cvelistv5 - cve-2023-51074

CVE-2023-51074 (GCVE-0-2023-51074)

Vulnerability from cvelistv5

Published

2023-12-27 00:00

Modified

2024-08-02 22:32

Severity ?

CWE

Summary

json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse() method.

References

URL

Tags

	cve@mitre.org	https://github.com/json-path/JsonPath/issues/973	Exploit, Issue Tracking, Third Party Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://github.com/json-path/JsonPath/issues/973	Exploit, Issue Tracking, Third Party Advisory

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T22:32:08.933Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/json-path/JsonPath/issues/973"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse() method."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-27T20:56:22.383078",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/json-path/JsonPath/issues/973"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-51074",
    "datePublished": "2023-12-27T00:00:00",
    "dateReserved": "2023-12-18T00:00:00",
    "dateUpdated": "2024-08-02T22:32:08.933Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-51074\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2023-12-27T21:15:08.253\",\"lastModified\":\"2025-09-12T18:45:08.097\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse() method.\"},{\"lang\":\"es\",\"value\":\"Se descubri\u00f3 que json-path v2.8.0 conten\u00eda un desbordamiento de pila mediante el m\u00e9todo Criteria.parse().\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:json-path:jayway_jsonpath:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.2.0\",\"versionEndExcluding\":\"2.9.0\",\"matchCriteriaId\":\"4687EA2C-6DAA-4FC9-813B-68B1235AE77E\"}]}]}],\"references\":[{\"url\":\"https://github.com/json-path/JsonPath/issues/973\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/json-path/JsonPath/issues/973\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]}]}}"
  }
}

WID-SEC-W-2024-0351

Vulnerability from csaf_certbund

Published

2024-02-12 23:00

Modified

2024-05-30 22:00

Summary

Red Hat OpenShift und Apache Camel: Schwachstelle ermöglicht Denial of Service

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud. Apache Camel ist ein Integrations-Framework, das Enterprise Integration Patterns implementiert.

Angriff

Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat OpenShift und Apache Camel ausnutzen, um einen Denial of Service Angriff durchzuführen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) L\u00f6sung zur Bereitstellung von Applikationen in der Cloud.\r\nApache Camel ist ein Integrations-Framework, das Enterprise Integration Patterns implementiert.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat OpenShift und Apache Camel ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0351 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0351.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0351 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0351"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory  vom 2024-02-12",
        "url": "https://access.redhat.com/errata/RHSA-2024:0792"
      },
      {
        "category": "external",
        "summary": "GitHub Advisory \u0026 POC",
        "url": "https://github.com/json-path/JsonPath/issues/973"
      },
      {
        "category": "external",
        "summary": "Red Hat Bugzilla \u2013 Bug 2256063",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2707 vom 2024-05-06",
        "url": "https://access.redhat.com/errata/RHSA-2024:2707"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3527 vom 2024-05-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:3527"
      }
    ],
    "source_lang": "en-US",
    "title": "Red Hat OpenShift und Apache Camel: Schwachstelle erm\u00f6glicht Denial of Service",
    "tracking": {
      "current_release_date": "2024-05-30T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:05:06.953+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-0351",
      "initial_release_date": "2024-02-12T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-02-12T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-05-06T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-05-30T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Red Hat aufgenommen"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c4.0",
                "product": {
                  "name": "Apache Camel \u003c4.0",
                  "product_id": "T028461"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c3.20.5",
                "product": {
                  "name": "Apache Camel \u003c3.20.5",
                  "product_id": "T032694"
                }
              }
            ],
            "category": "product_name",
            "name": "Camel"
          }
        ],
        "category": "vendor",
        "name": "Apache"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Red Hat OpenShift",
            "product": {
              "name": "Red Hat OpenShift",
              "product_id": "T032693",
              "product_identification_helper": {
                "cpe": "cpe:/a:redhat:openshift:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-51074",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Red Hat OpenShift und Apache Camel. Dieser Fehler besteht in der Methode Criteria.parse in json-path aufgrund einer unkontrollierten Rekursion, die zu einem stapelbasierten Puffer\u00fcberlauf f\u00fchrt. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T032693"
        ]
      },
      "release_date": "2024-02-12T23:00:00.000+00:00",
      "title": "CVE-2023-51074"
    }
  ]
}

WID-SEC-W-2024-0869

Vulnerability from csaf_certbund

Published

2024-04-16 22:00

Modified

2024-11-21 23:00

Summary

Oracle Communications: Mehrere Schwachstellen

Notes

Produktbeschreibung

Oracle Communications umfasst branchenspezifische Lösungen für die Telekommunikationsbranche.

