e0 23.1R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series versions 22.3 ant\u00e9rieures \u00e0 22.3R3-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.3 ant\u00e9rieures \u00e0 22.3R3-S3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.2-EVO ant\u00e9rieures \u00e0 22.2R3-S4-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions ant\u00e9rieures \u00e0 21.2R3-S8",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.3 ant\u00e9rieures \u00e0 22.3R2-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on QFX5000 Series and EX4600 Series versions 21.4 ant\u00e9rieures \u00e0 21.4R3-S6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.2-EVO ant\u00e9rieures \u00e0 22.2R2-S1-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions 23.4 ant\u00e9rieures \u00e0 23.4R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 23.4-EVO ant\u00e9rieures \u00e0 23.4R1-S2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-39560",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39560"
},
{
"name": "CVE-2023-32435",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32435"
},
{
"name": "CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2024-39554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39554"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2024-39539",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39539"
},
{
"name": "CVE-2021-36160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36160"
},
{
"name": "CVE-2020-12401",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12401"
},
{
"name": "CVE-2024-39558",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39558"
},
{
"name": "CVE-2022-30522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30522"
},
{
"name": "CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"name": "CVE-2022-21460",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21460"
},
{
"name": "CVE-2021-31535",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31535"
},
{
"name": "CVE-2022-36760",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36760"
},
{
"name": "CVE-2021-33034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33034"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2024-39552",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39552"
},
{
"name": "CVE-2021-27290",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27290"
},
{
"name": "CVE-2019-11727",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11727"
},
{
"name": "CVE-2023-3390",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3390"
},
{
"name": "CVE-2023-4004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4004"
},
{
"name": "CVE-2021-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29469"
},
{
"name": "CVE-2023-2002",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2002"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2021-23440",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23440"
},
{
"name": "CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"name": "CVE-2020-13950",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13950"
},
{
"name": "CVE-2021-26691",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26691"
},
{
"name": "CVE-2024-39546",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39546"
},
{
"name": "CVE-2024-39540",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39540"
},
{
"name": "CVE-2018-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3737"
},
{
"name": "CVE-2024-39543",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39543"
},
{
"name": "CVE-2020-11984",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11984"
},
{
"name": "CVE-2022-22721",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22721"
},
{
"name": "CVE-2021-35624",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35624"
},
{
"name": "CVE-2023-35788",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35788"
},
{
"name": "CVE-2023-32067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32067"
},
{
"name": "CVE-2024-39514",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39514"
},
{
"name": "CVE-2022-25147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25147"
},
{
"name": "CVE-2021-35604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35604"
},
{
"name": "CVE-2021-42013",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42013"
},
{
"name": "CVE-2023-34059",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34059"
},
{
"name": "CVE-2024-39529",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39529"
},
{
"name": "CVE-2006-20001",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-20001"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2021-2385",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2385"
},
{
"name": "CVE-2022-29167",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29167"
},
{
"name": "CVE-2020-7774",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7774"
},
{
"name": "CVE-2019-10747",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10747"
},
{
"name": "CVE-2023-34058",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34058"
},
{
"name": "CVE-2011-5094",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-5094"
},
{
"name": "CVE-2019-16776",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16776"
},
{
"name": "CVE-2022-21589",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21589"
},
{
"name": "CVE-2022-25315",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
},
{
"name": "CVE-2019-10097",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10097"
},
{
"name": "CVE-2022-22822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
},
{
"name": "CVE-2023-2828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2828"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2023-4206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4206"
},
{
"name": "CVE-2022-21304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21304"
},
{
"name": "CVE-2023-3090",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3090"
},
{
"name": "CVE-2024-39536",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39536"
},
{
"name": "CVE-2024-39555",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39555"
},
{
"name": "CVE-2022-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3564"
},
{
"name": "CVE-2023-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3611"
},
{
"name": "CVE-2020-13938",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13938"
},
{
"name": "CVE-2016-10540",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10540"
},
{
"name": "CVE-2019-10082",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10082"
},
{
"name": "CVE-2023-42753",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42753"
},
{
"name": "CVE-2016-1000232",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000232"
},
{
"name": "CVE-2015-9262",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9262"
},
{
"name": "CVE-2023-32360",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32360"
},
{
"name": "CVE-2021-37713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
},
{
"name": "CVE-2021-39275",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39275"
},
{
"name": "CVE-2024-39561",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39561"
},
{
"name": "CVE-2022-21303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21303"
},
{
"name": "CVE-2019-17023",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17023"
},
{
"name": "CVE-2016-4658",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4658"
},
{
"name": "CVE-2020-35452",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35452"
},
{
"name": "CVE-2023-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4207"
},
{
"name": "CVE-2022-21617",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21617"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2022-41741",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41741"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2023-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30630"
},
{
"name": "CVE-2022-21608",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21608"
},
{
"name": "CVE-2022-2526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2526"
},
{
"name": "CVE-2023-20593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20593"
},
{
"name": "CVE-2024-39535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39535"
},
{
"name": "CVE-2024-39545",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39545"
},
{
"name": "CVE-2024-39531",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39531"
},
{
"name": "CVE-2022-41742",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41742"
},
{
"name": "CVE-2019-16777",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16777"
},
{
"name": "CVE-2021-2389",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2389"
},
{
"name": "CVE-2023-21840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21840"
},
{
"name": "CVE-2019-10081",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10081"
},
{
"name": "CVE-2020-1934",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1934"
},
{
"name": "CVE-2022-30556",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30556"
},
{
"name": "CVE-2020-8648",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8648"
},
{
"name": "CVE-2022-21270",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21270"
},
{
"name": "CVE-2023-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21963"
},
{
"name": "CVE-2022-25235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
},
{
"name": "CVE-2023-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21980"
},
{
"name": "CVE-2024-39530",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39530"
},
{
"name": "CVE-2024-39532",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39532"
},
{
"name": "CVE-2023-27522",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27522"
},
{
"name": "CVE-2024-39557",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39557"
},
{
"name": "CVE-2021-2390",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2390"
},
{
"name": "CVE-2024-39550",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39550"
},
{
"name": "CVE-2022-28615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28615"
},
{
"name": "CVE-2022-21451",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21451"
},
{
"name": "CVE-2014-10064",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-10064"
},
{
"name": "CVE-2024-39511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39511"
},
{
"name": "CVE-2022-23943",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23943"
},
{
"name": "CVE-2024-39548",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39548"
},
{
"name": "CVE-2020-11993",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11993"
},
{
"name": "CVE-2023-22652",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22652"
},
{
"name": "CVE-2024-39528",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39528"
},
{
"name": "CVE-2023-3341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3341"
},
{
"name": "CVE-2023-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22025"
},
{
"name": "CVE-2021-43527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43527"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2024-39559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39559"
},
{
"name": "CVE-2014-7191",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7191"
},
{
"name": "CVE-2021-2356",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2356"
},
{
"name": "CVE-2020-36049",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36049"
},
{
"name": "CVE-2023-4208",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4208"
},
{
"name": "CVE-2021-41524",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41524"
},
{
"name": "CVE-2022-3517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3517"
},
{
"name": "CVE-2020-12402",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12402"
},
{
"name": "CVE-2019-11719",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11719"
},
{
"name": "CVE-2021-34798",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34798"
},
{
"name": "CVE-2024-39519",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39519"
},
{
"name": "CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"name": "CVE-2019-17006",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17006"
},
{
"name": "CVE-2022-21595",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21595"
},
{
"name": "CVE-2019-16775",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16775"
},
{
"name": "CVE-2020-12403",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12403"
},
{
"name": "CVE-2023-3776",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3776"
},
{
"name": "CVE-2023-2700",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2700"
},
{
"name": "CVE-2020-7754",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7754"
},
{
"name": "CVE-2024-39533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39533"
},
{
"name": "CVE-2021-22543",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22543"
},
{
"name": "CVE-2021-33909",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33909"
},
{
"name": "CVE-2021-26690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26690"
},
{
"name": "CVE-2022-22719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22719"
},
{
"name": "CVE-2022-40674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
},
{
"name": "CVE-2022-46663",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46663"
},
{
"name": "CVE-2011-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1473"
},
{
"name": "CVE-2024-39513",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39513"
},
{
"name": "CVE-2021-3803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3803"
},
{
"name": "CVE-2022-21417",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21417"
},
{
"name": "CVE-2024-39518",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39518"
},
{
"name": "CVE-2023-37450",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37450"
},
{
"name": "CVE-2021-30641",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30641"
},
{
"name": "CVE-2021-3177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3177"
},
{
"name": "CVE-2020-7660",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7660"
},
{
"name": "CVE-2022-31813",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31813"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2019-9517",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9517"
},
{
"name": "CVE-2018-20834",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20834"
},
{
"name": "CVE-2020-12362",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12362"
},
{
"name": "CVE-2020-1927",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1927"
},
{
"name": "CVE-2022-21592",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21592"
},
{
"name": "CVE-2021-3347",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3347"
},
{
"name": "CVE-2022-25236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
},
{
"name": "CVE-2023-25690",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25690"
},
{
"name": "CVE-2021-2342",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2342"
},
{
"name": "CVE-2022-22720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22720"
},
{
"name": "CVE-2017-15010",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15010"
},
{
"name": "CVE-2019-10092",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10092"
},
{
"name": "CVE-2024-39541",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39541"
},
{
"name": "CVE-2021-44224",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44224"
},
{
"name": "CVE-2024-39537",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39537"
},
{
"name": "CVE-2022-21444",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21444"
},
{
"name": "CVE-2019-17567",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17567"
},
{
"name": "CVE-2018-7408",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7408"
},
{
"name": "CVE-2019-20149",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20149"
},
{
"name": "CVE-2024-20932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20932"
},
{
"name": "CVE-2023-35001",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35001"
},
{
"name": "CVE-2024-39551",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39551"
},
{
"name": "CVE-2023-4863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4863"
},
{
"name": "CVE-2022-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29404"
},
{
"name": "CVE-2020-14145",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14145"
},
{
"name": "CVE-2019-11756",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11756"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2024-39565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39565"
},
{
"name": "CVE-2021-31618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31618"
},
{
"name": "CVE-2022-21344",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21344"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2024-39549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39549"
},
{
"name": "CVE-2022-21367",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21367"
},
{
"name": "CVE-2021-33193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33193"
},
{
"name": "CVE-2021-41773",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41773"
},
{
"name": "CVE-2020-11668",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11668"
},
{
"name": "CVE-2022-26377",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26377"
},
{
"name": "CVE-2021-44790",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44790"
},
{
"name": "CVE-2020-9490",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9490"
},
{
"name": "CVE-2020-28502",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28502"
},
{
"name": "CVE-2024-39556",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39556"
},
{
"name": "CVE-2022-37436",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37436"
},
{
"name": "CVE-2021-33033",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33033"
},
{
"name": "CVE-2023-32439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32439"
},
{
"name": "CVE-2020-12400",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12400"
},
{
"name": "CVE-2023-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21912"
},
{
"name": "CVE-2022-28330",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28330"
},
{
"name": "CVE-2024-39542",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39542"
},
{
"name": "CVE-2022-21454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21454"
},
{
"name": "CVE-2017-1000048",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000048"
},
{
"name": "CVE-2022-21427",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21427"
},
{
"name": "CVE-2021-40438",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40438"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
},
{
"name": "CVE-2020-6829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6829"
},
{
"name": "CVE-2021-2372",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2372"
},
{
"name": "CVE-2022-21245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21245"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2019-10098",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10098"
},
{
"name": "CVE-2024-39538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39538"
},
{
"name": "CVE-2022-28614",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28614"
}
],
"initial_release_date": "2024-07-12T00:00:00",
"last_revision_date": "2024-10-15T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0575",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-07-12T00:00:00.000000"
},
{
"description": "Correction d\u0027identifiants CVE erron\u00e9s",
"revision_date": "2024-10-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper Networks",
"vendor_advisories": [
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83001",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Inconsistent-information-in-the-TE-database-can-lead-to-an-rpd-crash-CVE-2024-39541"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82976",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-The-802-1X-Authentication-Daemon-crashes-on-running-a-specific-command-CVE-2024-39511"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83027",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Session-Smart-Router-Multiple-vulnerabilities-resolved"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83021",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-SRX4600-SRX5000-Series-TCP-packets-with-SYN-FIN-or-SYN-RST-are-transferred-after-enabling-no-syn-check-with-Express-Path-CVE-2024-39561"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83018",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-specific-PIM-packet-causes-rpd-crash-when-PIM-is-configured-along-with-MoFRR-CVE-2024-39558"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82987",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-RPD-crashes-upon-concurrent-deletion-of-a-routing-instance-and-receipt-of-an-SNMP-request-CVE-2024-39528"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82982",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-MX240-MX480-MX960-platforms-using-MPC10E-Memory-leak-will-be-observed-when-subscribed-to-a-specific-subscription-on-Junos-Telemetry-Interface-CVE-2024-39518"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83012",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-MX-Series-with-SPC3-line-card-Port-flaps-causes-rtlogd-memory-leak-leading-to-Denial-of-Service-CVE-2024-39550"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83019",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-Receipt-of-a-specific-TCP-packet-may-result-in-a-system-crash-vmcore-on-dual-RE-systems-with-NSR-enabled-CVE-2024-39559"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83004",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-large-RPKI-RTR-PDU-packet-can-cause-rpd-to-crash-CVE-2024-39543"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83010",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-Receipt-of-specific-packets-in-the-aftmand-process-will-lead-to-a-memory-leak-CVE-2024-39548"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83014",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-BGP-multipath-incremental-calculation-is-resulting-in-an-rpd-crash-CVE-2024-39554"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82996",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Flaps-of-BFD-sessions-with-authentication-cause-a-ppmd-memory-leak-CVE-2024-39536"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82980",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receiving-specific-traffic-on-devices-with-EVPN-VPWS-with-IGMP-snooping-enabled-will-cause-the-rpd-to-crash-CVE-2024-39514"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83000",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-SRX-Series-and-MX-Series-with-SPC3-Specific-valid-TCP-traffic-can-cause-a-pfe-crash-CVE-2024-39540"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83008",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-Local-low-privilege-user-can-gain-root-permissions-leading-to-privilege-escalation-CVE-2024-39546"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82991",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-ACX7000-Series-Protocol-specific-DDoS-configuration-affects-other-protocols-CVE-2024-39531"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83011",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Receipt-of-malformed-BGP-path-attributes-leads-to-a-memory-leak-CVE-2024-39549"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82989",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Attempting-to-access-specific-sensors-on-platforms-not-supporting-these-will-lead-to-a-chassisd-crash-CVE-2024-39530"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82997",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-ACX7000-Series-Ports-which-have-been-inadvertently-exposed-can-be-reached-over-the-network-CVE-2024-39537"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83023",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-SRX-Series-EX-Series-J-Web-An-unauthenticated-network-based-attacker-can-perform-XPATH-injection-attack-against-a-device-CVE-2024-39565"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83026",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R1-release"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83013",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-SRX-Series-and-MX-Series-with-SPC3-and-MS-MPC-MIC-Receipt-of-specific-packets-in-H-323-ALG-causes-traffic-drop-CVE-2024-39551"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83002",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-malformed-CFM-packet-or-specific-transit-traffic-leads-to-FPC-crash-CVE-2024-39542"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83015",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-specific-malformed-BGP-update-causes-the-session-to-reset-CVE-2024-39555"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83007",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-SRX-Series-and-MX-Series-with-SPC3-and-NFX350-When-VPN-tunnels-parameters-are-not-matching-the-iked-process-will-crash-CVE-2024-39545"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82995",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-ACX7000-Series-When-specific-traffic-is-received-in-a-VPLS-scenario-evo-pfemand-crashes-CVE-2024-39535"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82993",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-QFX5000-Series-and-EX4600-Series-Output-firewall-filter-is-not-applied-if-certain-match-criteria-are-used-CVE-2024-39533"
},
{
"published_at": "2024-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA75726",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Malformed-BGP-UPDATE-causes-RPD-crash-CVE-2024-39552"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82988",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-SRX-Series-If-DNS-traceoptions-are-configured-in-a-DGA-or-tunnel-detection-scenario-specific-DNS-traffic-leads-to-a-PFE-crash-CVE-2024-39529"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83017",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-MAC-table-changes-cause-a-memory-leak-CVE-2024-39557"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82983",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-ACX-7000-Series-Multicast-traffic-is-looped-in-a-multihoming-EVPN-MPLS-scenario-CVE-2024-39519"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83020",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Memory-leak-due-to-RSVP-neighbor-persistent-error-leading-to-kernel-crash-CVE-2024-39560"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82998",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-ACX7000-Series-When-multicast-traffic-with-a-specific-S-G-is-received-evo-pfemand-crashes-CVE-2024-39538"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82999",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-MX-Series-Continuous-subscriber-logins-will-lead-to-a-memory-leak-and-eventually-an-FPC-crash-CVE-2024-39539"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83016",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Loading-a-malicious-certificate-from-the-CLI-may-result-in-a-stack-based-overflow-CVE-2024-39556"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82992",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Confidential-information-in-logs-can-be-accessed-by-another-user-CVE-2024-39532"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82978",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-Execution-of-a-specific-CLI-command-will-cause-a-crash-in-the-AFT-manager-CVE-2024-39513"