Angriff

Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Communications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.

Betroffene Betriebssysteme

- Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Oracle Communications umfasst branchenspezifische L\u00f6sungen f\u00fcr die Telekommunikationsbranche.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Communications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0869 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0869.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0869 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0869"
      },
      {
        "category": "external",
        "summary": "Oracle Critical Patch Update Advisory - April 2024 - Appendix Oracle Communications vom 2024-04-16",
        "url": "https://www.oracle.com/security-alerts/cpuapr2024.html#AppendixCGBU"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1878 vom 2024-04-18",
        "url": "https://access.redhat.com/errata/RHSA-2024:1878"
      },
      {
        "category": "external",
        "summary": "Gentoo Linux Security Advisory GLSA-202405-01 vom 2024-05-04",
        "url": "https://security.gentoo.org/glsa/202405-01"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:7987 vom 2024-10-10",
        "url": "https://access.redhat.com/errata/RHSA-2024:7987"
      },
      {
        "category": "external",
        "summary": "XEROX Security Advisory XRX24-017 vom 2024-11-21",
        "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2024/11/Xerox-Security-Bulletin-XRX24-017-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf"
      }
    ],
    "source_lang": "en-US",
    "title": "Oracle Communications: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-11-21T23:00:00.000+00:00",
      "generator": {
        "date": "2024-11-22T10:07:06.493+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.8"
        }
      },
      "id": "WID-SEC-W-2024-0869",
      "initial_release_date": "2024-04-16T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-04-16T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-04-17T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-05-05T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Gentoo aufgenommen"
        },
        {
          "date": "2024-10-10T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-11-21T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von XEROX aufgenommen"
        }
      ],
      "status": "final",
      "version": "5"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Gentoo Linux",
            "product": {
              "name": "Gentoo Linux",
              "product_id": "T012167",
              "product_identification_helper": {
                "cpe": "cpe:/o:gentoo:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Gentoo"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "5",
                "product": {
                  "name": "Oracle Communications 5.0",
                  "product_id": "T021645",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:5.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "22.4.0",
                "product": {
                  "name": "Oracle Communications 22.4.0",
                  "product_id": "T024981",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:22.4.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23.1.0",
                "product": {
                  "name": "Oracle Communications 23.1.0",
                  "product_id": "T027326",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.1.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23.2.0",
                "product": {
                  "name": "Oracle Communications 23.2.0",
                  "product_id": "T028682",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.2.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "5.1",
                "product": {
                  "name": "Oracle Communications 5.1",
                  "product_id": "T028684",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:5.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23.2.2",
                "product": {
                  "name": "Oracle Communications 23.2.2",
                  "product_id": "T030583",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.2.2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23.3.0",
                "product": {
                  "name": "Oracle Communications 23.3.0",
                  "product_id": "T030586",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.3.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9.0.0.0",
                "product": {
                  "name": "Oracle Communications 9.0.0.0",
                  "product_id": "T030589",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:9.0.0.0"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=7.2.1.0.0",
                "product": {
                  "name": "Oracle Communications \u003c=7.2.1.0.0",
                  "product_id": "T030593"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=7.2.1.0.0",
                "product": {
                  "name": "Oracle Communications \u003c=7.2.1.0.0",
                  "product_id": "T030593-fixed"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=9.0.2",
                "product": {
                  "name": "Oracle Communications \u003c=9.0.2",
                  "product_id": "T030595"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=9.0.2",
                "product": {
                  "name": "Oracle Communications \u003c=9.0.2",
                  "product_id": "T030595-fixed"
                }
              },
              {
                "category": "product_version",
                "name": "23.3.1",
                "product": {
                  "name": "Oracle Communications 23.3.1",
                  "product_id": "T032088",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.3.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23.4.0",
                "product": {
                  "name": "Oracle Communications 23.4.0",
                  "product_id": "T032091",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.4.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23.4.1",
                "product": {
                  "name": "Oracle Communications 23.4.1",
                  "product_id": "T034143",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.4.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=23.4.2",
                "product": {
                  "name": "Oracle Communications \u003c=23.4.2",
                  "product_id": "T034144"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=23.4.2",
                "product": {
                  "name": "Oracle Communications \u003c=23.4.2",
                  "product_id": "T034144-fixed"
                }
              },
              {
                "category": "product_version",
                "name": "24.1.0",
                "product": {
                  "name": "Oracle Communications 24.1.0",
                  "product_id": "T034145",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:24.1.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "5.2",
                "product": {
                  "name": "Oracle Communications 5.2",
                  "product_id": "T034146",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:5.2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "24.1.0.0.0",
                "product": {
                  "name": "Oracle Communications 24.1.0.0.0",
                  "product_id": "T034147",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:24.1.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23.3.2",
                "product": {
                  "name": "Oracle Communications 23.3.2",
                  "product_id": "T034148",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.3.2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "14.0.0.0.0",
                "product": {
                  "name": "Oracle Communications 14.0.0.0.0",
                  "product_id": "T034149",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:14.0.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9.1.1.7.0",
                "product": {
                  "name": "Oracle Communications 9.1.1.7.0",
                  "product_id": "T034150",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:9.1.1.7.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Communications"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "v9",
                "product": {
                  "name": "Xerox FreeFlow Print Server v9",
                  "product_id": "T015632",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:xerox:freeflow_print_server:v9"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "FreeFlow Print Server"
          }
        ],
        "category": "vendor",
        "name": "Xerox"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-40152",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2022-40152"
    },
    {
      "cve": "CVE-2022-40896",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2022-40896"
    },
    {
      "cve": "CVE-2022-45688",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2022-45688"
    },
    {
      "cve": "CVE-2023-2283",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-2283"
    },
    {
      "cve": "CVE-2023-31122",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-31122"
    },
    {
      "cve": "CVE-2023-33201",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-33201"
    },
    {
      "cve": "CVE-2023-34053",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-34053"
    },
    {
      "cve": "CVE-2023-34055",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-34055"
    },
    {
      "cve": "CVE-2023-4016",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-4016"
    },
    {
      "cve": "CVE-2023-41056",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-41056"
    },
    {
      "cve": "CVE-2023-43496",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-43496"
    },
    {
      "cve": "CVE-2023-44487",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-44487"
    },
    {
      "cve": "CVE-2023-45142",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-45142"
    },
    {
      "cve": "CVE-2023-4641",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-4641"
    },
    {
      "cve": "CVE-2023-46589",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-46589"
    },
    {
      "cve": "CVE-2023-47100",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-47100"
    },
    {
      "cve": "CVE-2023-4863",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-4863"
    },
    {
      "cve": "CVE-2023-48795",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-48795"
    },
    {
      "cve": "CVE-2023-49083",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-49083"
    },
    {
      "cve": "CVE-2023-5072",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-5072"
    },
    {
      "cve": "CVE-2023-51074",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-51074"
    },
    {
      "cve": "CVE-2023-51257",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-51257"
    },
    {
      "cve": "CVE-2023-51775",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-51775"
    },
    {
      "cve": "CVE-2023-5341",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-5341"
    },
    {
      "cve": "CVE-2023-5363",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-5363"
    },
    {
      "cve": "CVE-2023-6507",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-6507"
    },
    {
      "cve": "CVE-2024-1635",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-1635"
    },
    {
      "cve": "CVE-2024-21626",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-21626"
    },
    {
      "cve": "CVE-2024-22201",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-22201"
    },
    {
      "cve": "CVE-2024-22233",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-22233"
    },
    {
      "cve": "CVE-2024-22257",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-22257"
    },
    {
      "cve": "CVE-2024-22259",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-22259"
    },
    {
      "cve": "CVE-2024-25062",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-25062"
    },
    {
      "cve": "CVE-2024-26130",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-26130"
    },
    {
      "cve": "CVE-2024-26308",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-26308"
    }
  ]
}