}
]
}
CERTFR-2024-AVI-0478
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | SINEC Traffic Analyzer versions antérieures à 1.2 | ||
| Siemens | N/A | SIPLUS ET 200SP CP 1543SP-1 ISEC versions antérieures à 2.3 | ||
| Siemens | N/A | SITOP UPS1600 EX 20 A Ethernet PROFINET versions antérieures à 2.5.4 | ||
| Siemens | N/A | Teamcenter Visualization 14.3 versions antérieures à 14.3.0.9 | ||
| Siemens | N/A | SITOP UPS1600 40 A Ethernet/ PROFINET versions antérieures à 2.5.4 | ||
| Siemens | N/A | PCCX26 Ax 1703 PE, Contr, Communication Element versions antérieures à 06.05 | ||
| Siemens | N/A | Tecnomatix Plant Simulation 2404 versions antérieures à 2404.0001 | ||
| Siemens | N/A | TIM 1531 IRC versions antérieures à 2.4.8 | ||
| Siemens | N/A | CPCX26 Central Processing/Communication versions antérieures à 06.02 | ||
| Siemens | N/A | SITOP UPS1600 20 A Ethernet/ PROFINET versions antérieures à 2.5.4 | ||
| Siemens | N/A | Teamcenter Visualization 2312 versions antérieures à 2312.0004 | ||
| Siemens | N/A | JT2Go versions antérieures à 2312.0004 | ||
| Siemens | N/A | les applications Mendix utilisant Mendix 10 versions antérieures à 10.11.0 | ||
| Siemens | N/A | Tecnomatix Plant Simulation 2302 versions antérieures à 2302.0012 | ||
| Siemens | N/A | SIPLUS TIM 1531 IRC versions antérieures à 2.4.8 | ||
| Siemens | N/A | ETA5 Ethernet Int. 1x100TX IEC61850 Ed.2 versions antérieures à 03.27 | ||
| Siemens | N/A | SITOP UPS1600 10 A Ethernet/ PROFINET versions antérieures à 2.5.4 | ||
| Siemens | N/A | PowerSys versions antérieures à 3.11 | ||
| Siemens | N/A | ETA4 Ethernet Interface IEC60870-5-104 versions antérieures à 10.46 | ||
| Siemens | N/A | TIA Administrator versions antérieures à 3 SP2 | ||
| Siemens | N/A | les applications Mendix utilisant Mendix 9 versions antérieures à 9.24.22 | ||
| Siemens | N/A | ST7 ScadaConnect versions antérieures à 1.1 | ||
| Siemens | N/A | SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL versions antérieures à 2.3 | ||
| Siemens | N/A | Teamcenter Visualization 14.2 toutes versions, aucun correctif n'est disponible | ||
| Siemens | N/A | les produits SCALANCE, se référer au bulletin de sécurité de l'éditeur (cf. section Documentation) | ||
| Siemens | N/A | SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL versions antérieures à 2.3 | ||
| Siemens | N/A | les applications Mendix utilisant Mendix 10.6 versions antérieures à 10.6.9 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SINEC Traffic Analyzer versions ant\u00e9rieures \u00e0 1.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS ET 200SP CP 1543SP-1 ISEC versions ant\u00e9rieures \u00e0 2.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SITOP UPS1600 EX 20 A Ethernet PROFINET versions ant\u00e9rieures \u00e0 2.5.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Teamcenter Visualization 14.3 versions ant\u00e9rieures \u00e0 14.3.0.9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SITOP UPS1600 40 A Ethernet/ PROFINET versions ant\u00e9rieures \u00e0 2.5.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "PCCX26 Ax 1703 PE, Contr, Communication Element versions ant\u00e9rieures \u00e0 06.05",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Tecnomatix Plant Simulation 2404 versions ant\u00e9rieures \u00e0 2404.0001",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIM 1531 IRC versions ant\u00e9rieures \u00e0 2.4.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "CPCX26 Central Processing/Communication versions ant\u00e9rieures \u00e0 06.02",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SITOP UPS1600 20 A Ethernet/ PROFINET versions ant\u00e9rieures \u00e0 2.5.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Teamcenter Visualization 2312 versions ant\u00e9rieures \u00e0 2312.0004",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "JT2Go versions ant\u00e9rieures \u00e0 2312.0004",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "les applications Mendix utilisant Mendix 10 versions ant\u00e9rieures \u00e0 10.11.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Tecnomatix Plant Simulation 2302 versions ant\u00e9rieures \u00e0 2302.0012",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS TIM 1531 IRC versions ant\u00e9rieures \u00e0 2.4.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "ETA5 Ethernet Int. 1x100TX IEC61850 Ed.2 versions ant\u00e9rieures \u00e0 03.27",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SITOP UPS1600 10 A Ethernet/ PROFINET versions ant\u00e9rieures \u00e0 2.5.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "PowerSys versions ant\u00e9rieures \u00e0 3.11",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "ETA4 Ethernet Interface IEC60870-5-104 versions ant\u00e9rieures \u00e0 10.46",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIA Administrator versions ant\u00e9rieures \u00e0 3 SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "les applications Mendix utilisant Mendix 9 versions ant\u00e9rieures \u00e0 9.24.22",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "ST7 ScadaConnect versions ant\u00e9rieures \u00e0 1.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL versions ant\u00e9rieures \u00e0 2.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Teamcenter Visualization 14.2 toutes versions, aucun correctif n\u0027est disponible",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "les produits SCALANCE, se r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur (cf. section Documentation)",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL versions ant\u00e9rieures \u00e0 2.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "les applications Mendix utilisant Mendix 10.6 versions ant\u00e9rieures \u00e0 10.6.9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2023-24895",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24895"
},
{
"name": "CVE-2023-49691",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49691"
},
{
"name": "CVE-2024-35207",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35207"
},
{
"name": "CVE-2023-33135",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33135"
},
{
"name": "CVE-2024-33500",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33500"
},
{
"name": "CVE-2023-35390",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35390"
},
{
"name": "CVE-2023-44317",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44317"
},
{
"name": "CVE-2024-35210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35210"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-38380",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38380"
},
{
"name": "CVE-2023-36794",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36794"
},
{
"name": "CVE-2024-36266",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36266"
},
{
"name": "CVE-2023-24897",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24897"
},
{
"name": "CVE-2022-44792",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44792"
},
{
"name": "CVE-2022-42329",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42329"
},
{
"name": "CVE-2024-35206",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35206"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-35788",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35788"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-24936",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24936"
},
{
"name": "CVE-2023-36792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36792"
},
{
"name": "CVE-2022-3643",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3643"
},
{
"name": "CVE-2022-39189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39189"
},
{
"name": "CVE-2022-46144",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46144"
},
{
"name": "CVE-2022-3435",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3435"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-26277",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26277"
},
{
"name": "CVE-2022-40225",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40225"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2023-35828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35828"
},
{
"name": "CVE-2023-36049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36049"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2022-44793",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44793"
},
{
"name": "CVE-2024-35211",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35211"
},
{
"name": "CVE-2023-33127",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33127"
},
{
"name": "CVE-2021-47178",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47178"
},
{
"name": "CVE-2022-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45919"
},
{
"name": "CVE-2023-33170",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33170"
},
{
"name": "CVE-2023-33128",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33128"
},
{
"name": "CVE-2023-41910",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41910"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2022-45886",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45886"
},
{
"name": "CVE-2022-1015",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1015"
},
{
"name": "CVE-2023-27321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27321"
},
{
"name": "CVE-2024-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-31484"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2022-41742",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41742"
},
{
"name": "CVE-2022-3545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3545"
},
{
"name": "CVE-2023-26552",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26552"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2023-0160",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0160"
},
{
"name": "CVE-2024-35212",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35212"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2023-21255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21255"
},
{
"name": "CVE-2024-26275",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26275"
},
{
"name": "CVE-2023-38180",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38180"
},
{
"name": "CVE-2023-35824",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35824"
},
{
"name": "CVE-2024-35209",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35209"
},
{
"name": "CVE-2022-42328",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42328"
},
{
"name": "CVE-2023-35823",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35823"
},
{
"name": "CVE-2023-38178",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38178"
},
{
"name": "CVE-2022-45887",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45887"
},
{
"name": "CVE-2024-0775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0775"
},
{
"name": "CVE-2023-44319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44319"
},
{
"name": "CVE-2023-32032",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32032"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2023-26554",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26554"
},
{
"name": "CVE-2023-2269",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2269"
},
{
"name": "CVE-2024-35208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35208"
},
{
"name": "CVE-2024-26276",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26276"
},
{
"name": "CVE-2023-1017",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1017"
},
{
"name": "CVE-2023-38171",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38171"
},
{
"name": "CVE-2023-28260",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28260"
},
{
"name": "CVE-2023-50763",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50763"
},
{
"name": "CVE-2022-3623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3623"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2023-29331",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29331"
},
{
"name": "CVE-2023-44374",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44374"
},
{
"name": "CVE-2023-38533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38533"
},
{
"name": "CVE-2023-35829",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35829"
},
{
"name": "CVE-2023-36038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36038"
},
{
"name": "CVE-2023-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21808"
},
{
"name": "CVE-2023-36799",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36799"
},
{
"name": "CVE-2023-36435",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36435"
},
{
"name": "CVE-2023-26553",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26553"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2023-35391",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35391"
},
{
"name": "CVE-2023-44373",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44373"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2023-36796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36796"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2024-35303",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35303"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-35292",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35292"
},
{
"name": "CVE-2023-36558",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36558"
},
{
"name": "CVE-2023-2124",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2124"
},
{
"name": "CVE-2023-33126",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33126"
},
{
"name": "CVE-2023-52474",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52474"
},
{
"name": "CVE-2023-44318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44318"
},
{
"name": "CVE-2023-36793",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36793"
}
],
"initial_release_date": "2024-06-11T00:00:00",
"last_revision_date": "2024-06-11T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0478",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-06-11T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Siemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": "2024-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-900277",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-900277.html"
},
{
"published_at": "2024-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-620338",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-620338.html"
},
{
"published_at": "2024-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-540640",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-540640.html"
},
{
"published_at": "2024-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-238730",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-238730.html"
},
{
"published_at": "2024-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-319319",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-319319.html"
},
{
"published_at": "2024-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-879734",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-879734.html"
},
{
"published_at": "2024-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-625862",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-625862.html"
},
{
"published_at": "2024-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-481506",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-481506.html"
},
{
"published_at": "2024-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-024584",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-024584.html"
},
{
"published_at": "2024-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-196737",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-196737.html"
},
{
"published_at": "2024-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-337522",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-337522.html"
},
{
"published_at": "2024-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-341067",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-341067.html"
},
{
"published_at": "2024-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-771940",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-771940.html"
},
{
"published_at": "2024-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-690517",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-690517.html"
}
]
}
CERTFR-2022-AVI-937
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits F5. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| F5 | BIG-IP | BIG-IP (all modules) versions 14.1.x antérieures à 14.1.5.2 | ||
| F5 | NGINX Plus | NGINX Plus R26 P1 ou R27 P1 | ||
| F5 | BIG-IP | BIG-IP (all modules) versions 17.0.x antérieures à 17.0.0.1 | ||
| F5 | NGINX Ingress Controller | NGINX Ingress Controller toutes versions | ||
| F5 | BIG-IP | BIG-IP (all modules) versions 16.1.x antérieures à 16.1.3.2 | ||
| F5 | NGINX | NGINX App Protect WAF versions antérieures à 3.12 | ||
| F5 | BIG-IP | BIG-IP (all modules) versions 15.1.x antérieures à 15.1.7 | ||
| F5 | NGINX | NGINX Open Source versions 1.22.x antérieures à 1.22.1 | ||
| F5 | BIG-IP | BIG-IP (all modules) versions 13.1.x antérieures à 13.1.5.1 | ||
| F5 | NGINX | NGINX Open Source versions 1.23.x antérieures à 1.23.2 | ||
| F5 | NGINX | NGINX Open Source Subscription R1 P1 ou R2 P1 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "BIG-IP (all modules) versions 14.1.x ant\u00e9rieures \u00e0 14.1.5.2",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "NGINX Plus R26 P1 ou R27 P1",
"product": {
"name": "NGINX Plus",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP (all modules) versions 17.0.x ant\u00e9rieures \u00e0 17.0.0.1",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "NGINX Ingress Controller toutes versions",
"product": {
"name": "NGINX Ingress Controller",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP (all modules) versions 16.1.x ant\u00e9rieures \u00e0 16.1.3.2",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "NGINX App Protect WAF versions ant\u00e9rieures \u00e0 3.12",
"product": {
"name": "NGINX",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP (all modules) versions 15.1.x ant\u00e9rieures \u00e0 15.1.7",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "NGINX Open Source versions 1.22.x ant\u00e9rieures \u00e0 1.22.1",
"product": {
"name": "NGINX",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP (all modules) versions 13.1.x ant\u00e9rieures \u00e0 13.1.5.1",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "NGINX Open Source versions 1.23.x ant\u00e9rieures \u00e0 1.23.2",
"product": {
"name": "NGINX",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "NGINX Open Source Subscription R1 P1 ou R2 P1",
"product": {
"name": "NGINX",
"vendor": {
"name": "F5",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-36795",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36795"
},
{
"name": "CVE-2022-41770",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41770"
},
{
"name": "CVE-2022-41787",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41787"
},
{
"name": "CVE-2022-41691",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41691"
},
{
"name": "CVE-2022-41813",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41813"
},
{
"name": "CVE-2022-41694",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41694"
},
{
"name": "CVE-2022-41741",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41741"
},
{
"name": "CVE-2022-41742",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41742"
},
{
"name": "CVE-2022-41836",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41836"
},
{
"name": "CVE-2022-41624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41624"
},
{
"name": "CVE-2022-41833",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41833"
},
{
"name": "CVE-2022-41806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41806"
},
{
"name": "CVE-2022-41617",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41617"
},
{
"name": "CVE-2022-41832",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41832"
},
{
"name": "CVE-2022-41983",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41983"
},
{
"name": "CVE-2022-41743",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41743"
}
],
"initial_release_date": "2022-10-20T00:00:00",
"last_revision_date": "2022-10-20T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 F5 K11830089 du 19 octobre 2022",
"url": "https://support.f5.com/csp/article/K11830089"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 F5 K02694732 du 19 octobre 2022",
"url": "https://support.f5.com/csp/article/K02694732"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 F5 K30425568 du 19 octobre 2022",
"url": "https://support.f5.com/csp/article/K30425568"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 F5 K28112382 du 19 octobre 2022",
"url": "https://support.f5.com/csp/article/K28112382"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 F5 K70569537 du 19 octobre 2022",
"url": "https://support.f5.com/csp/article/K70569537"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 F5 K01112063 du 19 octobre 2022",
"url": "https://support.f5.com/csp/article/K01112063"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 F5 K81926432 du 19 octobre 2022",
"url": "https://support.f5.com/csp/article/K81926432"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 F5 K27155546 du 19 octobre 2022",
"url": "https://support.f5.com/csp/article/K27155546"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 F5 K10347453 du 19 octobre 2022",
"url": "https://support.f5.com/csp/article/K10347453"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 F5 K49237345 du 19 octobre 2022",
"url": "https://support.f5.com/csp/article/K49237345"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 F5 K22505850 du 19 octobre 2022",
"url": "https://support.f5.com/csp/article/K22505850"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 F5 K24823443 du 19 octobre 2022",
"url": "https://support.f5.com/csp/article/K24823443"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 F5 K47204506 du 19 octobre 2022",
"url": "https://support.f5.com/csp/article/K47204506"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 F5 K31523465 du 19 octobre 2022",
"url": "https://support.f5.com/csp/article/K31523465"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 F5 K52494562 du 19 octobre 2022",
"url": "https://support.f5.com/csp/article/K52494562"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 F5 K43024307 du 19 octobre 2022",
"url": "https://support.f5.com/csp/article/K43024307"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 F5 K93723284 du 19 octobre 2022",
"url": "https://support.f5.com/csp/article/K93723284"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 F5 K00721320 du 19 octobre 2022",
"url": "https://support.f5.com/csp/article/K00721320"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 F5 K04712583 du 19 octobre 2022",
"url": "https://support.f5.com/csp/article/K04712583"
}
],
"reference": "CERTFR-2022-AVI-937",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-10-20T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits F5.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits F5",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 K76934290 du 19 octobre 2022",
"url": "https://support.f5.com/csp/article/K76934290"
}
]
}
CERTFR-2024-AVI-0172
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans Zimbra Collaboration. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Synacor | Zimbra Collaboration | Zimbra Collaboration Daffodil versions antérieures à 10.0.7 | ||
| Synacor | Zimbra Collaboration | Zimbra Collaboration Kepler versions antérieures à 9.0.0 Patch 39 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Zimbra Collaboration Daffodil versions ant\u00e9rieures \u00e0 10.0.7",
"product": {
"name": "Zimbra Collaboration",
"vendor": {
"name": "Synacor",
"scada": false
}
}
},
{
"description": "Zimbra Collaboration Kepler versions ant\u00e9rieures \u00e0 9.0.0 Patch 39",
"product": {
"name": "Zimbra Collaboration",
"vendor": {
"name": "Synacor",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-41741",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41741"
},
{
"name": "CVE-2022-41742",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41742"
},
{
"name": "CVE-2024-27443",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27443"
},
{
"name": "CVE-2024-27442",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27442"
}
],
"initial_release_date": "2024-02-28T00:00:00",
"last_revision_date": "2024-02-28T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0172",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-02-28T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Zimbra\nCollaboration. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Zimbra Collaboration",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Zimbra 9.0.0 du 28 f\u00e9vrier 2024",
"url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P39"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Zimbra 10.0.7 du 28 f\u00e9vrier 2024",
"url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.7"
}
]
}
CERTFR-2024-AVI-0866
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Les versions suivantes de Junos OS et Junos OS Evolved sont à paraître : 22.2R3-S5, 22.3R3-S4, 24.2R2, 24.4R1, 22.2R3-S5-EVO, 22.3R3-S4-EVO, 24.2R2-EVO et 24.4R1-EVO
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS | Junos OS versions antérieures à 21.2R3-S1, 21.2R3-S7, 21.2R3-S8, 21.3R3, 21.3R3-S1, 21.4R2, 21.4R3, 21.4R3-S6, 21.4R3-S7, 21.4R3-S8, 21.4R3-S9, 22.1R1, 22.1R2, 22.1R3-S5, 22.1R3-S6, 22.2R1-S2, 22.2R2, 22.2R3-S3, 22.2R3-S4, 22.2R3-S5, 22.3R1, 22.3R3-S2, 22.3R3-S3, 22.3R3-S4, 22.4R3, 22.4R3-S2, 22.4R3-S3, 22.4R3-S4, 23.2R1, 23.2R2, 23.2R2-S1, 23.2R2-S2, 23.4R1, 23.4R1-S2, 23.4R2, 23.4R2-S1, 24.1R1, 24.2R1, 24.2R1-S1 et 24.2R2 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions antérieures à 20.4R3-S9-EVO, 21.2R3-S7-EVO, 21.2R3-S8-EVO, 21.3R3-S5-EVO, 21.4R3-S5-EVO, 21.4R3-S7-EVO, 21.4R3-S8-EVO, 21.4R3-S9-EVO, 22.1R3-S5-EVO, 22.1R3-S6-EVO, 22.2R3-EVO, 22.2R3-S3-EVO, 22.2R3-S4-EVO, 22.3R3-EVO, 22.3R3-S2-EVO, 22.3R3-S3-EVO, 22.3R3-S4-EVO, 22.4R2-EVO, 22.4R3-EVO, 22.4R3-S1-EVO, 22.4R3-S2-EVO, 22.4R3-S3-EVO, 23.2R1-EVO, 23.2R1-S2-EVO, 23.2R2-EVO, 23.2R2-S1-EVO, 23.2R2-S2-EVO, 23.4R1-EVO, 23.4R1-S1-EVO, 23.4R1-S2-EVO, 23.4R2-EVO, 23.4R2-S1-EVO, 24.2R1-EVO, 24.2R1-EVO et 24.2R2-EVO | ||
| Juniper Networks | N/A | Junos Space 24.1R1 sans le correctif de sécurité Patch V1 et V2 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 21.2R3-S1, 21.2R3-S7, 21.2R3-S8, 21.3R3, 21.3R3-S1, 21.4R2, 21.4R3, 21.4R3-S6, 21.4R3-S7, 21.4R3-S8, 21.4R3-S9, 22.1R1, 22.1R2, 22.1R3-S5, 22.1R3-S6, 22.2R1-S2, 22.2R2, 22.2R3-S3, 22.2R3-S4, 22.2R3-S5, 22.3R1, 22.3R3-S2, 22.3R3-S3, 22.3R3-S4, 22.4R3, 22.4R3-S2, 22.4R3-S3, 22.4R3-S4, 23.2R1, 23.2R2, 23.2R2-S1, 23.2R2-S2, 23.4R1, 23.4R1-S2, 23.4R2, 23.4R2-S1, 24.1R1, 24.2R1, 24.2R1-S1 et 24.2R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 20.4R3-S9-EVO, 21.2R3-S7-EVO, 21.2R3-S8-EVO, 21.3R3-S5-EVO, 21.4R3-S5-EVO, 21.4R3-S7-EVO, 21.4R3-S8-EVO, 21.4R3-S9-EVO, 22.1R3-S5-EVO, 22.1R3-S6-EVO, 22.2R3-EVO, 22.2R3-S3-EVO, 22.2R3-S4-EVO, 22.3R3-EVO, 22.3R3-S2-EVO, 22.3R3-S3-EVO, 22.3R3-S4-EVO, 22.4R2-EVO, 22.4R3-EVO, 22.4R3-S1-EVO, 22.4R3-S2-EVO, 22.4R3-S3-EVO, 23.2R1-EVO, 23.2R1-S2-EVO, 23.2R2-EVO, 23.2R2-S1-EVO, 23.2R2-S2-EVO, 23.4R1-EVO, 23.4R1-S1-EVO, 23.4R1-S2-EVO, 23.4R2-EVO, 23.4R2-S1-EVO, 24.2R1-EVO, 24.2R1-EVO et 24.2R2-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space 24.1R1 sans le correctif de s\u00e9curit\u00e9 Patch V1 et V2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": "Les versions suivantes de Junos OS et Junos OS Evolved sont \u00e0 para\u00eetre : 22.2R3-S5, 22.3R3-S4, 24.2R2, 24.4R1, 22.2R3-S5-EVO, 22.3R3-S4-EVO, 24.2R2-EVO et 24.4R1-EVO",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2016-1247",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1247"
},
{
"name": "CVE-2024-47501",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47501"
},
{
"name": "CVE-2024-47496",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47496"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2024-47493",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47493"
},
{
"name": "CVE-2024-39515",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39515"
},
{
"name": "CVE-2021-3618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3618"
},
{
"name": "CVE-2023-31124",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31124"
},
{
"name": "CVE-2023-3823",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3823"
},
{
"name": "CVE-2023-32067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32067"
},
{
"name": "CVE-2024-39525",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39525"
},
{
"name": "CVE-2024-47498",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47498"
},
{
"name": "CVE-2016-0746",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0746"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2017-20005",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-20005"
},
{
"name": "CVE-2024-39544",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39544"
},
{
"name": "CVE-2016-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4450"
},
{
"name": "CVE-2023-0568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0568"
},
{
"name": "CVE-2024-47489",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47489"
},
{
"name": "CVE-2022-41741",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41741"
},
{
"name": "CVE-2024-47494",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47494"
},
{
"name": "CVE-2024-39534",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39534"
},
{
"name": "CVE-2024-47499",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47499"
},
{
"name": "CVE-2022-41742",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41742"
},
{
"name": "CVE-2024-39526",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39526"
},
{
"name": "CVE-2024-39547",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39547"
},
{
"name": "CVE-2023-31147",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31147"
},
{
"name": "CVE-2024-47495",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47495"
},
{
"name": "CVE-2019-20372",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20372"
},
{
"name": "CVE-2016-0747",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0747"
},
{
"name": "CVE-2021-23017",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23017"
},
{
"name": "CVE-2024-47490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47490"
},
{
"name": "CVE-2018-16845",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16845"
},
{
"name": "CVE-2024-47491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47491"
},
{
"name": "CVE-2017-7529",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7529"
},
{
"name": "CVE-2024-39527",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39527"
},
{
"name": "CVE-2024-39563",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39563"
},
{
"name": "CVE-2024-47502",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47502"
},
{
"name": "CVE-2024-39516",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39516"
},
{
"name": "CVE-2024-47503",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47503"
},
{
"name": "CVE-2023-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0567"
},
{
"name": "CVE-2024-47506",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47506"
},
{
"name": "CVE-2023-0662",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0662"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2016-0742",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0742"
},
{
"name": "CVE-2024-47504",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47504"
},
{
"name": "CVE-2023-3824",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3824"
},
{
"name": "CVE-2023-31130",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31130"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2024-47507",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47507"
},
{
"name": "CVE-2024-47497",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47497"
}
],
"initial_release_date": "2024-10-10T00:00:00",
"last_revision_date": "2024-10-10T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0866",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-10-10T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper Networks",
"vendor_advisories": [
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88112",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-in-c-ares-1-18-1"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88121",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Due-to-a-race-condition-AgentD-process-causes-a-memory-corruption-and-FPC-reset-CVE-2024-47494"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88104",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-SRX-Series-Low-privileged-user-able-to-access-sensitive-information-on-file-system-CVE-2024-39527"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88107",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Multiple-vulnerabilities-resolved-in-OpenSSL"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88105",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-Connections-to-the-network-and-broadcast-address-accepted-CVE-2024-39534"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88134",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-SRX5000-Series-Receipt-of-a-specific-malformed-packet-will-cause-a-flowd-crash-CVE-2024-47504"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88123",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-MX-Series-The-PFE-will-crash-on-running-specific-command-CVE-2024-47496"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88128",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-QFX5000-Series-Configured-MAC-learning-and-move-limits-are-not-in-effect-CVE-2024-47498"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88106",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-Low-privileged-local-user-able-to-view-NETCONF-traceoptions-files-CVE-2024-39544"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88136",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-Specific-low-privileged-CLI-commands-and-SNMP-GET-requests-can-trigger-a-resource-leak"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88110",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-Space-Remote-Command-Execution-RCE-vulnerability-in-web-application-CVE-2024-39563"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88122",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-In-a-dual-RE-scenario-a-locally-authenticated-attacker-with-shell-privileges-can-take-over-the-device-CVE-2024-47495"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88124",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-SRX-Series-QFX-Series-MX-Series-and-EX-Series-Receiving-specific-HTTPS-traffic-causes-resource-exhaustion-CVE-2024-47497"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88111",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-ACX-Series-Receipt-of-specific-transit-protocol-packets-is-incorrectly-processed-by-the-RE-CVE-2024-47489"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88108",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-cRPD-Receipt-of-crafted-TCP-traffic-can-trigger-high-CPU-utilization-CVE-2024-39547"
},
{
"published_at": "2024-10-16",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88100",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-specifically-malformed-BGP-packet-causes-RPD-crash-when-segment-routing-is-enabled-CVE-2024-39516"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88131",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-MX304-MX-with-MPC10-11-LC9600-and-EX9200-with-EX9200-15C-In-a-VPLS-or-Junos-Fusion-scenario-specific-show-commands-cause-an-FPC-crash-CVE-2024-47501"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88099",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-With-BGP-traceoptions-enabled-receipt-of-specially-crafted-BGP-update-causes-RPD-crash-CVE-2024-39515"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88135",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Multiple-vulnerabilities-in-OSS-component-nginx-resolved"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88102",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-BGP-nexthop-traceoptions-is-enabled-receipt-of-specially-crafted-BGP-packet-causes-RPD-crash-CVE-2024-39525"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88116",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-specific-malformed-BGP-path-attribute-leads-to-an-RPD-crash-CVE-2024-47491"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88097",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-Space-OS-command-injection-vulnerability-in-OpenSSH-CVE-2023-51385"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88133",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-SRX4600-and-SRX5000-Series-Sequence-of-specific-PIM-packets-causes-a-flowd-crash-CVE-2024-47503"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88137",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-SRX-Series-A-large-amount-of-traffic-being-processed-by-ATP-Cloud-can-lead-to-a-PFE-crash-CVE-2024-47506"
},
{
"published_at": "2024-10-15",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88119",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-SRX5K-SRX4600-and-MX-Series-Trio-based-FPCs-Continuous-physical-interface-flaps-causes-local-FPC-to-crash-CVE-2024-47493"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88103",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-MX-Series-with-MPC10-MPC11-LC9600-MX304-EX9200-PTX-Series-Receipt-of-malformed-DHCP-packets-causes-interfaces-to-stop-processing-packets-CVE-2024-39526"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88138",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-BGP-update-message-containing-aggregator-attribute-with-an-ASN-value-of-zero-0-is-accepted-CVE-2024-47507"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88129",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-BMP-scenario-receipt-of-a-malformed-AS-PATH-attribute-can-cause-an-RPD-core-CVE-2024-47499"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88115",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-ACX-7000-Series-Receipt-of-specific-transit-MPLS-packets-causes-resources-to-be-exhausted-CVE-2024-47490"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88120",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-J-Web-Multiple-vulnerabilities-resolved-in-PHP-software"
},
{
"published_at": "2024-10-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA88132",
"url": "https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-TCP-session-state-is-not-always-cleared-on-the-Routing-Engine-CVE-2024-47502"
}
]
}
ncsc-2024-0246
Vulnerability from csaf_ncscnl
Published
2024-06-11 13:29
Modified
2024-06-11 13:29
Summary
Kwetsbaarheden verholpen in Siemens producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Siemens heeft kwetsbaarheden verholpen in diverse producten, zoals SCALANCE, SICAM, Tecnomatix, SITOP en PowerSys.
Interpretaties
De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipulatie van gegevens
- Omzeilen van beveiligingsmaatregel
- (Remote) code execution (Administrator/Root rechten)
- (Remote) code execution (Gebruikersrechten)
- Toegang tot systeemgegevens
- Verhoogde gebruikersrechten
De kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.
Oplossingen
Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-121
Stack-based Buffer Overflow
CWE-122
Heap-based Buffer Overflow
CWE-1220
Insufficient Granularity of Access Control
CWE-123
Write-what-where Condition
CWE-125
Out-of-bounds Read
CWE-1333
Inefficient Regular Expression Complexity
CWE-170
Improper Null Termination
CWE-190
Integer Overflow or Wraparound
CWE-191
Integer Underflow (Wrap or Wraparound)
CWE-20
Improper Input Validation
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-269
Improper Privilege Management
CWE-287
Improper Authentication
CWE-295
Improper Certificate Validation
CWE-311
Missing Encryption of Sensitive Data
CWE-319
Cleartext Transmission of Sensitive Information
CWE-321
Use of Hard-coded Cryptographic Key
CWE-325
Missing Cryptographic Step
CWE-326
Inadequate Encryption Strength
CWE-328
Use of Weak Hash
CWE-330
Use of Insufficiently Random Values
CWE-349
Acceptance of Extraneous Untrusted Data With Trusted Data
CWE-352
Cross-Site Request Forgery (CSRF)
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-379
Creation of Temporary File in Directory with Insecure Permissions
CWE-400
Uncontrolled Resource Consumption
CWE-401
Missing Release of Memory after Effective Lifetime
CWE-404
Improper Resource Shutdown or Release
CWE-415
Double Free
CWE-416
Use After Free
CWE-476
NULL Pointer Dereference
CWE-522
Insufficiently Protected Credentials
CWE-567
Unsynchronized Access to Shared Data in a Multithreaded Context
CWE-613
Insufficient Session Expiration
CWE-614
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
CWE-664
Improper Control of a Resource Through its Lifetime
CWE-667
Improper Locking
CWE-704
Incorrect Type Conversion or Cast
CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-749
Exposed Dangerous Method or Function
CWE-754
Improper Check for Unusual or Exceptional Conditions
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-787
Out-of-bounds Write
CWE-833
Deadlock
CWE-834
Excessive Iteration
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-94
Improper Control of Generation of Code ('Code Injection')
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Siemens heeft kwetsbaarheden verholpen in diverse producten, zoals SCALANCE, SICAM, Tecnomatix, SITOP en PowerSys.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipulatie van gegevens\n- Omzeilen van beveiligingsmaatregel\n- (Remote) code execution (Administrator/Root rechten)\n- (Remote) code execution (Gebruikersrechten)\n- Toegang tot systeemgegevens\n- Verhoogde gebruikersrechten\n\nDe kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.\n",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico\u0027s zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "general",
"text": "Insufficient Granularity of Access Control",
"title": "CWE-1220"
},
{
"category": "general",
"text": "Write-what-where Condition",
"title": "CWE-123"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "general",
"text": "Improper Null Termination",
"title": "CWE-170"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "Integer Underflow (Wrap or Wraparound)",
"title": "CWE-191"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Improper Privilege Management",
"title": "CWE-269"
},
{
"category": "general",
"text": "Improper Authentication",
"title": "CWE-287"
},
{
"category": "general",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "general",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "general",
"text": "Cleartext Transmission of Sensitive Information",
"title": "CWE-319"
},
{
"category": "general",
"text": "Use of Hard-coded Cryptographic Key",
"title": "CWE-321"
},
{
"category": "general",
"text": "Missing Cryptographic Step",
"title": "CWE-325"
},
{
"category": "general",
"text": "Inadequate Encryption Strength",
"title": "CWE-326"
},
{
"category": "general",
"text": "Use of Weak Hash",
"title": "CWE-328"
},
{
"category": "general",
"text": "Use of Insufficiently Random Values",
"title": "CWE-330"
},
{
"category": "general",
"text": "Acceptance of Extraneous Untrusted Data With Trusted Data",
"title": "CWE-349"
},
{
"category": "general",
"text": "Cross-Site Request Forgery (CSRF)",
"title": "CWE-352"
},
{
"category": "general",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "general",
"text": "Creation of Temporary File in Directory with Insecure Permissions",
"title": "CWE-379"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Double Free",
"title": "CWE-415"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Insufficiently Protected Credentials",
"title": "CWE-522"
},
{
"category": "general",
"text": "Unsynchronized Access to Shared Data in a Multithreaded Context",
"title": "CWE-567"
},
{
"category": "general",
"text": "Insufficient Session Expiration",
"title": "CWE-613"
},
{
"category": "general",
"text": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute",
"title": "CWE-614"
},
{
"category": "general",
"text": "Improper Control of a Resource Through its Lifetime",
"title": "CWE-664"
},
{
"category": "general",
"text": "Improper Locking",
"title": "CWE-667"
},
{
"category": "general",
"text": "Incorrect Type Conversion or Cast",
"title": "CWE-704"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"title": "CWE-74"
},
{
"category": "general",
"text": "Exposed Dangerous Method or Function",
"title": "CWE-749"
},
{
"category": "general",
"text": "Improper Check for Unusual or Exceptional Conditions",
"title": "CWE-754"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Deadlock",
"title": "CWE-833"
},
{
"category": "general",
"text": "Excessive Iteration",
"title": "CWE-834"
},
{
"category": "general",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-024584.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-196737.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-238730.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-319319.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-337522.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-341067.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-481506.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-540640.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-620338.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-625862.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-690517.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-879734.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-900277.pdf"
}
],
"title": "Kwetsbaarheden verholpen in Siemens producten",
"tracking": {
"current_release_date": "2024-06-11T13:29:25.912614Z",
"id": "NCSC-2024-0246",
"initial_release_date": "2024-06-11T13:29:25.912614Z",
"revision_history": [
{
"date": "2024-06-11T13:29:25.912614Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "mendix",
"product": {
"name": "mendix",
"product_id": "CSAFPID-538452",
"product_identification_helper": {
"cpe": "cpe:2.3:a:siemens:mendix:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "simatic",
"product": {
"name": "simatic",
"product_id": "CSAFPID-166121",
"product_identification_helper": {
"cpe": "cpe:2.3:a:siemens:simatic:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sinec-nms",
"product": {
"name": "sinec-nms",
"product_id": "CSAFPID-163798",
"product_identification_helper": {
"cpe": "cpe:2.3:a:siemens:sinec-nms:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "tecnomatix_plant_simulation",
"product": {
"name": "tecnomatix_plant_simulation",
"product_id": "CSAFPID-166120",
"product_identification_helper": {
"cpe": "cpe:2.3:a:siemens:tecnomatix_plant_simulation:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "tia_administrator",
"product": {
"name": "tia_administrator",
"product_id": "CSAFPID-766096",
"product_identification_helper": {
"cpe": "cpe:2.3:a:siemens:tia_administrator:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "scalance_w700",
"product": {
"name": "scalance_w700",
"product_id": "CSAFPID-1009262",
"product_identification_helper": {
"cpe": "cpe:2.3:h:siemens:scalance_w700:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "scalance_xm-400",
"product": {
"name": "scalance_xm-400",
"product_id": "CSAFPID-1014214",
"product_identification_helper": {
"cpe": "cpe:2.3:h:siemens:scalance_xm-400:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "scalance_xr-500",
"product": {
"name": "scalance_xr-500",
"product_id": "CSAFPID-1014213",
"product_identification_helper": {
"cpe": "cpe:2.3:h:siemens:scalance_xr-500:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sicam_ak_3",
"product": {
"name": "sicam_ak_3",
"product_id": "CSAFPID-1007975",
"product_identification_helper": {
"cpe": "cpe:2.3:h:siemens:sicam_ak_3:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sicam_bc",
"product": {
"name": "sicam_bc",
"product_id": "CSAFPID-1007979",
"product_identification_helper": {
"cpe": "cpe:2.3:h:siemens:sicam_bc:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sicam_tm",
"product": {
"name": "sicam_tm",
"product_id": "CSAFPID-1007978",
"product_identification_helper": {
"cpe": "cpe:2.3:h:siemens:sicam_tm:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "siplus_tim_1531_irc",
"product": {
"name": "siplus_tim_1531_irc",
"product_id": "CSAFPID-1326635",
"product_identification_helper": {
"cpe": "cpe:2.3:h:siemens:siplus_tim_1531_irc:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sitop_ups1600",
"product": {
"name": "sitop_ups1600",
"product_id": "CSAFPID-1037908",
"product_identification_helper": {
"cpe": "cpe:2.3:h:siemens:sitop_ups1600:-:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-28319",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-28319",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28319.json"
}
],
"title": "CVE-2023-28319"
},
{
"cve": "CVE-2023-28484",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-28484",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28484.json"
}
],
"title": "CVE-2023-28484"
},
{
"cve": "CVE-2023-29331",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-29331",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29331.json"
}
],
"title": "CVE-2023-29331"
},
{
"cve": "CVE-2023-29469",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Double Free",
"title": "CWE-415"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-29469",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29469.json"
}
],
"title": "CVE-2023-29469"
},
{
"cve": "CVE-2023-32032",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-32032",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-32032.json"
}
],
"title": "CVE-2023-32032"
},
{
"cve": "CVE-2023-33126",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-33126",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33126.json"
}
],
"title": "CVE-2023-33126"
},
{
"cve": "CVE-2023-33127",
"cwe": {
"id": "CWE-1220",
"name": "Insufficient Granularity of Access Control"
},
"notes": [
{
"category": "other",
"text": "Insufficient Granularity of Access Control",
"title": "CWE-1220"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-33127",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33127.json"
}
],
"title": "CVE-2023-33127"
},
{
"cve": "CVE-2023-33128",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-33128",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33128.json"
}
],
"title": "CVE-2023-33128"
},
{
"cve": "CVE-2023-33135",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-33135",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33135.json"
}
],
"title": "CVE-2023-33135"
},
{
"cve": "CVE-2023-33170",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-33170",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33170.json"
}
],
"title": "CVE-2023-33170"
},
{
"cve": "CVE-2023-35390",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-35390",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-35390.json"
}
],
"title": "CVE-2023-35390"
},
{
"cve": "CVE-2023-35391",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-35391",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-35391.json"
}
],
"title": "CVE-2023-35391"
},
{
"cve": "CVE-2023-35788",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-35788",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-35788.json"
}
],
"title": "CVE-2023-35788"
},
{
"cve": "CVE-2023-35823",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-35823",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-35823.json"
}
],
"title": "CVE-2023-35823"
},
{
"cve": "CVE-2023-35824",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-35824",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-35824.json"
}
],
"title": "CVE-2023-35824"
},
{
"cve": "CVE-2023-35828",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-35828",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-35828.json"
}
],
"title": "CVE-2023-35828"
},
{
"cve": "CVE-2023-35829",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-35829",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-35829.json"
}
],
"title": "CVE-2023-35829"
},
{
"cve": "CVE-2023-36038",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36038",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36038.json"
}
],
"title": "CVE-2023-36038"
},
{
"cve": "CVE-2023-36049",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36049",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36049.json"
}
],
"title": "CVE-2023-36049"
},
{
"cve": "CVE-2023-36435",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36435",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36435.json"
}
],
"title": "CVE-2023-36435"
},
{
"cve": "CVE-2023-36558",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36558",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36558.json"
}
],
"title": "CVE-2023-36558"
},
{
"cve": "CVE-2023-36792",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36792",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36792.json"
}
],
"title": "CVE-2023-36792"
},
{
"cve": "CVE-2023-36793",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36793",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36793.json"
}
],
"title": "CVE-2023-36793"
},
{
"cve": "CVE-2023-36794",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "other",
"text": "Integer Underflow (Wrap or Wraparound)",
"title": "CWE-191"
},
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36794",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36794.json"
}
],
"title": "CVE-2023-36794"
},
{
"cve": "CVE-2023-36796",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "other",
"text": "Integer Underflow (Wrap or Wraparound)",
"title": "CWE-191"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36796",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36796.json"
}
],
"title": "CVE-2023-36796"
},
{
"cve": "CVE-2023-36799",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36799",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36799.json"