wid-sec-w-2024-0537

Vulnerability from csaf_certbund

Published

2024-03-03 23:00

Modified

2024-03-17 23:00

Summary

IBM Business Automation Workflow: Mehrere Schwachstellen

Notes

Produktbeschreibung

IBM Business Automation Workflow ist eine Lösung zur Automatisierung von Arbeitsabläufen.

Angriff

Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in IBM Business Automation Workflow ausnutzen, um Sicherheitsmaßnahmen zu umgehen oder einen Denial-of-Service-Zustand zu verursachen.

Betroffene Betriebssysteme

- Sonstiges

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "IBM Business Automation Workflow ist eine L\u00f6sung zur Automatisierung von Arbeitsabl\u00e4ufen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in IBM Business Automation Workflow ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu verursachen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0537 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0537.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0537 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0537"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin vom 2024-03-03",
        "url": "https://www.ibm.com/support/pages/security-bulletin-denial-service-vulnerability-affect-ibm-business-automation-workflow-event-emitters-cve-2023-51074"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin vom 2024-03-03",
        "url": "https://www.ibm.com/support/pages/node/7129317"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin vom 2024-03-03",
        "url": "https://www.ibm.com/support/pages/node/7129249"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7142190 vom 2024-03-15",
        "url": "https://www.ibm.com/support/pages/node/7142190"
      }
    ],
    "source_lang": "en-US",
    "title": "IBM Business Automation Workflow: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-03-17T23:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:06:01.587+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-0537",
      "initial_release_date": "2024-03-03T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-03-03T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-03-17T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von IBM aufgenommen"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "11.0.0.1 - 11.0.0.24",
                "product": {
                  "name": "IBM App Connect Enterprise 11.0.0.1 - 11.0.0.24",
                  "product_id": "T032331",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:app_connect_enterprise:11.0.0.1_-_11.0.0.24"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "12.0.1.0 - 12.0.11.1",
                "product": {
                  "name": "IBM App Connect Enterprise 12.0.1.0 - 12.0.11.1",
                  "product_id": "T033333",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:app_connect_enterprise:12.0.1.0_-_12.0.11.1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "App Connect Enterprise"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c 23.0.2-IF002",
                "product": {
                  "name": "IBM Business Automation Workflow \u003c 23.0.2-IF002",
                  "product_id": "T033215"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c 21.0.3-IF030",
                "product": {
                  "name": "IBM Business Automation Workflow \u003c 21.0.3-IF030",
                  "product_id": "T033216"
                }
              }
            ],
            "category": "product_name",
            "name": "Business Automation Workflow"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-46337",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in IBM Business Automation Workflow. Dieser Fehler besteht in der Apache Derby-Komponente aufgrund eines LDAP-Injektionsproblems, das es erm\u00f6glicht, sensible Daten anzuzeigen und zu besch\u00e4digen sowie sensible Datenbankfunktionen und -prozeduren auszuf\u00fchren. Durch das Senden einer speziell gestalteten Anfrage kann ein entfernter, anonymer Angreifer diese Schwachstelle ausnutzen, um die Sicherheitsma\u00dfnahmen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032331",
          "T033333"
        ]
      },
      "release_date": "2024-03-03T23:00:00.000+00:00",
      "title": "CVE-2022-46337"
    },
    {
      "cve": "CVE-2023-51074",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in IBM Business Automation Workflow. Dieser Fehler besteht in der Komponente json-path aufgrund eines stapelbasierten Puffer\u00fcberlaufproblems, das zu einer unkontrollierten Rekursion f\u00fchrt. Durch Senden einer speziell gestalteten Eingabe kann ein entfernter, anonymer Angreifer diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032331",
          "T033333"
        ]
      },
      "release_date": "2024-03-03T23:00:00.000+00:00",
      "title": "CVE-2023-51074"
    }
  ]
}

WID-SEC-W-2024-0537

Vulnerability from csaf_certbund

Published

2024-03-03 23:00

Modified

2024-03-17 23:00

Summary

IBM Business Automation Workflow: Mehrere Schwachstellen

Notes

Produktbeschreibung

IBM Business Automation Workflow ist eine Lösung zur Automatisierung von Arbeitsabläufen.

Angriff

Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in IBM Business Automation Workflow ausnutzen, um Sicherheitsmaßnahmen zu umgehen oder einen Denial-of-Service-Zustand zu verursachen.