}
],
"title": "CVE-2023-36799"
},
{
"cve": "CVE-2023-38171",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-38171",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38171.json"
}
],
"title": "CVE-2023-38171"
},
{
"cve": "CVE-2023-38178",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-38178",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38178.json"
}
],
"title": "CVE-2023-38178"
},
{
"cve": "CVE-2023-38180",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-38180",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38180.json"
}
],
"title": "CVE-2023-38180"
},
{
"cve": "CVE-2023-38380",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "other",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-38380",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38380.json"
}
],
"title": "CVE-2023-38380"
},
{
"cve": "CVE-2023-38533",
"cwe": {
"id": "CWE-379",
"name": "Creation of Temporary File in Directory with Insecure Permissions"
},
"notes": [
{
"category": "other",
"text": "Creation of Temporary File in Directory with Insecure Permissions",
"title": "CWE-379"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-38533",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38533.json"
}
],
"title": "CVE-2023-38533"
},
{
"cve": "CVE-2023-39615",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-39615",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39615.json"
}
],
"title": "CVE-2023-39615"
},
{
"cve": "CVE-2023-41910",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-41910",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-41910.json"
}
],
"title": "CVE-2023-41910"
},
{
"cve": "CVE-2023-44317",
"cwe": {
"id": "CWE-349",
"name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
},
"notes": [
{
"category": "other",
"text": "Acceptance of Extraneous Untrusted Data With Trusted Data",
"title": "CWE-349"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-44317",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44317.json"
}
],
"title": "CVE-2023-44317"
},
{
"cve": "CVE-2023-44318",
"cwe": {
"id": "CWE-321",
"name": "Use of Hard-coded Cryptographic Key"
},
"notes": [
{
"category": "other",
"text": "Use of Hard-coded Cryptographic Key",
"title": "CWE-321"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-44318",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44318.json"
}
],
"title": "CVE-2023-44318"
},
{
"cve": "CVE-2023-44319",
"cwe": {
"id": "CWE-328",
"name": "Use of Weak Hash"
},
"notes": [
{
"category": "other",
"text": "Use of Weak Hash",
"title": "CWE-328"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-44319",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44319.json"
}
],
"title": "CVE-2023-44319"
},
{
"cve": "CVE-2023-44373",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"title": "CWE-74"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-44373",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44373.json"
}
],
"title": "CVE-2023-44373"
},
{
"cve": "CVE-2023-44374",
"cwe": {
"id": "CWE-567",
"name": "Unsynchronized Access to Shared Data in a Multithreaded Context"
},
"notes": [
{
"category": "other",
"text": "Unsynchronized Access to Shared Data in a Multithreaded Context",
"title": "CWE-567"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-44374",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44374.json"
}
],
"title": "CVE-2023-44374"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-44487",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json"
}
],
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-49691",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-49691",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49691.json"
}
],
"title": "CVE-2023-49691"
},
{
"cve": "CVE-2023-50763",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-50763",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-50763.json"
}
],
"title": "CVE-2023-50763"
},
{
"cve": "CVE-2023-52474",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-52474",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52474.json"
}
],
"title": "CVE-2023-52474"
},
{
"cve": "CVE-2024-0775",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-0775",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0775.json"
}
],
"title": "CVE-2024-0775"
},
{
"cve": "CVE-2024-31484",
"cwe": {
"id": "CWE-170",
"name": "Improper Null Termination"
},
"notes": [
{
"category": "other",
"text": "Improper Null Termination",
"title": "CWE-170"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-31484",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31484.json"
}
],
"title": "CVE-2024-31484"
},
{
"cve": "CVE-2024-33500",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"notes": [
{
"category": "other",
"text": "Improper Privilege Management",
"title": "CWE-269"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-33500",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33500.json"
}
],
"title": "CVE-2024-33500"
},
{
"cve": "CVE-2024-35206",
"cwe": {
"id": "CWE-613",
"name": "Insufficient Session Expiration"
},
"notes": [
{
"category": "other",
"text": "Insufficient Session Expiration",
"title": "CWE-613"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-35206",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35206.json"
}
],
"title": "CVE-2024-35206"
},
{
"cve": "CVE-2024-35207",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"notes": [
{
"category": "other",
"text": "Cross-Site Request Forgery (CSRF)",
"title": "CWE-352"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-35207",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35207.json"
}
],
"title": "CVE-2024-35207"
},
{
"cve": "CVE-2024-35208",
"cwe": {
"id": "CWE-522",
"name": "Insufficiently Protected Credentials"
},
"notes": [
{
"category": "other",
"text": "Insufficiently Protected Credentials",
"title": "CWE-522"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-35208",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35208.json"
}
],
"title": "CVE-2024-35208"
},
{
"cve": "CVE-2024-35209",
"cwe": {
"id": "CWE-749",
"name": "Exposed Dangerous Method or Function"
},
"notes": [
{
"category": "other",
"text": "Exposed Dangerous Method or Function",
"title": "CWE-749"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-35209",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35209.json"
}
],
"title": "CVE-2024-35209"
},
{
"cve": "CVE-2024-35210",
"cwe": {
"id": "CWE-319",
"name": "Cleartext Transmission of Sensitive Information"
},
"notes": [
{
"category": "other",
"text": "Cleartext Transmission of Sensitive Information",
"title": "CWE-319"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-35210",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35210.json"
}
],
"title": "CVE-2024-35210"
},
{
"cve": "CVE-2024-35211",
"cwe": {
"id": "CWE-614",
"name": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute"
},
"notes": [
{
"category": "other",
"text": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute",
"title": "CWE-614"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-35211",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35211.json"
}
],
"title": "CVE-2024-35211"
},
{
"cve": "CVE-2024-35212",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-35212",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35212.json"
}
],
"title": "CVE-2024-35212"
},
{
"cve": "CVE-2024-35292",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "other",
"text": "Use of Insufficiently Random Values",
"title": "CWE-330"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-35292",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35292.json"
}
],
"title": "CVE-2024-35292"
},
{
"cve": "CVE-2024-35303",
"cwe": {
"id": "CWE-704",
"name": "Incorrect Type Conversion or Cast"
},
"notes": [
{
"category": "other",
"text": "Incorrect Type Conversion or Cast",
"title": "CWE-704"
}
],
"product_status": {
"known_affected": [
"CSAFPID-166120"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-35303",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35303.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-166120"
]
}
],
"title": "CVE-2024-35303"
},
{
"cve": "CVE-2024-36266",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "other",
"text": "Improper Authentication",
"title": "CWE-287"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-36266",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36266.json"
}
],
"title": "CVE-2024-36266"
},
{
"cve": "CVE-2021-47178",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2021-47178",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-47178.json"
}
],
"title": "CVE-2021-47178"
},
{
"cve": "CVE-2022-1015",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-1015",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-1015.json"
}
],
"title": "CVE-2022-1015"
},
{
"cve": "CVE-2022-2097",
"cwe": {
"id": "CWE-326",
"name": "Inadequate Encryption Strength"
},
"notes": [
{
"category": "other",
"text": "Inadequate Encryption Strength",
"title": "CWE-326"
},
{
"category": "other",
"text": "Missing Cryptographic Step",
"title": "CWE-325"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-2097",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-2097.json"
}
],
"title": "CVE-2022-2097"
},
{
"cve": "CVE-2022-3435",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-3435",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-3435.json"
}
],
"title": "CVE-2022-3435"
},
{
"cve": "CVE-2022-3545",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-3545",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-3545.json"
}
],
"title": "CVE-2022-3545"
},
{
"cve": "CVE-2022-3623",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"notes": [
{
"category": "other",
"text": "Write-what-where Condition",
"title": "CWE-123"
},
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-3623",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-3623.json"
}
],
"title": "CVE-2022-3623"
},
{
"cve": "CVE-2022-3643",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"title": "CWE-74"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-3643",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-3643.json"
}
],
"title": "CVE-2022-3643"
},
{
"cve": "CVE-2022-4304",
"cwe": {
"id": "CWE-326",
"name": "Inadequate Encryption Strength"
},
"notes": [
{
"category": "other",
"text": "Inadequate Encryption Strength",
"title": "CWE-326"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-4304",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-4304.json"
}
],
"title": "CVE-2022-4304"
},
{
"cve": "CVE-2022-4450",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "other",
"text": "Double Free",
"title": "CWE-415"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-4450",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-4450.json"
}
],
"title": "CVE-2022-4450"
},
{
"cve": "CVE-2022-36323",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"title": "CWE-74"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-36323",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36323.json"
}
],
"title": "CVE-2022-36323"
},
{
"cve": "CVE-2022-39189",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-39189",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-39189.json"
}
],
"title": "CVE-2022-39189"
},
{
"cve": "CVE-2022-40225",
"cwe": {
"id": "CWE-681",
"name": "Incorrect Conversion between Numeric Types"
},
"notes": [
{
"category": "other",
"text": "Incorrect Conversion between Numeric Types",
"title": "CWE-681"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-40225",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40225.json"
}
],
"title": "CVE-2022-40225"
},
{
"cve": "CVE-2022-40303",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-40303",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40303.json"
}
],
"title": "CVE-2022-40303"
},
{
"cve": "CVE-2022-40304",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "other",
"text": "Double Free",
"title": "CWE-415"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-40304",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40304.json"
}
],
"title": "CVE-2022-40304"
},
{
"cve": "CVE-2022-41742",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-41742",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-41742.json"
}
],
"title": "CVE-2022-41742"
},
{
"cve": "CVE-2022-42328",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "other",
"text": "Improper Locking",
"title": "CWE-667"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-42328",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42328.json"
}
],
"title": "CVE-2022-42328"
},
{
"cve": "CVE-2022-42329",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "other",
"text": "Improper Locking",
"title": "CWE-667"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-42329",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42329.json"
}
],
"title": "CVE-2022-42329"
},
{
"cve": "CVE-2022-44792",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-44792",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-44792.json"
}
],
"title": "CVE-2022-44792"
},
{
"cve": "CVE-2022-44793",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-44793",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-44793.json"
}
],
"title": "CVE-2022-44793"
},
{
"cve": "CVE-2022-45886",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-45886",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-45886.json"
}
],
"title": "CVE-2022-45886"
},
{
"cve": "CVE-2022-45887",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "other",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
},
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-45887",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-45887.json"
}
],
"title": "CVE-2022-45887"
},
{
"cve": "CVE-2022-45919",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-45919",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-45919.json"
}
],
"title": "CVE-2022-45919"
},
{
"cve": "CVE-2022-46144",
"cwe": {
"id": "CWE-664",
"name": "Improper Control of a Resource Through its Lifetime"
},
"notes": [
{
"category": "other",
"text": "Improper Control of a Resource Through its Lifetime",
"title": "CWE-664"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-46144",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-46144.json"
}
],
"title": "CVE-2022-46144"
},
{
"cve": "CVE-2023-0160",
"cwe": {
"id": "CWE-833",
"name": "Deadlock"
},
"notes": [
{
"category": "other",
"text": "Deadlock",
"title": "CWE-833"
},
{
"category": "other",
"text": "Improper Locking",
"title": "CWE-667"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-0160",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-0160.json"
}
],
"title": "CVE-2023-0160"
},
{
"cve": "CVE-2023-0215",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-0215",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-0215.json"
}
],
"title": "CVE-2023-0215"
},
{
"cve": "CVE-2023-0286",
"cwe": {
"id": "CWE-704",
"name": "Incorrect Type Conversion or Cast"
},
"notes": [
{
"category": "other",
"text": "Incorrect Type Conversion or Cast",
"title": "CWE-704"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-0286",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-0286.json"
}
],
"title": "CVE-2023-0286"
},
{
"cve": "CVE-2023-0464",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-0464",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-0464.json"
}
],
"title": "CVE-2023-0464"
},
{
"cve": "CVE-2023-0465",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Certificate Validation",
"title": "CWE-295"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-0465",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-0465.json"
}
],
"title": "CVE-2023-0465"
},
{
"cve": "CVE-2023-0466",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Certificate Validation",
"title": "CWE-295"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-0466",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-0466.json"
}
],
"title": "CVE-2023-0466"
},
{
"cve": "CVE-2023-1017",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-1017",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-1017.json"
}
],
"title": "CVE-2023-1017"
},
{
"cve": "CVE-2023-2124",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-2124",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2124.json"
}
],
"title": "CVE-2023-2124"
},
{
"cve": "CVE-2023-2269",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "other",
"text": "Improper Locking",
"title": "CWE-667"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-2269",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2269.json"
}
],
"title": "CVE-2023-2269"
},
{
"cve": "CVE-2023-3446",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-3446",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-3446.json"
}
],
"title": "CVE-2023-3446"
},
{
"cve": "CVE-2023-3817",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Excessive Iteration",
"title": "CWE-834"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-3817",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-3817.json"
}
],
"title": "CVE-2023-3817"
},
{
"cve": "CVE-2023-5678",
"cwe": {
"id": "CWE-754",
"name": "Improper Check for Unusual or Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Check for Unusual or Exceptional Conditions",
"title": "CWE-754"
},
{
"category": "other",
"text": "Missing Cryptographic Step",
"title": "CWE-325"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-5678",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5678.json"
}
],
"title": "CVE-2023-5678"
},
{
"cve": "CVE-2023-21255",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-21255",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-21255.json"
}
],
"title": "CVE-2023-21255"
},
{
"cve": "CVE-2023-21808",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-21808",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-21808.json"
}
],
"title": "CVE-2023-21808"
},
{
"cve": "CVE-2023-24895",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-24895",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-24895.json"
}
],
"title": "CVE-2023-24895"
},
{
"cve": "CVE-2023-24897",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-24897",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-24897.json"
}
],
"title": "CVE-2023-24897"
},
{
"cve": "CVE-2023-24936",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-24936",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-24936.json"
}
],
"title": "CVE-2023-24936"
},
{
"cve": "CVE-2023-26552",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-26552",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26552.json"
}
],
"title": "CVE-2023-26552"
},
{
"cve": "CVE-2023-26553",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-26553",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26553.json"
}
],
"title": "CVE-2023-26553"
},
{
"cve": "CVE-2023-26554",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-26554",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26554.json"
}
],
"title": "CVE-2023-26554"
},
{
"cve": "CVE-2023-27321",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-27321",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-27321.json"
}
],
"title": "CVE-2023-27321"
},
{
"cve": "CVE-2023-28260",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-28260",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28260.json"
}
],
"title": "CVE-2023-28260"
}
]
}
NCSC-2024-0246
Vulnerability from csaf_ncscnl
Published
2024-06-11 13:29
Modified
2024-06-11 13:29
Summary
Kwetsbaarheden verholpen in Siemens producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Siemens heeft kwetsbaarheden verholpen in diverse producten, zoals SCALANCE, SICAM, Tecnomatix, SITOP en PowerSys.
Interpretaties
De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipulatie van gegevens
- Omzeilen van beveiligingsmaatregel
- (Remote) code execution (Administrator/Root rechten)
- (Remote) code execution (Gebruikersrechten)
- Toegang tot systeemgegevens
- Verhoogde gebruikersrechten
De kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.
Oplossingen
Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-121
Stack-based Buffer Overflow
CWE-122
Heap-based Buffer Overflow
CWE-1220
Insufficient Granularity of Access Control
CWE-123
Write-what-where Condition
CWE-125
Out-of-bounds Read
CWE-1333
Inefficient Regular Expression Complexity
CWE-170
Improper Null Termination
CWE-190
Integer Overflow or Wraparound
CWE-191
Integer Underflow (Wrap or Wraparound)
CWE-20
Improper Input Validation
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-269
Improper Privilege Management
CWE-287
Improper Authentication
CWE-295
Improper Certificate Validation
CWE-311
Missing Encryption of Sensitive Data
CWE-319
Cleartext Transmission of Sensitive Information
CWE-321
Use of Hard-coded Cryptographic Key
CWE-325
Missing Cryptographic Step
CWE-326
Inadequate Encryption Strength
CWE-328
Use of Weak Hash
CWE-330
Use of Insufficiently Random Values
CWE-349
Acceptance of Extraneous Untrusted Data With Trusted Data
CWE-352
Cross-Site Request Forgery (CSRF)
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-379
Creation of Temporary File in Directory with Insecure Permissions
CWE-400
Uncontrolled Resource Consumption
CWE-401
Missing Release of Memory after Effective Lifetime
CWE-404
Improper Resource Shutdown or Release
CWE-415
Double Free
CWE-416
Use After Free
CWE-476
NULL Pointer Dereference
CWE-522
Insufficiently Protected Credentials
CWE-567
Unsynchronized Access to Shared Data in a Multithreaded Context
CWE-613
Insufficient Session Expiration
CWE-614
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
CWE-664
Improper Control of a Resource Through its Lifetime
CWE-667
Improper Locking
CWE-704
Incorrect Type Conversion or Cast
CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-749
Exposed Dangerous Method or Function
CWE-754
Improper Check for Unusual or Exceptional Conditions
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-787
Out-of-bounds Write
CWE-833
Deadlock
CWE-834
Excessive Iteration
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-94
Improper Control of Generation of Code ('Code Injection')
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Siemens heeft kwetsbaarheden verholpen in diverse producten, zoals SCALANCE, SICAM, Tecnomatix, SITOP en PowerSys.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipulatie van gegevens\n- Omzeilen van beveiligingsmaatregel\n- (Remote) code execution (Administrator/Root rechten)\n- (Remote) code execution (Gebruikersrechten)\n- Toegang tot systeemgegevens\n- Verhoogde gebruikersrechten\n\nDe kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.\n",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico\u0027s zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "general",
"text": "Insufficient Granularity of Access Control",
"title": "CWE-1220"
},
{
"category": "general",
"text": "Write-what-where Condition",
"title": "CWE-123"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "general",
"text": "Improper Null Termination",
"title": "CWE-170"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "Integer Underflow (Wrap or Wraparound)",
"title": "CWE-191"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Improper Privilege Management",
"title": "CWE-269"
},
{
"category": "general",
"text": "Improper Authentication",
"title": "CWE-287"
},
{
"category": "general",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "general",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "general",
"text": "Cleartext Transmission of Sensitive Information",
"title": "CWE-319"
},
{
"category": "general",
"text": "Use of Hard-coded Cryptographic Key",
"title": "CWE-321"
},
{
"category": "general",
"text": "Missing Cryptographic Step",
"title": "CWE-325"
},
{
"category": "general",
"text": "Inadequate Encryption Strength",
"title": "CWE-326"
},
{
"category": "general",
"text": "Use of Weak Hash",
"title": "CWE-328"
},
{
"category": "general",
"text": "Use of Insufficiently Random Values",
"title": "CWE-330"
},
{
"category": "general",
"text": "Acceptance of Extraneous Untrusted Data With Trusted Data",
"title": "CWE-349"
},
{
"category": "general",
"text": "Cross-Site Request Forgery (CSRF)",
"title": "CWE-352"
},
{
"category": "general",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "general",
"text": "Creation of Temporary File in Directory with Insecure Permissions",
"title": "CWE-379"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Double Free",
"title": "CWE-415"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Insufficiently Protected Credentials",
"title": "CWE-522"
},
{
"category": "general",
"text": "Unsynchronized Access to Shared Data in a Multithreaded Context",
"title": "CWE-567"
},
{
"category": "general",
"text": "Insufficient Session Expiration",
"title": "CWE-613"
},
{
"category": "general",
"text": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute",
"title": "CWE-614"
},
{
"category": "general",
"text": "Improper Control of a Resource Through its Lifetime",
"title": "CWE-664"
},
{
"category": "general",
"text": "Improper Locking",
"title": "CWE-667"
},
{
"category": "general",
"text": "Incorrect Type Conversion or Cast",
"title": "CWE-704"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"title": "CWE-74"
},
{
"category": "general",
"text": "Exposed Dangerous Method or Function",
"title": "CWE-749"
},
{
"category": "general",
"text": "Improper Check for Unusual or Exceptional Conditions",
"title": "CWE-754"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Deadlock",
"title": "CWE-833"
},
{
"category": "general",
"text": "Excessive Iteration",
"title": "CWE-834"
},
{
"category": "general",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-024584.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-196737.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-238730.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-319319.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-337522.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-341067.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-481506.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-540640.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-620338.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-625862.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-690517.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-879734.pdf"
},
{
"category": "external",
"summary": "Reference - ncscclear; siemens",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-900277.pdf"
}
],
"title": "Kwetsbaarheden verholpen in Siemens producten",
"tracking": {
"current_release_date": "2024-06-11T13:29:25.912614Z",
"id": "NCSC-2024-0246",
"initial_release_date": "2024-06-11T13:29:25.912614Z",
"revision_history": [
{
"date": "2024-06-11T13:29:25.912614Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "mendix",
"product": {
"name": "mendix",
"product_id": "CSAFPID-538452",
"product_identification_helper": {
"cpe": "cpe:2.3:a:siemens:mendix:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "simatic",
"product": {
"name": "simatic",
"product_id": "CSAFPID-166121",
"product_identification_helper": {
"cpe": "cpe:2.3:a:siemens:simatic:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sinec-nms",
"product": {
"name": "sinec-nms",
"product_id": "CSAFPID-163798",
"product_identification_helper": {
"cpe": "cpe:2.3:a:siemens:sinec-nms:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "tecnomatix_plant_simulation",
"product": {
"name": "tecnomatix_plant_simulation",
"product_id": "CSAFPID-166120",
"product_identification_helper": {
"cpe": "cpe:2.3:a:siemens:tecnomatix_plant_simulation:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "tia_administrator",
"product": {
"name": "tia_administrator",
"product_id": "CSAFPID-766096",
"product_identification_helper": {
"cpe": "cpe:2.3:a:siemens:tia_administrator:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "scalance_w700",
"product": {
"name": "scalance_w700",
"product_id": "CSAFPID-1009262",
"product_identification_helper": {
"cpe": "cpe:2.3:h:siemens:scalance_w700:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "scalance_xm-400",
"product": {
"name": "scalance_xm-400",
"product_id": "CSAFPID-1014214",
"product_identification_helper": {
"cpe": "cpe:2.3:h:siemens:scalance_xm-400:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "scalance_xr-500",
"product": {
"name": "scalance_xr-500",
"product_id": "CSAFPID-1014213",
"product_identification_helper": {
"cpe": "cpe:2.3:h:siemens:scalance_xr-500:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sicam_ak_3",
"product": {
"name": "sicam_ak_3",
"product_id": "CSAFPID-1007975",
"product_identification_helper": {
"cpe": "cpe:2.3:h:siemens:sicam_ak_3:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sicam_bc",
"product": {
"name": "sicam_bc",
"product_id": "CSAFPID-1007979",
"product_identification_helper": {
"cpe": "cpe:2.3:h:siemens:sicam_bc:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sicam_tm",
"product": {
"name": "sicam_tm",
"product_id": "CSAFPID-1007978",
"product_identification_helper": {
"cpe": "cpe:2.3:h:siemens:sicam_tm:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "siplus_tim_1531_irc",
"product": {
"name": "siplus_tim_1531_irc",
"product_id": "CSAFPID-1326635",
"product_identification_helper": {
"cpe": "cpe:2.3:h:siemens:siplus_tim_1531_irc:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sitop_ups1600",
"product": {
"name": "sitop_ups1600",
"product_id": "CSAFPID-1037908",
"product_identification_helper": {
"cpe": "cpe:2.3:h:siemens:sitop_ups1600:-:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-28319",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-28319",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28319.json"
}
],
"title": "CVE-2023-28319"
},
{
"cve": "CVE-2023-28484",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-28484",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28484.json"
}
],
"title": "CVE-2023-28484"
},
{
"cve": "CVE-2023-29331",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-29331",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29331.json"
}
],
"title": "CVE-2023-29331"
},
{
"cve": "CVE-2023-29469",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Double Free",
"title": "CWE-415"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-29469",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29469.json"
}
],
"title": "CVE-2023-29469"
},
{
"cve": "CVE-2023-32032",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-32032",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-32032.json"
}
],
"title": "CVE-2023-32032"
},
{
"cve": "CVE-2023-33126",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-33126",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33126.json"
}
],
"title": "CVE-2023-33126"
},
{
"cve": "CVE-2023-33127",
"cwe": {
"id": "CWE-1220",
"name": "Insufficient Granularity of Access Control"
},
"notes": [
{
"category": "other",
"text": "Insufficient Granularity of Access Control",
"title": "CWE-1220"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-33127",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33127.json"
}
],
"title": "CVE-2023-33127"
},
{
"cve": "CVE-2023-33128",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-33128",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33128.json"
}
],
"title": "CVE-2023-33128"
},
{
"cve": "CVE-2023-33135",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-33135",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33135.json"
}
],
"title": "CVE-2023-33135"
},
{
"cve": "CVE-2023-33170",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-33170",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33170.json"
}
],
"title": "CVE-2023-33170"
},
{
"cve": "CVE-2023-35390",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-35390",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-35390.json"
}
],
"title": "CVE-2023-35390"
},
{
"cve": "CVE-2023-35391",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-35391",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-35391.json"
}
],
"title": "CVE-2023-35391"
},
{
"cve": "CVE-2023-35788",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-35788",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-35788.json"
}
],
"title": "CVE-2023-35788"
},
{
"cve": "CVE-2023-35823",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-35823",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-35823.json"
}
],
"title": "CVE-2023-35823"
},
{
"cve": "CVE-2023-35824",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-35824",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-35824.json"
}
],
"title": "CVE-2023-35824"
},
{
"cve": "CVE-2023-35828",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-35828",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-35828.json"
}
],
"title": "CVE-2023-35828"
},
{
"cve": "CVE-2023-35829",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-35829",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-35829.json"
}
],
"title": "CVE-2023-35829"
},
{
"cve": "CVE-2023-36038",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36038",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36038.json"
}
],
"title": "CVE-2023-36038"
},
{
"cve": "CVE-2023-36049",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36049",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36049.json"
}
],
"title": "CVE-2023-36049"
},
{
"cve": "CVE-2023-36435",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36435",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36435.json"
}
],
"title": "CVE-2023-36435"
},
{
"cve": "CVE-2023-36558",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36558",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36558.json"
}
],
"title": "CVE-2023-36558"
},
{
"cve": "CVE-2023-36792",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36792",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36792.json"
}
],
"title": "CVE-2023-36792"
},
{
"cve": "CVE-2023-36793",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36793",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36793.json"
}
],
"title": "CVE-2023-36793"
},
{
"cve": "CVE-2023-36794",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "other",
"text": "Integer Underflow (Wrap or Wraparound)",
"title": "CWE-191"
},
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36794",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36794.json"
}
],
"title": "CVE-2023-36794"
},
{
"cve": "CVE-2023-36796",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "other",
"text": "Integer Underflow (Wrap or Wraparound)",
"title": "CWE-191"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36796",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36796.json"
}
],
"title": "CVE-2023-36796"
},
{
"cve": "CVE-2023-36799",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-36799",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36799.json"
}
],
"title": "CVE-2023-36799"
},
{
"cve": "CVE-2023-38171",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-38171",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38171.json"
}
],
"title": "CVE-2023-38171"
},
{
"cve": "CVE-2023-38178",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-38178",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38178.json"
}
],
"title": "CVE-2023-38178"
},
{
"cve": "CVE-2023-38180",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-38180",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38180.json"
}
],
"title": "CVE-2023-38180"
},
{
"cve": "CVE-2023-38380",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "other",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-38380",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38380.json"
}
],
"title": "CVE-2023-38380"
},
{
"cve": "CVE-2023-38533",
"cwe": {
"id": "CWE-379",
"name": "Creation of Temporary File in Directory with Insecure Permissions"
},
"notes": [
{
"category": "other",
"text": "Creation of Temporary File in Directory with Insecure Permissions",
"title": "CWE-379"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-38533",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38533.json"
}
],
"title": "CVE-2023-38533"
},
{
"cve": "CVE-2023-39615",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-39615",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39615.json"
}
],
"title": "CVE-2023-39615"
},
{
"cve": "CVE-2023-41910",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-41910",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-41910.json"
}
],
"title": "CVE-2023-41910"
},
{
"cve": "CVE-2023-44317",
"cwe": {
"id": "CWE-349",
"name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
},
"notes": [
{
"category": "other",
"text": "Acceptance of Extraneous Untrusted Data With Trusted Data",
"title": "CWE-349"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-44317",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44317.json"
}
],
"title": "CVE-2023-44317"
},
{
"cve": "CVE-2023-44318",
"cwe": {
"id": "CWE-321",
"name": "Use of Hard-coded Cryptographic Key"
},
"notes": [
{
"category": "other",
"text": "Use of Hard-coded Cryptographic Key",
"title": "CWE-321"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-44318",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44318.json"
}
],
"title": "CVE-2023-44318"
},
{
"cve": "CVE-2023-44319",
"cwe": {
"id": "CWE-328",
"name": "Use of Weak Hash"
},
"notes": [
{
"category": "other",
"text": "Use of Weak Hash",
"title": "CWE-328"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-44319",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44319.json"
}
],
"title": "CVE-2023-44319"
},
{
"cve": "CVE-2023-44373",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"title": "CWE-74"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-44373",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44373.json"
}
],
"title": "CVE-2023-44373"
},
{
"cve": "CVE-2023-44374",
"cwe": {
"id": "CWE-567",
"name": "Unsynchronized Access to Shared Data in a Multithreaded Context"
},
"notes": [
{
"category": "other",
"text": "Unsynchronized Access to Shared Data in a Multithreaded Context",
"title": "CWE-567"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-44374",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44374.json"
}
],
"title": "CVE-2023-44374"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-44487",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json"
}
],
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-49691",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-49691",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49691.json"
}
],
"title": "CVE-2023-49691"
},
{
"cve": "CVE-2023-50763",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-50763",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-50763.json"
}
],
"title": "CVE-2023-50763"
},
{
"cve": "CVE-2023-52474",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-52474",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52474.json"
}
],
"title": "CVE-2023-52474"
},
{
"cve": "CVE-2024-0775",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-0775",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0775.json"
}
],
"title": "CVE-2024-0775"
},
{
"cve": "CVE-2024-31484",
"cwe": {
"id": "CWE-170",
"name": "Improper Null Termination"
},
"notes": [
{
"category": "other",
"text": "Improper Null Termination",
"title": "CWE-170"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-31484",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31484.json"
}
],
"title": "CVE-2024-31484"
},
{
"cve": "CVE-2024-33500",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"notes": [
{
"category": "other",
"text": "Improper Privilege Management",
"title": "CWE-269"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-33500",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33500.json"
}
],
"title": "CVE-2024-33500"
},
{
"cve": "CVE-2024-35206",
"cwe": {
"id": "CWE-613",
"name": "Insufficient Session Expiration"
},
"notes": [
{
"category": "other",
"text": "Insufficient Session Expiration",
"title": "CWE-613"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-35206",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35206.json"
}
],
"title": "CVE-2024-35206"
},
{
"cve": "CVE-2024-35207",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"notes": [
{
"category": "other",
"text": "Cross-Site Request Forgery (CSRF)",
"title": "CWE-352"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-35207",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35207.json"
}
],
"title": "CVE-2024-35207"
},
{
"cve": "CVE-2024-35208",
"cwe": {
"id": "CWE-522",
"name": "Insufficiently Protected Credentials"
},
"notes": [
{
"category": "other",
"text": "Insufficiently Protected Credentials",
"title": "CWE-522"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-35208",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35208.json"
}
],
"title": "CVE-2024-35208"
},
{
"cve": "CVE-2024-35209",
"cwe": {
"id": "CWE-749",
"name": "Exposed Dangerous Method or Function"
},
"notes": [
{
"category": "other",
"text": "Exposed Dangerous Method or Function",
"title": "CWE-749"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-35209",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35209.json"
}
],
"title": "CVE-2024-35209"
},
{
"cve": "CVE-2024-35210",
"cwe": {
"id": "CWE-319",
"name": "Cleartext Transmission of Sensitive Information"
},
"notes": [
{
"category": "other",
"text": "Cleartext Transmission of Sensitive Information",
"title": "CWE-319"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-35210",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35210.json"
}
],
"title": "CVE-2024-35210"
},
{
"cve": "CVE-2024-35211",
"cwe": {
"id": "CWE-614",
"name": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute"
},
"notes": [
{
"category": "other",
"text": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute",
"title": "CWE-614"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-35211",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35211.json"
}
],
"title": "CVE-2024-35211"
},
{
"cve": "CVE-2024-35212",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-35212",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35212.json"
}
],
"title": "CVE-2024-35212"
},
{
"cve": "CVE-2024-35292",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "other",
"text": "Use of Insufficiently Random Values",
"title": "CWE-330"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-35292",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35292.json"
}
],
"title": "CVE-2024-35292"
},
{
"cve": "CVE-2024-35303",
"cwe": {
"id": "CWE-704",
"name": "Incorrect Type Conversion or Cast"
},
"notes": [
{
"category": "other",
"text": "Incorrect Type Conversion or Cast",
"title": "CWE-704"
}
],
"product_status": {
"known_affected": [
"CSAFPID-166120"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-35303",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35303.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-166120"
]
}
],
"title": "CVE-2024-35303"
},
{
"cve": "CVE-2024-36266",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "other",
"text": "Improper Authentication",
"title": "CWE-287"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-36266",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36266.json"
}
],
"title": "CVE-2024-36266"
},
{
"cve": "CVE-2021-47178",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2021-47178",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-47178.json"
}
],
"title": "CVE-2021-47178"
},
{
"cve": "CVE-2022-1015",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-1015",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-1015.json"
}
],
"title": "CVE-2022-1015"
},
{
"cve": "CVE-2022-2097",
"cwe": {
"id": "CWE-326",
"name": "Inadequate Encryption Strength"
},
"notes": [
{
"category": "other",
"text": "Inadequate Encryption Strength",
"title": "CWE-326"
},
{
"category": "other",
"text": "Missing Cryptographic Step",
"title": "CWE-325"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-2097",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-2097.json"
}
],
"title": "CVE-2022-2097"
},
{
"cve": "CVE-2022-3435",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-3435",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-3435.json"
}
],
"title": "CVE-2022-3435"
},
{
"cve": "CVE-2022-3545",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-3545",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-3545.json"
}
],
"title": "CVE-2022-3545"
},
{
"cve": "CVE-2022-3623",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"notes": [
{
"category": "other",
"text": "Write-what-where Condition",
"title": "CWE-123"
},
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-3623",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-3623.json"
}
],
"title": "CVE-2022-3623"
},
{
"cve": "CVE-2022-3643",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"title": "CWE-74"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-3643",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-3643.json"
}
],
"title": "CVE-2022-3643"
},
{
"cve": "CVE-2022-4304",
"cwe": {
"id": "CWE-326",
"name": "Inadequate Encryption Strength"
},
"notes": [
{
"category": "other",
"text": "Inadequate Encryption Strength",
"title": "CWE-326"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-4304",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-4304.json"
}
],
"title": "CVE-2022-4304"
},
{
"cve": "CVE-2022-4450",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "other",
"text": "Double Free",
"title": "CWE-415"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-4450",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-4450.json"
}
],
"title": "CVE-2022-4450"
},
{
"cve": "CVE-2022-36323",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"title": "CWE-74"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-36323",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36323.json"
}
],
"title": "CVE-2022-36323"
},
{
"cve": "CVE-2022-39189",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-39189",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-39189.json"
}
],
"title": "CVE-2022-39189"
},
{
"cve": "CVE-2022-40225",
"cwe": {
"id": "CWE-681",
"name": "Incorrect Conversion between Numeric Types"
},
"notes": [
{
"category": "other",
"text": "Incorrect Conversion between Numeric Types",
"title": "CWE-681"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-40225",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40225.json"
}
],
"title": "CVE-2022-40225"
},
{
"cve": "CVE-2022-40303",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-40303",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40303.json"
}
],
"title": "CVE-2022-40303"
},
{
"cve": "CVE-2022-40304",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "other",
"text": "Double Free",
"title": "CWE-415"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-40304",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40304.json"
}
],
"title": "CVE-2022-40304"
},
{
"cve": "CVE-2022-41742",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-41742",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-41742.json"
}
],
"title": "CVE-2022-41742"
},
{
"cve": "CVE-2022-42328",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "other",
"text": "Improper Locking",
"title": "CWE-667"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-42328",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42328.json"
}
],
"title": "CVE-2022-42328"
},
{
"cve": "CVE-2022-42329",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "other",
"text": "Improper Locking",
"title": "CWE-667"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-42329",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42329.json"
}
],
"title": "CVE-2022-42329"
},
{
"cve": "CVE-2022-44792",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-44792",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-44792.json"
}
],
"title": "CVE-2022-44792"
},
{
"cve": "CVE-2022-44793",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-44793",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-44793.json"
}
],
"title": "CVE-2022-44793"
},
{
"cve": "CVE-2022-45886",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-45886",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-45886.json"
}
],
"title": "CVE-2022-45886"
},
{
"cve": "CVE-2022-45887",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "other",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
},
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-45887",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-45887.json"
}
],
"title": "CVE-2022-45887"
},
{
"cve": "CVE-2022-45919",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-45919",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-45919.json"
}
],
"title": "CVE-2022-45919"
},
{
"cve": "CVE-2022-46144",
"cwe": {
"id": "CWE-664",
"name": "Improper Control of a Resource Through its Lifetime"
},
"notes": [
{
"category": "other",
"text": "Improper Control of a Resource Through its Lifetime",
"title": "CWE-664"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2022-46144",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-46144.json"
}
],
"title": "CVE-2022-46144"
},
{
"cve": "CVE-2023-0160",
"cwe": {
"id": "CWE-833",
"name": "Deadlock"
},
"notes": [
{
"category": "other",
"text": "Deadlock",
"title": "CWE-833"
},
{
"category": "other",
"text": "Improper Locking",
"title": "CWE-667"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-0160",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-0160.json"
}
],
"title": "CVE-2023-0160"
},
{
"cve": "CVE-2023-0215",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-0215",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-0215.json"
}
],
"title": "CVE-2023-0215"
},
{
"cve": "CVE-2023-0286",
"cwe": {
"id": "CWE-704",
"name": "Incorrect Type Conversion or Cast"
},
"notes": [
{
"category": "other",
"text": "Incorrect Type Conversion or Cast",
"title": "CWE-704"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-0286",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-0286.json"
}
],
"title": "CVE-2023-0286"
},
{
"cve": "CVE-2023-0464",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-0464",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-0464.json"
}
],
"title": "CVE-2023-0464"
},
{
"cve": "CVE-2023-0465",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Certificate Validation",
"title": "CWE-295"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-0465",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-0465.json"
}
],
"title": "CVE-2023-0465"
},
{
"cve": "CVE-2023-0466",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Certificate Validation",
"title": "CWE-295"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-0466",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-0466.json"
}
],
"title": "CVE-2023-0466"
},
{
"cve": "CVE-2023-1017",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-1017",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-1017.json"
}
],
"title": "CVE-2023-1017"
},
{
"cve": "CVE-2023-2124",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-2124",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2124.json"
}
],
"title": "CVE-2023-2124"
},
{
"cve": "CVE-2023-2269",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "other",
"text": "Improper Locking",
"title": "CWE-667"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-2269",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2269.json"
}
],
"title": "CVE-2023-2269"
},
{
"cve": "CVE-2023-3446",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-3446",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-3446.json"
}
],
"title": "CVE-2023-3446"
},
{
"cve": "CVE-2023-3817",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Excessive Iteration",
"title": "CWE-834"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-3817",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-3817.json"
}
],
"title": "CVE-2023-3817"
},
{
"cve": "CVE-2023-5678",
"cwe": {
"id": "CWE-754",
"name": "Improper Check for Unusual or Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Check for Unusual or Exceptional Conditions",
"title": "CWE-754"
},
{
"category": "other",
"text": "Missing Cryptographic Step",
"title": "CWE-325"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-5678",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5678.json"
}
],
"title": "CVE-2023-5678"
},
{
"cve": "CVE-2023-21255",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-21255",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-21255.json"
}
],
"title": "CVE-2023-21255"
},
{
"cve": "CVE-2023-21808",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-21808",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-21808.json"
}
],
"title": "CVE-2023-21808"
},
{
"cve": "CVE-2023-24895",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-24895",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-24895.json"
}
],
"title": "CVE-2023-24895"
},
{
"cve": "CVE-2023-24897",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-24897",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-24897.json"
}
],
"title": "CVE-2023-24897"
},
{
"cve": "CVE-2023-24936",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-24936",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-24936.json"
}
],
"title": "CVE-2023-24936"
},
{
"cve": "CVE-2023-26552",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-26552",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26552.json"
}
],
"title": "CVE-2023-26552"
},
{
"cve": "CVE-2023-26553",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-26553",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26553.json"
}
],
"title": "CVE-2023-26553"
},
{
"cve": "CVE-2023-26554",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-26554",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26554.json"
}
],
"title": "CVE-2023-26554"
},
{
"cve": "CVE-2023-27321",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-27321",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-27321.json"
}
],
"title": "CVE-2023-27321"
},
{
"cve": "CVE-2023-28260",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-28260",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28260.json"
}
],
"title": "CVE-2023-28260"
}
]
}
WID-SEC-W-2024-1591
Vulnerability from csaf_certbund
Published
2024-07-10 22:00
Modified
2024-11-11 23:00
Summary
Juniper JUNOS: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
JUNOS ist das "Juniper Network Operating System", das in Juniper Appliances verwendet wird.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Juniper JUNOS ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive zu umgehen.