Betroffene Betriebssysteme

- Sonstiges

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "IBM Business Automation Workflow ist eine L\u00f6sung zur Automatisierung von Arbeitsabl\u00e4ufen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in IBM Business Automation Workflow ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu verursachen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0537 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0537.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0537 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0537"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin vom 2024-03-03",
        "url": "https://www.ibm.com/support/pages/security-bulletin-denial-service-vulnerability-affect-ibm-business-automation-workflow-event-emitters-cve-2023-51074"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin vom 2024-03-03",
        "url": "https://www.ibm.com/support/pages/node/7129317"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin vom 2024-03-03",
        "url": "https://www.ibm.com/support/pages/node/7129249"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7142190 vom 2024-03-15",
        "url": "https://www.ibm.com/support/pages/node/7142190"
      }
    ],
    "source_lang": "en-US",
    "title": "IBM Business Automation Workflow: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-03-17T23:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:06:01.587+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-0537",
      "initial_release_date": "2024-03-03T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-03-03T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-03-17T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von IBM aufgenommen"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "11.0.0.1 - 11.0.0.24",
                "product": {
                  "name": "IBM App Connect Enterprise 11.0.0.1 - 11.0.0.24",
                  "product_id": "T032331",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:app_connect_enterprise:11.0.0.1_-_11.0.0.24"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "12.0.1.0 - 12.0.11.1",
                "product": {
                  "name": "IBM App Connect Enterprise 12.0.1.0 - 12.0.11.1",
                  "product_id": "T033333",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:app_connect_enterprise:12.0.1.0_-_12.0.11.1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "App Connect Enterprise"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c 23.0.2-IF002",
                "product": {
                  "name": "IBM Business Automation Workflow \u003c 23.0.2-IF002",
                  "product_id": "T033215"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c 21.0.3-IF030",
                "product": {
                  "name": "IBM Business Automation Workflow \u003c 21.0.3-IF030",
                  "product_id": "T033216"
                }
              }
            ],
            "category": "product_name",
            "name": "Business Automation Workflow"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-46337",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in IBM Business Automation Workflow. Dieser Fehler besteht in der Apache Derby-Komponente aufgrund eines LDAP-Injektionsproblems, das es erm\u00f6glicht, sensible Daten anzuzeigen und zu besch\u00e4digen sowie sensible Datenbankfunktionen und -prozeduren auszuf\u00fchren. Durch das Senden einer speziell gestalteten Anfrage kann ein entfernter, anonymer Angreifer diese Schwachstelle ausnutzen, um die Sicherheitsma\u00dfnahmen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032331",
          "T033333"
        ]
      },
      "release_date": "2024-03-03T23:00:00.000+00:00",
      "title": "CVE-2022-46337"
    },
    {
      "cve": "CVE-2023-51074",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in IBM Business Automation Workflow. Dieser Fehler besteht in der Komponente json-path aufgrund eines stapelbasierten Puffer\u00fcberlaufproblems, das zu einer unkontrollierten Rekursion f\u00fchrt. Durch Senden einer speziell gestalteten Eingabe kann ein entfernter, anonymer Angreifer diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032331",
          "T033333"
        ]
      },
      "release_date": "2024-03-03T23:00:00.000+00:00",
      "title": "CVE-2023-51074"
    }
  ]
}

wid-sec-w-2024-0869

Vulnerability from csaf_certbund

Published

2024-04-16 22:00

Modified

2024-11-21 23:00

Summary

Oracle Communications: Mehrere Schwachstellen

Notes

Produktbeschreibung

Oracle Communications umfasst branchenspezifische Lösungen für die Telekommunikationsbranche.

Angriff

Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Communications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.