Betroffene Betriebssysteme
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "JUNOS ist das \"Juniper Network Operating System\", das in Juniper Appliances verwendet wird.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Juniper JUNOS ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1591 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1591.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1591 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1591"
},
{
"category": "external",
"summary": "Juniper Patchday July 2024 vom 2024-07-10",
"url": "https://supportportal.juniper.net/s/global-search/%40uri?language=en_US#sort=%40sfcec_community_publish_date_formula__c%20descending\u0026numberOfResults=100\u0026f:ctype=%5BSecurity%20Advisories%5D"
}
],
"source_lang": "en-US",
"title": "Juniper JUNOS: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-11-11T23:00:00.000+00:00",
"generator": {
"date": "2024-11-12T09:31:28.569+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-1591",
"initial_release_date": "2024-07-10T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-07-10T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-11-11T23:00:00.000+00:00",
"number": "2",
"summary": "URL Kodierung angepasst"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Juniper JUNOS",
"product": {
"name": "Juniper JUNOS",
"product_id": "T036093",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:-"
}
}
}
],
"category": "vendor",
"name": "Juniper"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2006-20001",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2006-20001"
},
{
"cve": "CVE-2007-5846",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2007-5846"
},
{
"cve": "CVE-2008-6123",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2008-6123"
},
{
"cve": "CVE-2011-1473",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2011-1473"
},
{
"cve": "CVE-2011-5094",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2011-5094"
},
{
"cve": "CVE-2012-6151",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2012-6151"
},
{
"cve": "CVE-2014-10064",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2014-10064"
},
{
"cve": "CVE-2014-2285",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2014-2285"
},
{
"cve": "CVE-2014-2310",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2014-2310"
},
{
"cve": "CVE-2014-3565",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2014-3565"
},
{
"cve": "CVE-2014-7191",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2014-7191"
},
{
"cve": "CVE-2014-8882",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2014-8882"
},
{
"cve": "CVE-2015-5621",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2015-5621"
},
{
"cve": "CVE-2015-8100",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2015-8100"
},
{
"cve": "CVE-2015-9262",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2015-9262"
},
{
"cve": "CVE-2016-1000232",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2016-1000232"
},
{
"cve": "CVE-2016-10540",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2016-10540"
},
{
"cve": "CVE-2016-4658",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2016-4658"
},
{
"cve": "CVE-2017-1000048",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2017-1000048"
},
{
"cve": "CVE-2017-15010",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2017-15010"
},
{
"cve": "CVE-2018-18065",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2018-18065"
},
{
"cve": "CVE-2018-20834",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2018-20834"
},
{
"cve": "CVE-2018-3737",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2018-3737"
},
{
"cve": "CVE-2018-7408",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2018-7408"
},
{
"cve": "CVE-2019-10081",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-10081"
},
{
"cve": "CVE-2019-10082",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-10082"
},
{
"cve": "CVE-2019-10092",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-10092"
},
{
"cve": "CVE-2019-10097",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-10097"
},
{
"cve": "CVE-2019-10098",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-10098"
},
{
"cve": "CVE-2019-11719",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-11719"
},
{
"cve": "CVE-2019-11727",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-11727"
},
{
"cve": "CVE-2019-11756",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-11756"
},
{
"cve": "CVE-2019-16775",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-16775"
},
{
"cve": "CVE-2019-16776",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-16776"
},
{
"cve": "CVE-2019-16777",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-16777"
},
{
"cve": "CVE-2019-17006",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-17006"
},
{
"cve": "CVE-2019-17023",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-17023"
},
{
"cve": "CVE-2019-17567",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-17567"
},
{
"cve": "CVE-2019-20149",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-20149"
},
{
"cve": "CVE-2019-20892",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-20892"
},
{
"cve": "CVE-2019-9517",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-9517"
},
{
"cve": "CVE-2020-11668",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-11668"
},
{
"cve": "CVE-2020-11984",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-11984"
},
{
"cve": "CVE-2020-11993",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-11993"
},
{
"cve": "CVE-2020-12362",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-12362"
},
{
"cve": "CVE-2020-12400",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-12400"
},
{
"cve": "CVE-2020-12401",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-12401"
},
{
"cve": "CVE-2020-12402",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-12402"
},
{
"cve": "CVE-2020-12403",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-12403"
},
{
"cve": "CVE-2020-13938",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-13938"
},
{
"cve": "CVE-2020-13950",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-13950"
},
{
"cve": "CVE-2020-14145",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-14145"
},
{
"cve": "CVE-2020-15861",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-15861"
},
{
"cve": "CVE-2020-15862",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-15862"
},
{
"cve": "CVE-2020-1927",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-1927"
},
{
"cve": "CVE-2020-1934",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-1934"
},
{
"cve": "CVE-2020-28469",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-28469"
},
{
"cve": "CVE-2020-28502",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-28502"
},
{
"cve": "CVE-2020-35452",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-35452"
},
{
"cve": "CVE-2020-36049",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-36049"
},
{
"cve": "CVE-2020-6829",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-6829"
},
{
"cve": "CVE-2020-7660",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-7660"
},
{
"cve": "CVE-2020-7754",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-7754"
},
{
"cve": "CVE-2020-7774",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-7774"
},
{
"cve": "CVE-2020-8648",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-8648"
},
{
"cve": "CVE-2020-9490",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-9490"
},
{
"cve": "CVE-2021-22543",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-22543"
},
{
"cve": "CVE-2021-2342",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-2342"
},
{
"cve": "CVE-2021-23440",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-23440"
},
{
"cve": "CVE-2021-2356",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-2356"
},
{
"cve": "CVE-2021-2372",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-2372"
},
{
"cve": "CVE-2021-2385",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-2385"
},
{
"cve": "CVE-2021-2389",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-2389"
},
{
"cve": "CVE-2021-2390",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-2390"
},
{
"cve": "CVE-2021-25745",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-25745"
},
{
"cve": "CVE-2021-25746",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-25746"
},
{
"cve": "CVE-2021-25748",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-25748"
},
{
"cve": "CVE-2021-26690",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-26690"
},
{
"cve": "CVE-2021-26691",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-26691"
},
{
"cve": "CVE-2021-27290",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-27290"
},
{
"cve": "CVE-2021-29469",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-29469"
},
{
"cve": "CVE-2021-30641",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-30641"
},
{
"cve": "CVE-2021-31535",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-31535"
},
{
"cve": "CVE-2021-31618",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-31618"
},
{
"cve": "CVE-2021-3177",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-3177"
},
{
"cve": "CVE-2021-32803",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-32803"
},
{
"cve": "CVE-2021-32804",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-32804"
},
{
"cve": "CVE-2021-33033",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-33033"
},
{
"cve": "CVE-2021-33034",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-33034"
},
{
"cve": "CVE-2021-33193",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-33193"
},
{
"cve": "CVE-2021-3347",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-3347"
},
{
"cve": "CVE-2021-33909",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-33909"
},
{
"cve": "CVE-2021-34798",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-34798"
},
{
"cve": "CVE-2021-35604",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-35604"
},
{
"cve": "CVE-2021-35624",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-35624"
},
{
"cve": "CVE-2021-36160",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-36160"
},
{
"cve": "CVE-2021-37701",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-37701"
},
{
"cve": "CVE-2021-37712",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-37712"
},
{
"cve": "CVE-2021-37713",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-37713"
},
{
"cve": "CVE-2021-3803",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-3803"
},
{
"cve": "CVE-2021-39275",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-39275"
},
{
"cve": "CVE-2021-40438",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-40438"
},
{
"cve": "CVE-2021-41524",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-41524"
},
{
"cve": "CVE-2021-41773",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-41773"
},
{
"cve": "CVE-2021-42013",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-42013"
},
{
"cve": "CVE-2021-43527",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-43527"
},
{
"cve": "CVE-2021-44224",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-44224"
},
{
"cve": "CVE-2021-44225",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-44225"
},
{
"cve": "CVE-2021-44790",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-44790"
},
{
"cve": "CVE-2021-44906",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-44906"
},
{
"cve": "CVE-2022-21245",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21245"
},
{
"cve": "CVE-2022-21270",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21270"
},
{
"cve": "CVE-2022-21303",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21303"
},
{
"cve": "CVE-2022-21304",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21304"
},
{
"cve": "CVE-2022-21344",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21344"
},
{
"cve": "CVE-2022-21367",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21367"
},
{
"cve": "CVE-2022-21417",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21417"
},
{
"cve": "CVE-2022-21427",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21427"
},
{
"cve": "CVE-2022-21444",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21444"
},
{
"cve": "CVE-2022-21451",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21451"
},
{
"cve": "CVE-2022-21454",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21454"
},
{
"cve": "CVE-2022-21460",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21460"
},
{
"cve": "CVE-2022-21589",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21589"
},
{
"cve": "CVE-2022-21592",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21592"
},
{
"cve": "CVE-2022-21595",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21595"
},
{
"cve": "CVE-2022-21608",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21608"
},
{
"cve": "CVE-2022-21617",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21617"
},
{
"cve": "CVE-2022-22719",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-22719"
},
{
"cve": "CVE-2022-22720",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-22720"
},
{
"cve": "CVE-2022-22721",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-22721"
},
{
"cve": "CVE-2022-22822",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-22822"
},
{
"cve": "CVE-2022-22823",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-22823"
},
{
"cve": "CVE-2022-22824",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-22824"
},
{
"cve": "CVE-2022-23471",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-23471"
},
{
"cve": "CVE-2022-23524",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-23524"
},
{
"cve": "CVE-2022-23525",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-23525"
},
{
"cve": "CVE-2022-23526",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-23526"
},
{
"cve": "CVE-2022-23852",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-23852"
},
{
"cve": "CVE-2022-23943",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-23943"
},
{
"cve": "CVE-2022-25147",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-25147"
},
{
"cve": "CVE-2022-25235",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-25235"
},
{
"cve": "CVE-2022-25236",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-25236"
},
{
"cve": "CVE-2022-2526",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-2526"
},
{
"cve": "CVE-2022-25315",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-25315"
},
{
"cve": "CVE-2022-26377",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-26377"
},
{
"cve": "CVE-2022-28330",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-28330"
},
{
"cve": "CVE-2022-28614",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-28614"
},
{
"cve": "CVE-2022-28615",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-28615"
},
{
"cve": "CVE-2022-29167",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-29167"
},
{
"cve": "CVE-2022-29404",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-29404"
},
{
"cve": "CVE-2022-30522",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-30522"
},
{
"cve": "CVE-2022-30556",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-30556"
},
{
"cve": "CVE-2022-31813",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-31813"
},
{
"cve": "CVE-2022-3517",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-3517"
},
{
"cve": "CVE-2022-3564",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-3564"
},
{
"cve": "CVE-2022-36760",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-36760"
},
{
"cve": "CVE-2022-37434",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-37434"
},
{
"cve": "CVE-2022-37436",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-37436"
},
{
"cve": "CVE-2022-40674",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-40674"
},
{
"cve": "CVE-2022-41741",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-41741"
},
{
"cve": "CVE-2022-41742",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-41742"
},
{
"cve": "CVE-2022-4203",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-4203"
},
{
"cve": "CVE-2022-4304",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-4304"
},
{
"cve": "CVE-2022-4450",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-4450"
},
{
"cve": "CVE-2022-46663",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-46663"
},
{
"cve": "CVE-2022-4886",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-4886"
},
{
"cve": "CVE-2023-0215",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0215"
},
{
"cve": "CVE-2023-0216",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0216"
},
{
"cve": "CVE-2023-0217",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0217"
},
{
"cve": "CVE-2023-0286",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0286"
},
{
"cve": "CVE-2023-0401",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0401"
},
{
"cve": "CVE-2023-0464",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0464"
},
{
"cve": "CVE-2023-0465",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0465"
},
{
"cve": "CVE-2023-0466",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0466"
},
{
"cve": "CVE-2023-0767",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0767"
},
{
"cve": "CVE-2023-1255",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-1255"
},
{
"cve": "CVE-2023-2002",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-2002"
},
{
"cve": "CVE-2023-20593",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-20593"
},
{
"cve": "CVE-2023-21830",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-21830"
},
{
"cve": "CVE-2023-21840",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-21840"
},
{
"cve": "CVE-2023-21843",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-21843"
},
{
"cve": "CVE-2023-21912",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-21912"
},
{
"cve": "CVE-2023-21963",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-21963"
},
{
"cve": "CVE-2023-21980",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-21980"
},
{
"cve": "CVE-2023-22025",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-22025"
},
{
"cve": "CVE-2023-22067",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-22067"
},
{
"cve": "CVE-2023-22081",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-22081"
},
{
"cve": "CVE-2023-22652",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-22652"
},
{
"cve": "CVE-2023-24329",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-24329"
},
{
"cve": "CVE-2023-25153",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-25153"
},
{
"cve": "CVE-2023-25173",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-25173"
},
{
"cve": "CVE-2023-25690",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-25690"
},
{
"cve": "CVE-2023-2700",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-2700"
},
{
"cve": "CVE-2023-27522",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-27522"
},
{
"cve": "CVE-2023-2828",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-2828"
},
{
"cve": "CVE-2023-28840",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-28840"
},
{
"cve": "CVE-2023-28841",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-28841"
},
{
"cve": "CVE-2023-28842",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-28842"
},
{
"cve": "CVE-2023-2975",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-2975"
},
{
"cve": "CVE-2023-30079",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-30079"
},
{
"cve": "CVE-2023-30630",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-30630"
},
{
"cve": "CVE-2023-3090",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-3090"
},
{
"cve": "CVE-2023-32067",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-32067"
},
{
"cve": "CVE-2023-32360",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-32360"
},
{
"cve": "CVE-2023-32435",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-32435"
},
{
"cve": "CVE-2023-32439",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-32439"
},
{
"cve": "CVE-2023-32732",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-32732"
},
{
"cve": "CVE-2023-3341",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-3341"
},
{
"cve": "CVE-2023-3390",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-3390"
},
{
"cve": "CVE-2023-33953",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-33953"
},
{
"cve": "CVE-2023-34058",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-34058"
},
{
"cve": "CVE-2023-34059",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-34059"
},
{
"cve": "CVE-2023-3446",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-3446"
},
{
"cve": "CVE-2023-34969",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-34969"
},
{
"cve": "CVE-2023-35001",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-35001"
},
{
"cve": "CVE-2023-35788",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-35788"
},
{
"cve": "CVE-2023-3611",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-3611"
},
{
"cve": "CVE-2023-37450",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-37450"
},
{
"cve": "CVE-2023-3776",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-3776"
},
{
"cve": "CVE-2023-3817",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-3817"
},
{
"cve": "CVE-2023-4004",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-4004"
},
{
"cve": "CVE-2023-4206",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-4206"
},
{
"cve": "CVE-2023-4207",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-4207"
},
{
"cve": "CVE-2023-4208",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-4208"
},
{
"cve": "CVE-2023-42753",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-42753"
},
{
"cve": "CVE-2023-4785",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-4785"
},
{
"cve": "CVE-2023-4807",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-4807"
},
{
"cve": "CVE-2023-4863",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-4863"
},
{
"cve": "CVE-2023-5043",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-5043"
},
{
"cve": "CVE-2023-5129",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-5129"
},
{
"cve": "CVE-2023-5363",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-5363"
},
{
"cve": "CVE-2024-20918",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-20918"
},
{
"cve": "CVE-2024-20919",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-20919"
},
{
"cve": "CVE-2024-20921",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-20921"
},
{
"cve": "CVE-2024-20926",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-20926"
},
{
"cve": "CVE-2024-20932",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-20932"
},
{
"cve": "CVE-2024-20945",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-20945"
},
{
"cve": "CVE-2024-20952",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-20952"
},
{
"cve": "CVE-2024-39511",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39511"
},
{
"cve": "CVE-2024-39512",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39512"
},
{
"cve": "CVE-2024-39513",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39513"
},
{
"cve": "CVE-2024-39514",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39514"
},
{
"cve": "CVE-2024-39517",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39517"
},
{
"cve": "CVE-2024-39518",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39518"
},
{
"cve": "CVE-2024-39519",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39519"
},
{
"cve": "CVE-2024-39520",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39520"
},
{
"cve": "CVE-2024-39521",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39521"
},
{
"cve": "CVE-2024-39522",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39522"
},
{
"cve": "CVE-2024-39523",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39523"
},
{
"cve": "CVE-2024-39524",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39524"
},
{
"cve": "CVE-2024-39528",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39528"
},
{
"cve": "CVE-2024-39529",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39529"
},
{
"cve": "CVE-2024-39530",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39530"
},
{
"cve": "CVE-2024-39531",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39531"
},
{
"cve": "CVE-2024-39532",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39532"
},
{
"cve": "CVE-2024-39533",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39533"
},
{
"cve": "CVE-2024-39535",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39535"
},
{
"cve": "CVE-2024-39536",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39536"
},
{
"cve": "CVE-2024-39537",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39537"
},
{
"cve": "CVE-2024-39538",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39538"
},
{
"cve": "CVE-2024-39539",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39539"
},
{
"cve": "CVE-2024-39540",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39540"
},
{
"cve": "CVE-2024-39541",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39541"
},
{
"cve": "CVE-2024-39542",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39542"
},
{
"cve": "CVE-2024-39543",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39543"
},
{
"cve": "CVE-2024-39545",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39545"
},
{
"cve": "CVE-2024-39546",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39546"
},
{
"cve": "CVE-2024-39548",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39548"
},
{
"cve": "CVE-2024-39549",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39549"
},
{
"cve": "CVE-2024-39550",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39550"
},
{
"cve": "CVE-2024-39551",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39551"
},
{
"cve": "CVE-2024-39553",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39553"
},
{
"cve": "CVE-2024-39554",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39554"
},
{
"cve": "CVE-2024-39555",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39555"
},
{
"cve": "CVE-2024-39556",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39556"
},
{
"cve": "CVE-2024-39557",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39557"
},
{
"cve": "CVE-2024-39558",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39558"
},
{
"cve": "CVE-2024-39559",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39559"
},
{
"cve": "CVE-2024-39560",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39560"
},
{
"cve": "CVE-2024-39561",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39561"
},
{
"cve": "CVE-2024-39565",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39565"
}
]
}
wid-sec-w-2024-1591
Vulnerability from csaf_certbund
Published
2024-07-10 22:00
Modified
2024-11-11 23:00
Summary
Juniper JUNOS: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
JUNOS ist das "Juniper Network Operating System", das in Juniper Appliances verwendet wird.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Juniper JUNOS ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive zu umgehen.
Betroffene Betriebssysteme
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "JUNOS ist das \"Juniper Network Operating System\", das in Juniper Appliances verwendet wird.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Juniper JUNOS ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1591 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1591.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1591 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1591"
},
{
"category": "external",
"summary": "Juniper Patchday July 2024 vom 2024-07-10",
"url": "https://supportportal.juniper.net/s/global-search/%40uri?language=en_US#sort=%40sfcec_community_publish_date_formula__c%20descending\u0026numberOfResults=100\u0026f:ctype=%5BSecurity%20Advisories%5D"
}
],
"source_lang": "en-US",
"title": "Juniper JUNOS: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-11-11T23:00:00.000+00:00",
"generator": {
"date": "2024-11-12T09:31:28.569+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-1591",
"initial_release_date": "2024-07-10T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-07-10T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-11-11T23:00:00.000+00:00",
"number": "2",
"summary": "URL Kodierung angepasst"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Juniper JUNOS",
"product": {
"name": "Juniper JUNOS",
"product_id": "T036093",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:-"
}
}
}
],
"category": "vendor",
"name": "Juniper"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2006-20001",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2006-20001"
},
{
"cve": "CVE-2007-5846",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2007-5846"
},
{
"cve": "CVE-2008-6123",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2008-6123"
},
{
"cve": "CVE-2011-1473",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2011-1473"
},
{
"cve": "CVE-2011-5094",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2011-5094"
},
{
"cve": "CVE-2012-6151",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2012-6151"
},
{
"cve": "CVE-2014-10064",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2014-10064"
},
{
"cve": "CVE-2014-2285",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2014-2285"
},
{
"cve": "CVE-2014-2310",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2014-2310"
},
{
"cve": "CVE-2014-3565",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2014-3565"
},
{
"cve": "CVE-2014-7191",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2014-7191"
},
{
"cve": "CVE-2014-8882",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2014-8882"
},
{
"cve": "CVE-2015-5621",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2015-5621"
},
{
"cve": "CVE-2015-8100",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2015-8100"
},
{
"cve": "CVE-2015-9262",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2015-9262"
},
{
"cve": "CVE-2016-1000232",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2016-1000232"
},
{
"cve": "CVE-2016-10540",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2016-10540"
},
{
"cve": "CVE-2016-4658",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2016-4658"
},
{
"cve": "CVE-2017-1000048",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2017-1000048"
},
{
"cve": "CVE-2017-15010",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2017-15010"
},
{
"cve": "CVE-2018-18065",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2018-18065"
},
{
"cve": "CVE-2018-20834",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2018-20834"
},
{
"cve": "CVE-2018-3737",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2018-3737"
},
{
"cve": "CVE-2018-7408",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2018-7408"
},
{
"cve": "CVE-2019-10081",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-10081"
},
{
"cve": "CVE-2019-10082",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-10082"
},
{
"cve": "CVE-2019-10092",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-10092"
},
{
"cve": "CVE-2019-10097",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-10097"
},
{
"cve": "CVE-2019-10098",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-10098"
},
{
"cve": "CVE-2019-11719",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-11719"
},
{
"cve": "CVE-2019-11727",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-11727"
},
{
"cve": "CVE-2019-11756",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-11756"
},
{
"cve": "CVE-2019-16775",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-16775"
},
{
"cve": "CVE-2019-16776",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-16776"
},
{
"cve": "CVE-2019-16777",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-16777"
},
{
"cve": "CVE-2019-17006",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-17006"
},
{
"cve": "CVE-2019-17023",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-17023"
},
{
"cve": "CVE-2019-17567",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-17567"
},
{
"cve": "CVE-2019-20149",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-20149"
},
{
"cve": "CVE-2019-20892",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-20892"
},
{
"cve": "CVE-2019-9517",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2019-9517"
},
{
"cve": "CVE-2020-11668",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-11668"
},
{
"cve": "CVE-2020-11984",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-11984"
},
{
"cve": "CVE-2020-11993",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-11993"
},
{
"cve": "CVE-2020-12362",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-12362"
},
{
"cve": "CVE-2020-12400",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-12400"
},
{
"cve": "CVE-2020-12401",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-12401"
},
{
"cve": "CVE-2020-12402",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-12402"
},
{
"cve": "CVE-2020-12403",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-12403"
},
{
"cve": "CVE-2020-13938",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-13938"
},
{
"cve": "CVE-2020-13950",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-13950"
},
{
"cve": "CVE-2020-14145",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-14145"
},
{
"cve": "CVE-2020-15861",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-15861"
},
{
"cve": "CVE-2020-15862",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-15862"
},
{
"cve": "CVE-2020-1927",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-1927"
},
{
"cve": "CVE-2020-1934",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-1934"
},
{
"cve": "CVE-2020-28469",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-28469"
},
{
"cve": "CVE-2020-28502",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-28502"
},
{
"cve": "CVE-2020-35452",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-35452"
},
{
"cve": "CVE-2020-36049",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-36049"
},
{
"cve": "CVE-2020-6829",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-6829"
},
{
"cve": "CVE-2020-7660",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-7660"
},
{
"cve": "CVE-2020-7754",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-7754"
},
{
"cve": "CVE-2020-7774",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-7774"
},
{
"cve": "CVE-2020-8648",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-8648"
},
{
"cve": "CVE-2020-9490",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2020-9490"
},
{
"cve": "CVE-2021-22543",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-22543"
},
{
"cve": "CVE-2021-2342",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-2342"
},
{
"cve": "CVE-2021-23440",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-23440"
},
{
"cve": "CVE-2021-2356",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-2356"
},
{
"cve": "CVE-2021-2372",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-2372"
},
{
"cve": "CVE-2021-2385",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-2385"
},
{
"cve": "CVE-2021-2389",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-2389"
},
{
"cve": "CVE-2021-2390",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-2390"
},
{
"cve": "CVE-2021-25745",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-25745"
},
{
"cve": "CVE-2021-25746",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-25746"
},
{
"cve": "CVE-2021-25748",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-25748"
},
{
"cve": "CVE-2021-26690",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-26690"
},
{
"cve": "CVE-2021-26691",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-26691"
},
{
"cve": "CVE-2021-27290",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-27290"
},
{
"cve": "CVE-2021-29469",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-29469"
},
{
"cve": "CVE-2021-30641",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-30641"
},
{
"cve": "CVE-2021-31535",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-31535"
},
{
"cve": "CVE-2021-31618",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-31618"
},
{
"cve": "CVE-2021-3177",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-3177"
},
{
"cve": "CVE-2021-32803",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-32803"
},
{
"cve": "CVE-2021-32804",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-32804"
},
{
"cve": "CVE-2021-33033",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-33033"
},
{
"cve": "CVE-2021-33034",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-33034"
},
{
"cve": "CVE-2021-33193",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-33193"
},
{
"cve": "CVE-2021-3347",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-3347"
},
{
"cve": "CVE-2021-33909",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-33909"
},
{
"cve": "CVE-2021-34798",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-34798"
},
{
"cve": "CVE-2021-35604",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-35604"
},
{
"cve": "CVE-2021-35624",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-35624"
},
{
"cve": "CVE-2021-36160",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-36160"
},
{
"cve": "CVE-2021-37701",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-37701"
},
{
"cve": "CVE-2021-37712",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-37712"
},
{
"cve": "CVE-2021-37713",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-37713"
},
{
"cve": "CVE-2021-3803",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-3803"
},
{
"cve": "CVE-2021-39275",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-39275"
},
{
"cve": "CVE-2021-40438",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-40438"
},
{
"cve": "CVE-2021-41524",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-41524"
},
{
"cve": "CVE-2021-41773",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-41773"
},
{
"cve": "CVE-2021-42013",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-42013"
},
{
"cve": "CVE-2021-43527",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-43527"
},
{
"cve": "CVE-2021-44224",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-44224"
},
{
"cve": "CVE-2021-44225",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-44225"
},
{
"cve": "CVE-2021-44790",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-44790"
},
{
"cve": "CVE-2021-44906",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2021-44906"
},
{
"cve": "CVE-2022-21245",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21245"
},
{
"cve": "CVE-2022-21270",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21270"
},
{
"cve": "CVE-2022-21303",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21303"
},
{
"cve": "CVE-2022-21304",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21304"
},
{
"cve": "CVE-2022-21344",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21344"
},
{
"cve": "CVE-2022-21367",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21367"
},
{
"cve": "CVE-2022-21417",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21417"
},
{
"cve": "CVE-2022-21427",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21427"
},
{
"cve": "CVE-2022-21444",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21444"
},
{
"cve": "CVE-2022-21451",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21451"
},
{
"cve": "CVE-2022-21454",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21454"
},
{
"cve": "CVE-2022-21460",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21460"
},
{
"cve": "CVE-2022-21589",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21589"
},
{
"cve": "CVE-2022-21592",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21592"
},
{
"cve": "CVE-2022-21595",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21595"
},
{
"cve": "CVE-2022-21608",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21608"
},
{
"cve": "CVE-2022-21617",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-21617"
},
{
"cve": "CVE-2022-22719",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-22719"
},
{
"cve": "CVE-2022-22720",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-22720"
},
{
"cve": "CVE-2022-22721",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-22721"
},
{
"cve": "CVE-2022-22822",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-22822"
},
{
"cve": "CVE-2022-22823",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-22823"
},
{
"cve": "CVE-2022-22824",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-22824"
},
{
"cve": "CVE-2022-23471",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-23471"
},
{
"cve": "CVE-2022-23524",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-23524"
},
{
"cve": "CVE-2022-23525",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-23525"
},
{
"cve": "CVE-2022-23526",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-23526"
},
{
"cve": "CVE-2022-23852",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-23852"
},
{
"cve": "CVE-2022-23943",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-23943"
},
{
"cve": "CVE-2022-25147",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-25147"
},
{
"cve": "CVE-2022-25235",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-25235"
},
{
"cve": "CVE-2022-25236",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-25236"
},
{
"cve": "CVE-2022-2526",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-2526"
},
{
"cve": "CVE-2022-25315",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-25315"
},
{
"cve": "CVE-2022-26377",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-26377"
},
{
"cve": "CVE-2022-28330",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-28330"
},
{
"cve": "CVE-2022-28614",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-28614"
},
{
"cve": "CVE-2022-28615",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-28615"
},
{
"cve": "CVE-2022-29167",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-29167"
},
{
"cve": "CVE-2022-29404",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-29404"
},
{
"cve": "CVE-2022-30522",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-30522"
},
{
"cve": "CVE-2022-30556",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-30556"
},
{
"cve": "CVE-2022-31813",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-31813"
},
{
"cve": "CVE-2022-3517",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-3517"
},
{
"cve": "CVE-2022-3564",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-3564"
},
{
"cve": "CVE-2022-36760",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-36760"
},
{
"cve": "CVE-2022-37434",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-37434"
},
{
"cve": "CVE-2022-37436",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-37436"
},
{
"cve": "CVE-2022-40674",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-40674"
},
{
"cve": "CVE-2022-41741",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-41741"
},
{
"cve": "CVE-2022-41742",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-41742"
},
{
"cve": "CVE-2022-4203",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-4203"
},
{
"cve": "CVE-2022-4304",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-4304"
},
{
"cve": "CVE-2022-4450",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-4450"
},
{
"cve": "CVE-2022-46663",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-46663"
},
{
"cve": "CVE-2022-4886",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2022-4886"
},
{
"cve": "CVE-2023-0215",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0215"
},
{
"cve": "CVE-2023-0216",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0216"
},
{
"cve": "CVE-2023-0217",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0217"
},
{
"cve": "CVE-2023-0286",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0286"
},
{
"cve": "CVE-2023-0401",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0401"
},
{
"cve": "CVE-2023-0464",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0464"
},
{
"cve": "CVE-2023-0465",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0465"
},
{
"cve": "CVE-2023-0466",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0466"
},
{
"cve": "CVE-2023-0767",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-0767"
},
{
"cve": "CVE-2023-1255",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-1255"
},
{
"cve": "CVE-2023-2002",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-2002"
},
{
"cve": "CVE-2023-20593",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-20593"
},
{
"cve": "CVE-2023-21830",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-21830"
},
{
"cve": "CVE-2023-21840",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-21840"
},
{
"cve": "CVE-2023-21843",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-21843"
},
{
"cve": "CVE-2023-21912",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-21912"
},
{
"cve": "CVE-2023-21963",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-21963"
},
{
"cve": "CVE-2023-21980",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-21980"
},
{
"cve": "CVE-2023-22025",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-22025"
},
{
"cve": "CVE-2023-22067",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-22067"
},
{
"cve": "CVE-2023-22081",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-22081"
},
{
"cve": "CVE-2023-22652",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-22652"
},
{
"cve": "CVE-2023-24329",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-24329"
},
{
"cve": "CVE-2023-25153",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-25153"
},
{
"cve": "CVE-2023-25173",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-25173"
},
{
"cve": "CVE-2023-25690",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-25690"
},
{
"cve": "CVE-2023-2700",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-2700"
},
{
"cve": "CVE-2023-27522",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-27522"
},
{
"cve": "CVE-2023-2828",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-2828"
},
{
"cve": "CVE-2023-28840",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-28840"
},
{
"cve": "CVE-2023-28841",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-28841"
},
{
"cve": "CVE-2023-28842",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-28842"
},
{
"cve": "CVE-2023-2975",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-2975"
},
{
"cve": "CVE-2023-30079",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-30079"
},
{
"cve": "CVE-2023-30630",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-30630"
},
{
"cve": "CVE-2023-3090",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-3090"
},
{
"cve": "CVE-2023-32067",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-32067"
},
{
"cve": "CVE-2023-32360",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-32360"
},
{
"cve": "CVE-2023-32435",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-32435"
},
{
"cve": "CVE-2023-32439",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-32439"
},
{
"cve": "CVE-2023-32732",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-32732"
},
{
"cve": "CVE-2023-3341",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-3341"
},
{
"cve": "CVE-2023-3390",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-3390"
},
{
"cve": "CVE-2023-33953",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-33953"
},
{
"cve": "CVE-2023-34058",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-34058"
},
{
"cve": "CVE-2023-34059",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-34059"
},
{
"cve": "CVE-2023-3446",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-3446"
},
{
"cve": "CVE-2023-34969",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-34969"
},
{
"cve": "CVE-2023-35001",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-35001"
},
{
"cve": "CVE-2023-35788",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-35788"
},
{
"cve": "CVE-2023-3611",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-3611"
},
{
"cve": "CVE-2023-37450",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-37450"
},
{
"cve": "CVE-2023-3776",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-3776"
},
{
"cve": "CVE-2023-3817",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-3817"
},
{
"cve": "CVE-2023-4004",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-4004"
},
{
"cve": "CVE-2023-4206",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-4206"
},
{
"cve": "CVE-2023-4207",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-4207"
},
{
"cve": "CVE-2023-4208",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-4208"
},
{
"cve": "CVE-2023-42753",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-42753"
},
{
"cve": "CVE-2023-4785",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-4785"
},
{
"cve": "CVE-2023-4807",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-4807"
},
{
"cve": "CVE-2023-4863",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-4863"
},
{
"cve": "CVE-2023-5043",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-5043"
},
{
"cve": "CVE-2023-5129",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-5129"
},
{
"cve": "CVE-2023-5363",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2023-5363"
},
{
"cve": "CVE-2024-20918",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-20918"
},
{
"cve": "CVE-2024-20919",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-20919"
},
{
"cve": "CVE-2024-20921",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-20921"
},
{
"cve": "CVE-2024-20926",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-20926"
},
{
"cve": "CVE-2024-20932",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-20932"
},
{
"cve": "CVE-2024-20945",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-20945"
},
{
"cve": "CVE-2024-20952",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-20952"
},
{
"cve": "CVE-2024-39511",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39511"
},
{
"cve": "CVE-2024-39512",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39512"
},
{
"cve": "CVE-2024-39513",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39513"
},
{
"cve": "CVE-2024-39514",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39514"
},
{
"cve": "CVE-2024-39517",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39517"
},
{
"cve": "CVE-2024-39518",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39518"
},
{
"cve": "CVE-2024-39519",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39519"
},
{
"cve": "CVE-2024-39520",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39520"
},
{
"cve": "CVE-2024-39521",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39521"
},
{
"cve": "CVE-2024-39522",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39522"
},
{
"cve": "CVE-2024-39523",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39523"
},
{
"cve": "CVE-2024-39524",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39524"
},
{
"cve": "CVE-2024-39528",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39528"
},
{
"cve": "CVE-2024-39529",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39529"
},
{
"cve": "CVE-2024-39530",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39530"
},
{
"cve": "CVE-2024-39531",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39531"
},
{
"cve": "CVE-2024-39532",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39532"
},
{
"cve": "CVE-2024-39533",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39533"
},
{
"cve": "CVE-2024-39535",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39535"
},
{
"cve": "CVE-2024-39536",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39536"
},
{
"cve": "CVE-2024-39537",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39537"
},
{
"cve": "CVE-2024-39538",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39538"
},
{
"cve": "CVE-2024-39539",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39539"
},
{
"cve": "CVE-2024-39540",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39540"
},
{
"cve": "CVE-2024-39541",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39541"
},
{
"cve": "CVE-2024-39542",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39542"
},
{
"cve": "CVE-2024-39543",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39543"
},
{
"cve": "CVE-2024-39545",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39545"
},
{
"cve": "CVE-2024-39546",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39546"
},
{
"cve": "CVE-2024-39548",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39548"
},
{
"cve": "CVE-2024-39549",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39549"
},
{
"cve": "CVE-2024-39550",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39550"
},
{
"cve": "CVE-2024-39551",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39551"
},
{
"cve": "CVE-2024-39553",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39553"
},
{
"cve": "CVE-2024-39554",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39554"
},
{
"cve": "CVE-2024-39555",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39555"
},
{
"cve": "CVE-2024-39556",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39556"
},
{
"cve": "CVE-2024-39557",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39557"
},
{
"cve": "CVE-2024-39558",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39558"
},
{
"cve": "CVE-2024-39559",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39559"
},
{
"cve": "CVE-2024-39560",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39560"
},
{
"cve": "CVE-2024-39561",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39561"
},
{
"cve": "CVE-2024-39565",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungen\u00fcgende Eingabe\u00fcberpr\u00fcfungen, Unsachgem\u00e4\u00dfe \u00dcberpr\u00fcfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgem\u00e4\u00dfe Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Puffer\u00fcberl\u00e4ufe. Diese Schwachstellen erm\u00f6glichen Angreifern Denial of Service Zust\u00e4nde zu verursachen, Informationen offenzulegen, Code auszuf\u00fchren, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalit\u00e4t zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig."
}
],
"product_status": {
"known_affected": [
"T036093"
]
},
"release_date": "2024-07-10T22:00:00.000+00:00",
"title": "CVE-2024-39565"
}
]
}
fkie_cve-2022-41742
Vulnerability from fkie_nvd
Published
2022-10-19 22:15
Modified
2024-11-21 07:23
Severity ?
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Summary
NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.
References
| URL | Tags | ||
|---|---|---|---|
| f5sirt@f5.com | https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html | Mailing List, Third Party Advisory | |
| f5sirt@f5.com | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/ | ||
| f5sirt@f5.com | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/ | ||
| f5sirt@f5.com | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/ | ||
| f5sirt@f5.com | https://security.netapp.com/advisory/ntap-20230120-0005/ | Third Party Advisory | |
| f5sirt@f5.com | https://support.f5.com/csp/article/K28112382 | Mitigation, Vendor Advisory | |
| f5sirt@f5.com | https://www.debian.org/security/2022/dsa-5281 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20230120-0005/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K28112382 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2022/dsa-5281 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| f5 | nginx | * | |
| f5 | nginx | * | |
| f5 | nginx | 1.23.0 | |
| f5 | nginx | 1.23.1 | |
| f5 | nginx | r1 | |
| f5 | nginx | r2 | |
| f5 | nginx_ingress_controller | * | |
| f5 | nginx_ingress_controller | * | |
| fedoraproject | fedora | 35 | |
| fedoraproject | fedora | 36 | |
| fedoraproject | fedora | 37 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:nginx:*:*:*:*:open_source:*:*:*",
"matchCriteriaId": "37C2C47D-5B99-4A7F-8EE8-4E5988BA7CB5",
"versionEndIncluding": "1.22.0",
"versionStartIncluding": "1.1.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx:*:*:*:*:plus:*:*:*",
"matchCriteriaId": "B1966323-7D3A-4102-AAB8-C007745BB766",
"versionEndIncluding": "r27",
"versionStartIncluding": "r22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx:1.23.0:*:*:*:open_source:*:*:*",
"matchCriteriaId": "34B07066-845C-45AA-9F0E-576B10EF02EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx:1.23.1:*:*:*:open_source:*:*:*",
"matchCriteriaId": "8FC6884B-0C16-4ACF-8264-4AC34B9167CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx:r1:*:*:*:open_source_subscription:*:*:*",
"matchCriteriaId": "666D5C24-4F5A-44D9-B22C-6F0C46164B82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx:r2:*:*:*:open_source_subscription:*:*:*",
"matchCriteriaId": "0EF2AA63-F4C2-476D-BDAE-2D4F63C74867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4106C27-B217-4601-98E7-88067B60CE98",
"versionEndIncluding": "1.12.4",
"versionStartIncluding": "1.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CEF860F-EF1E-4AAC-9122-F3A4A1510196",
"versionEndIncluding": "2.4.0",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module."
},
{
"lang": "es",
"value": "NGINX Open Source anteriores as versiones 1.23.2 y 1.22.1, NGINX Open Source Subscription versiones anteriores a R2 P1 y R1 P1, y NGINX Plus versiones anteriores a R27 P1 y R26 P1, presentan una vulnerabilidad en el m\u00f3dulo ngx_http_mp4_module que podr\u00eda permitir a un atacante local causar un bloqueo del proceso del trabajador, o podr\u00eda resultar en una divulgaci\u00f3n de la memoria del proceso del trabajador mediante el uso de un archivo de audio o v\u00eddeo especialmente dise\u00f1ado. El problema afecta s\u00f3lo a los productos NGINX que son construidos con el m\u00f3dulo ngx_http_mp4_module, cuando es usada la directiva mp4 en el archivo de configuraci\u00f3n. Adem\u00e1s, el ataque s\u00f3lo es posible si un atacante puede desencadenar el procesamiento de un archivo de audio o v\u00eddeo especialmente dise\u00f1ado con el m\u00f3dulo ngx_http_mp4_module"
}
],
"id": "CVE-2022-41742",
"lastModified": "2024-11-21T07:23:46.447",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "f5sirt@f5.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-19T22:15:12.717",
"references": [
{
"source": "f5sirt@f5.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html"
},
{
"source": "f5sirt@f5.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/"
},
{
"source": "f5sirt@f5.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/"
},
{
"source": "f5sirt@f5.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20230120-0005/"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K28112382"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20230120-0005/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K28112382"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5281"
}
],
"sourceIdentifier": "f5sirt@f5.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "f5sirt@f5.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
var-202210-1373
Vulnerability from variot
NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module. F5 Networks of nginx Products from other vendors have out-of-bounds write vulnerabilities.Information is obtained and service operation is interrupted (DoS) It may be in a state. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Debian Security Advisory DSA-5281-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 15, 2022 https://www.debian.org/security/faq
Package : nginx CVE ID : CVE-2022-41741 CVE-2022-41742
It was discovered that parsing errors in the mp4 module of Nginx, a high-performance web and reverse proxy server, could result in denial of service, memory disclosure or potentially the execution of arbitrary code when processing a malformed mp4 file.
This module is only enabled in the nginx-extras binary package.
For the stable distribution (bullseye), these problems have been fixed in version 1.18.0-6.1+deb11u3.
We recommend that you upgrade your nginx packages.
For the detailed security status of nginx please refer to its security tracker page at: https://security-tracker.debian.org/tracker/nginx
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmNz9JcACgkQEMKTtsN8 Tjb4tg/7BRkAkF48UvvRjLolxVVuV1paSTRG8ArEeW3fHyA0fxs2UMuRL4ic1vqc i3wxAAfHvYoOnk+QBY20Ly2MN7S7OukNovKE9AZCPulyYkVjtIWNSBeY0PzCU60y RP/KCZAGoGEYi6s4SUrK194ved+7jIcybgLvvGA8FRKW3wTRvzRGMfR6NTLuP7B3 th0C5+KkapE8G5XlHWOIjv1h3Ok40cua7LtYx9RTITJ+wClvkJ6gPcCXXj/CnWWa PUvuEBwyr0PEBXfL9v1P8Eq1MmN+mWU9KeLYxIC+vcJxtpsYL67tMHIGTlDUgDVE FrXrDXi7XP/6hjl7t/J/cTPEwy/twX0emUQcUDlRNlOxh3skSmdPJP7DMu+t9UtQ suepgZ+oHfHh3gs9EWz2zRqbsVO03NjhKo9ebIjhe3H0P39cX3NN5qlSJeNTY45k VBDecnPQnhYqYuzqwXy5ZoUQDcU0Bo7zaUzeYhUsfXqrROV/tj+UTMrM2anHdQ4B kAOrCBpmGP1lLvDs2PzBcWmBtII/5VTKZep05xH0L+dZWDV07j1ekCzv3/kuKiMl GTJQ7yl3fgKjLdkjMFKQIfsm3xdYwzxjOmtEY86tUV0LjtdR2GlJtF4YdIQhA4b1 /R82ZisLfmZ4ElL+ua8iypLOe9reyO4EpVVDkeewFS64Ye1Wn3k=3mDY -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202210-1373",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nginx",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "r1"
},
{
"model": "nginx",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "1.23.1"
},
{
"model": "nginx",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "r22"
},
{
"model": "nginx ingress controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "1.12.4"
},
{
"model": "nginx",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "1.22.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "11.0"
},
{
"model": "nginx",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "r2"
},
{
"model": "nginx ingress controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "2.4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "35"
},
{
"model": "nginx",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "r27"
},
{
"model": "nginx",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "1.23.0"
},
{
"model": "nginx ingress controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "1.9.0"
},
{
"model": "nginx ingress controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "2.0.0"
},
{
"model": "nginx",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "1.1.3"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "36"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "37"
},
{
"model": "fedora",
"scope": "eq",
"trust": 0.8,
"vendor": "fedora",
"version": "37"
},
{
"model": "fedora",
"scope": "eq",
"trust": 0.8,
"vendor": "fedora",
"version": "36"
},
{
"model": "nginx ingress controller",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "fedora",
"scope": "eq",
"trust": 0.8,
"vendor": "fedora",
"version": "project"
},
{
"model": "nginx",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "fedora",
"scope": "eq",
"trust": 0.8,
"vendor": "fedora",
"version": "35"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-022651"
},
{
"db": "NVD",
"id": "CVE-2022-41742"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Debian",
"sources": [
{
"db": "PACKETSTORM",
"id": "169909"
}
],
"trust": 0.1
},
"cve": "CVE-2022-41742",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2022-41742",
"impactScore": 5.2,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.1,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-41742",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-41742",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "f5sirt@f5.com",
"id": "CVE-2022-41742",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2022-41742",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202210-1409",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-022651"
},
{
"db": "CNNVD",
"id": "CNNVD-202210-1409"
},
{
"db": "NVD",
"id": "CVE-2022-41742"
},
{
"db": "NVD",
"id": "CVE-2022-41742"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module. F5 Networks of nginx Products from other vendors have out-of-bounds write vulnerabilities.Information is obtained and service operation is interrupted (DoS) It may be in a state. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-5281-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nNovember 15, 2022 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : nginx\nCVE ID : CVE-2022-41741 CVE-2022-41742\n\nIt was discovered that parsing errors in the mp4 module of Nginx, a\nhigh-performance web and reverse proxy server, could result in denial\nof service, memory disclosure or potentially the execution of arbitrary\ncode when processing a malformed mp4 file. \n\nThis module is only enabled in the nginx-extras binary package. \n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 1.18.0-6.1+deb11u3. \n\nWe recommend that you upgrade your nginx packages. \n\nFor the detailed security status of nginx please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/nginx\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmNz9JcACgkQEMKTtsN8\nTjb4tg/7BRkAkF48UvvRjLolxVVuV1paSTRG8ArEeW3fHyA0fxs2UMuRL4ic1vqc\ni3wxAAfHvYoOnk+QBY20Ly2MN7S7OukNovKE9AZCPulyYkVjtIWNSBeY0PzCU60y\nRP/KCZAGoGEYi6s4SUrK194ved+7jIcybgLvvGA8FRKW3wTRvzRGMfR6NTLuP7B3\nth0C5+KkapE8G5XlHWOIjv1h3Ok40cua7LtYx9RTITJ+wClvkJ6gPcCXXj/CnWWa\nPUvuEBwyr0PEBXfL9v1P8Eq1MmN+mWU9KeLYxIC+vcJxtpsYL67tMHIGTlDUgDVE\nFrXrDXi7XP/6hjl7t/J/cTPEwy/twX0emUQcUDlRNlOxh3skSmdPJP7DMu+t9UtQ\nsuepgZ+oHfHh3gs9EWz2zRqbsVO03NjhKo9ebIjhe3H0P39cX3NN5qlSJeNTY45k\nVBDecnPQnhYqYuzqwXy5ZoUQDcU0Bo7zaUzeYhUsfXqrROV/tj+UTMrM2anHdQ4B\nkAOrCBpmGP1lLvDs2PzBcWmBtII/5VTKZep05xH0L+dZWDV07j1ekCzv3/kuKiMl\nGTJQ7yl3fgKjLdkjMFKQIfsm3xdYwzxjOmtEY86tUV0LjtdR2GlJtF4YdIQhA4b1\n/R82ZisLfmZ4ElL+ua8iypLOe9reyO4EpVVDkeewFS64Ye1Wn3k=3mDY\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-41742"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022651"
},
{
"db": "VULHUB",
"id": "VHN-438029"
},
{
"db": "PACKETSTORM",
"id": "169909"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-41742",
"trust": 3.4
},
{
"db": "JVN",
"id": "JVNVU93250330",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-24-165-13",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022651",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "169909",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2022.6109",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.5959",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202210-1409",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-438029",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-438029"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022651"
},
{
"db": "PACKETSTORM",
"id": "169909"
},
{
"db": "CNNVD",
"id": "CNNVD-202210-1409"
},
{
"db": "NVD",
"id": "CVE-2022-41742"
}
]
},
"id": "VAR-202210-1373",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-438029"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:57:57.752000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "FEDORA-2022-97de53f202 Fedora\u00a0Update\u00a0Notification",
"trust": 0.8,
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html"
},
{
"title": "F5 Nginx Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=237346"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-022651"
},
{
"db": "CNNVD",
"id": "CNNVD-202210-1409"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "Out-of-bounds writing (CWE-787) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-438029"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022651"
},
{
"db": "NVD",
"id": "CVE-2022-41742"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://security.netapp.com/advisory/ntap-20230120-0005/"
},
{
"trust": 1.7,
"url": "https://www.debian.org/security/2022/dsa-5281"
},
{
"trust": 1.7,
"url": "https://support.f5.com/csp/article/k28112382"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/bprvya4fs34vwb4fefynad7z2lfcjvei/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/fd6m3pvvko35wlaa7gldbs6teq26sm64/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/wborrvg7vvxyoaiad64zhes2u2viukfq/"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-41742"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu93250330/index.html"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-13"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/wborrvg7vvxyoaiad64zhes2u2viukfq/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/fd6m3pvvko35wlaa7gldbs6teq26sm64/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/bprvya4fs34vwb4fefynad7z2lfcjvei/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.5959"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-41742/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/169909/debian-security-advisory-5281-1.html"
},
{
"trust": 0.6,
"url": "http-mp4-module-39638"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/nginx-two-vulnerabilities-via-ngx-"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.6109"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/nginx"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-41741"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-438029"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022651"
},
{
"db": "PACKETSTORM",
"id": "169909"
},
{
"db": "CNNVD",
"id": "CNNVD-202210-1409"
},
{
"db": "NVD",
"id": "CVE-2022-41742"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-438029"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-022651"
},
{
"db": "PACKETSTORM",
"id": "169909"
},
{
"db": "CNNVD",
"id": "CNNVD-202210-1409"
},
{
"db": "NVD",
"id": "CVE-2022-41742"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-19T00:00:00",
"db": "VULHUB",
"id": "VHN-438029"
},
{
"date": "2023-11-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-022651"
},
{
"date": "2022-11-16T16:11:49",
"db": "PACKETSTORM",
"id": "169909"
},
{
"date": "2022-10-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202210-1409"
},
{
"date": "2022-10-19T22:15:12.717000",
"db": "NVD",
"id": "CVE-2022-41742"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-438029"
},
{
"date": "2024-06-17T05:27:00",
"db": "JVNDB",
"id": "JVNDB-2022-022651"
},
{
"date": "2023-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202210-1409"
},
{
"date": "2023-11-07T03:52:58.440000",
"db": "NVD",
"id": "CVE-2022-41742"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202210-1409"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "F5\u00a0Networks\u00a0 of \u00a0nginx\u00a0 Out-of-Bounds Write Vulnerability in Other Vendors\u0027 Products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-022651"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202210-1409"
}
],
"trust": 0.6
}
}
ssa-196737
Vulnerability from csaf_siemens
Published
2024-06-11 00:00
Modified
2024-06-11 00:00
Summary
SSA-196737: Multiple Vulnerabilities in SINEC Traffic Analyzer before V1.2
Notes
Summary
SINEC Traffic Analyzer before V1.2 is affected by multiple vulnerabilities.
Siemens has released a new version for SINEC Traffic Analyzer and recommends to update to the latest version.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "SINEC Traffic Analyzer before V1.2 is affected by multiple vulnerabilities.\n\nSiemens has released a new version for SINEC Traffic Analyzer and recommends to update to the latest version.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-196737: Multiple Vulnerabilities in SINEC Traffic Analyzer before V1.2 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-196737.html"
},
{
"category": "self",
"summary": "SSA-196737: Multiple Vulnerabilities in SINEC Traffic Analyzer before V1.2 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-196737.json"
},
{
"category": "self",
"summary": "SSA-196737: Multiple Vulnerabilities in SINEC Traffic Analyzer before V1.2 - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-196737.pdf"
},
{
"category": "self",
"summary": "SSA-196737: Multiple Vulnerabilities in SINEC Traffic Analyzer before V1.2 - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-196737.txt"
}
],
"title": "SSA-196737: Multiple Vulnerabilities in SINEC Traffic Analyzer before V1.2",
"tracking": {
"current_release_date": "2024-06-11T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-196737",
"initial_release_date": "2024-06-11T00:00:00Z",
"revision_history": [
{
"date": "2024-06-11T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
}
],
"status": "interim",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV1.2",
"product": {
"name": "SINEC Traffic Analyzer (6GK8822-1BG01-0BA0)",
"product_id": "1",
"product_identification_helper": {
"model_numbers": [
"6GK8822-1BG01-0BA0"
]
}
}
}
],
"category": "product_name",
"name": "SINEC Traffic Analyzer (6GK8822-1BG01-0BA0)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-41742",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2022-41742"
},
{
"cve": "CVE-2024-35206",
"cwe": {
"id": "CWE-613",
"name": "Insufficient Session Expiration"
},
"notes": [
{
"category": "summary",
"text": "The affected application does not expire the session. This could allow an attacker to get unauthorized access.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35206"
},
{
"cve": "CVE-2024-35207",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"notes": [
{
"category": "summary",
"text": "The web interface of the affected devices are vulnerable to Cross-Site Request Forgery(CSRF) attacks. By tricking an authenticated victim user to click a malicious link, an attacker could perform arbitrary actions on the device on behalf of the victim user.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35207"
},
{
"cve": "CVE-2024-35208",
"cwe": {
"id": "CWE-522",
"name": "Insufficiently Protected Credentials"
},
"notes": [
{
"category": "summary",
"text": "The affected web server stored the password in cleartext. This could allow attacker in a privileged position to obtain access passwords.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35208"
},
{
"cve": "CVE-2024-35209",
"cwe": {
"id": "CWE-749",
"name": "Exposed Dangerous Method or Function"
},
"notes": [
{
"category": "summary",
"text": "The affected web server is allowing HTTP methods like PUT and Delete. This could allow an attacker to modify unauthorized files.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35209"
},
{
"cve": "CVE-2024-35210",
"cwe": {
"id": "CWE-319",
"name": "Cleartext Transmission of Sensitive Information"
},
"notes": [
{
"category": "summary",
"text": "The affected web server is not enforcing HSTS. This could allow an attacker to perform downgrade attacks exposing confidential information.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35210"
},
{
"cve": "CVE-2024-35211",
"cwe": {
"id": "CWE-614",
"name": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute"
},
"notes": [
{
"category": "summary",
"text": "The affected web server, after a successful login, sets the session cookie on the browser, without applying any security attributes (such as \u201cSecure\u201d, \u201cHttpOnly\u201d, or \u201cSameSite\u201d).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35211"
},
{
"cve": "CVE-2024-35212",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The affected application lacks input validation due to which an attacker can gain access to the Database entries.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35212"
}
]
}
SSA-196737
Vulnerability from csaf_siemens
Published
2024-06-11 00:00
Modified
2024-06-11 00:00
Summary
SSA-196737: Multiple Vulnerabilities in SINEC Traffic Analyzer before V1.2
Notes
Summary
SINEC Traffic Analyzer before V1.2 is affected by multiple vulnerabilities.
Siemens has released a new version for SINEC Traffic Analyzer and recommends to update to the latest version.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "SINEC Traffic Analyzer before V1.2 is affected by multiple vulnerabilities.\n\nSiemens has released a new version for SINEC Traffic Analyzer and recommends to update to the latest version.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-196737: Multiple Vulnerabilities in SINEC Traffic Analyzer before V1.2 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-196737.html"
},
{
"category": "self",
"summary": "SSA-196737: Multiple Vulnerabilities in SINEC Traffic Analyzer before V1.2 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-196737.json"
},
{
"category": "self",
"summary": "SSA-196737: Multiple Vulnerabilities in SINEC Traffic Analyzer before V1.2 - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-196737.pdf"
},
{
"category": "self",
"summary": "SSA-196737: Multiple Vulnerabilities in SINEC Traffic Analyzer before V1.2 - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-196737.txt"
}
],
"title": "SSA-196737: Multiple Vulnerabilities in SINEC Traffic Analyzer before V1.2",
"tracking": {
"current_release_date": "2024-06-11T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-196737",
"initial_release_date": "2024-06-11T00:00:00Z",
"revision_history": [
{
"date": "2024-06-11T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
}
],
"status": "interim",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV1.2",
"product": {
"name": "SINEC Traffic Analyzer (6GK8822-1BG01-0BA0)",
"product_id": "1",
"product_identification_helper": {
"model_numbers": [
"6GK8822-1BG01-0BA0"
]
}
}
}
],
"category": "product_name",
"name": "SINEC Traffic Analyzer (6GK8822-1BG01-0BA0)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-41742",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2022-41742"
},
{
"cve": "CVE-2024-35206",
"cwe": {
"id": "CWE-613",
"name": "Insufficient Session Expiration"
},
"notes": [
{
"category": "summary",
"text": "The affected application does not expire the session. This could allow an attacker to get unauthorized access.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35206"
},
{
"cve": "CVE-2024-35207",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"notes": [
{
"category": "summary",
"text": "The web interface of the affected devices are vulnerable to Cross-Site Request Forgery(CSRF) attacks. By tricking an authenticated victim user to click a malicious link, an attacker could perform arbitrary actions on the device on behalf of the victim user.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35207"
},
{
"cve": "CVE-2024-35208",
"cwe": {
"id": "CWE-522",
"name": "Insufficiently Protected Credentials"
},
"notes": [
{
"category": "summary",
"text": "The affected web server stored the password in cleartext. This could allow attacker in a privileged position to obtain access passwords.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35208"
},
{
"cve": "CVE-2024-35209",
"cwe": {
"id": "CWE-749",
"name": "Exposed Dangerous Method or Function"
},
"notes": [
{
"category": "summary",
"text": "The affected web server is allowing HTTP methods like PUT and Delete. This could allow an attacker to modify unauthorized files.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35209"
},
{
"cve": "CVE-2024-35210",
"cwe": {
"id": "CWE-319",
"name": "Cleartext Transmission of Sensitive Information"
},
"notes": [
{
"category": "summary",
"text": "The affected web server is not enforcing HSTS. This could allow an attacker to perform downgrade attacks exposing confidential information.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35210"
},
{
"cve": "CVE-2024-35211",
"cwe": {
"id": "CWE-614",
"name": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute"
},
"notes": [
{
"category": "summary",
"text": "The affected web server, after a successful login, sets the session cookie on the browser, without applying any security attributes (such as \u201cSecure\u201d, \u201cHttpOnly\u201d, or \u201cSameSite\u201d).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35211"
},
{
"cve": "CVE-2024-35212",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The affected application lacks input validation due to which an attacker can gain access to the Database entries.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.2 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109954887/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35212"
}
]
}
ghsa-wj45-j4gh-fm3x
Vulnerability from github
Published
2022-10-20 12:00
Modified
2023-01-20 21:30
Severity ?
VLAI Severity ?
Details
NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.
{
"affected": [],
"aliases": [
"CVE-2022-41742"
],
"database_specific": {
"cwe_ids": [
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-10-19T22:15:00Z",
"severity": "HIGH"
},
"details": "NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.",
"id": "GHSA-wj45-j4gh-fm3x",
"modified": "2023-01-20T21:30:31Z",
"published": "2022-10-20T12:00:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41742"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20230120-0005"
},
{
"type": "WEB",
"url": "https://support.f5.com/csp/article/K28112382"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2022/dsa-5281"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
}
]
}
msrc_cve-2022-41742
Vulnerability from csaf_microsoft
Published
2022-10-02 00:00
Modified
2022-10-25 00:00
Summary
NGINX ngx_http_mp4_module vulnerability CVE-2022-41742
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2022-41742 NGINX ngx_http_mp4_module vulnerability CVE-2022-41742 - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2022/msrc_cve-2022-41742.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "NGINX ngx_http_mp4_module vulnerability CVE-2022-41742",
"tracking": {
"current_release_date": "2022-10-25T00:00:00.000Z",
"generator": {
"date": "2025-10-24T03:05:14.186Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2022-41742",
"initial_release_date": "2022-10-02T00:00:00.000Z",
"revision_history": [
{
"date": "2022-10-25T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1.0",
"product": {
"name": "CBL Mariner 1.0",
"product_id": "16820"
}
},
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccm1 nginx 1.22.1-1",
"product": {
"name": "\u003ccm1 nginx 1.22.1-1",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "cm1 nginx 1.22.1-1",
"product": {
"name": "cm1 nginx 1.22.1-1",
"product_id": "18572"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 nginx 1.22.1-1",
"product": {
"name": "\u003ccbl2 nginx 1.22.1-1",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cbl2 nginx 1.22.1-1",
"product": {
"name": "cbl2 nginx 1.22.1-1",
"product_id": "18573"
}
}
],
"category": "product_name",
"name": "nginx"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccm1 nginx 1.22.1-1 as a component of CBL Mariner 1.0",
"product_id": "16820-2"
},
"product_reference": "2",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cm1 nginx 1.22.1-1 as a component of CBL Mariner 1.0",
"product_id": "18572-16820"
},
"product_reference": "18572",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 nginx 1.22.1-1 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 nginx 1.22.1-1 as a component of CBL Mariner 2.0",
"product_id": "18573-17086"
},
"product_reference": "18573",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-41742",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "general",
"text": "f5",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"18572-16820",
"18573-17086"
],
"known_affected": [
"16820-2",
"17086-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-41742 NGINX ngx_http_mp4_module vulnerability CVE-2022-41742 - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2022/msrc_cve-2022-41742.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-25T00:00:00.000Z",
"details": "1.22.1-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"16820-2",
"17086-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.1,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"16820-2",
"17086-1"
]
}
],
"title": "NGINX ngx_http_mp4_module vulnerability CVE-2022-41742"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…