Betroffene Betriebssysteme

- Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Oracle Communications umfasst branchenspezifische L\u00f6sungen f\u00fcr die Telekommunikationsbranche.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Communications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0869 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0869.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0869 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0869"
      },
      {
        "category": "external",
        "summary": "Oracle Critical Patch Update Advisory - April 2024 - Appendix Oracle Communications vom 2024-04-16",
        "url": "https://www.oracle.com/security-alerts/cpuapr2024.html#AppendixCGBU"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1878 vom 2024-04-18",
        "url": "https://access.redhat.com/errata/RHSA-2024:1878"
      },
      {
        "category": "external",
        "summary": "Gentoo Linux Security Advisory GLSA-202405-01 vom 2024-05-04",
        "url": "https://security.gentoo.org/glsa/202405-01"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:7987 vom 2024-10-10",
        "url": "https://access.redhat.com/errata/RHSA-2024:7987"
      },
      {
        "category": "external",
        "summary": "XEROX Security Advisory XRX24-017 vom 2024-11-21",
        "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2024/11/Xerox-Security-Bulletin-XRX24-017-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf"
      }
    ],
    "source_lang": "en-US",
    "title": "Oracle Communications: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-11-21T23:00:00.000+00:00",
      "generator": {
        "date": "2024-11-22T10:07:06.493+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.8"
        }
      },
      "id": "WID-SEC-W-2024-0869",
      "initial_release_date": "2024-04-16T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-04-16T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-04-17T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-05-05T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Gentoo aufgenommen"
        },
        {
          "date": "2024-10-10T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-11-21T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von XEROX aufgenommen"
        }
      ],
      "status": "final",
      "version": "5"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Gentoo Linux",
            "product": {
              "name": "Gentoo Linux",
              "product_id": "T012167",
              "product_identification_helper": {
                "cpe": "cpe:/o:gentoo:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Gentoo"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "5",
                "product": {
                  "name": "Oracle Communications 5.0",
                  "product_id": "T021645",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:5.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "22.4.0",
                "product": {
                  "name": "Oracle Communications 22.4.0",
                  "product_id": "T024981",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:22.4.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23.1.0",
                "product": {
                  "name": "Oracle Communications 23.1.0",
                  "product_id": "T027326",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.1.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23.2.0",
                "product": {
                  "name": "Oracle Communications 23.2.0",
                  "product_id": "T028682",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.2.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "5.1",
                "product": {
                  "name": "Oracle Communications 5.1",
                  "product_id": "T028684",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:5.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23.2.2",
                "product": {
                  "name": "Oracle Communications 23.2.2",
                  "product_id": "T030583",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.2.2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23.3.0",
                "product": {
                  "name": "Oracle Communications 23.3.0",
                  "product_id": "T030586",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.3.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9.0.0.0",
                "product": {
                  "name": "Oracle Communications 9.0.0.0",
                  "product_id": "T030589",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:9.0.0.0"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=7.2.1.0.0",
                "product": {
                  "name": "Oracle Communications \u003c=7.2.1.0.0",
                  "product_id": "T030593"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=7.2.1.0.0",
                "product": {
                  "name": "Oracle Communications \u003c=7.2.1.0.0",
                  "product_id": "T030593-fixed"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=9.0.2",
                "product": {
                  "name": "Oracle Communications \u003c=9.0.2",
                  "product_id": "T030595"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=9.0.2",
                "product": {
                  "name": "Oracle Communications \u003c=9.0.2",
                  "product_id": "T030595-fixed"
                }
              },
              {
                "category": "product_version",
                "name": "23.3.1",
                "product": {
                  "name": "Oracle Communications 23.3.1",
                  "product_id": "T032088",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.3.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23.4.0",
                "product": {
                  "name": "Oracle Communications 23.4.0",
                  "product_id": "T032091",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.4.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23.4.1",
                "product": {
                  "name": "Oracle Communications 23.4.1",
                  "product_id": "T034143",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.4.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=23.4.2",
                "product": {
                  "name": "Oracle Communications \u003c=23.4.2",
                  "product_id": "T034144"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=23.4.2",
                "product": {
                  "name": "Oracle Communications \u003c=23.4.2",
                  "product_id": "T034144-fixed"
                }
              },
              {
                "category": "product_version",
                "name": "24.1.0",
                "product": {
                  "name": "Oracle Communications 24.1.0",
                  "product_id": "T034145",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:24.1.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "5.2",
                "product": {
                  "name": "Oracle Communications 5.2",
                  "product_id": "T034146",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:5.2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "24.1.0.0.0",
                "product": {
                  "name": "Oracle Communications 24.1.0.0.0",
                  "product_id": "T034147",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:24.1.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23.3.2",
                "product": {
                  "name": "Oracle Communications 23.3.2",
                  "product_id": "T034148",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.3.2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "14.0.0.0.0",
                "product": {
                  "name": "Oracle Communications 14.0.0.0.0",
                  "product_id": "T034149",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:14.0.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9.1.1.7.0",
                "product": {
                  "name": "Oracle Communications 9.1.1.7.0",
                  "product_id": "T034150",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:9.1.1.7.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Communications"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "v9",
                "product": {
                  "name": "Xerox FreeFlow Print Server v9",
                  "product_id": "T015632",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:xerox:freeflow_print_server:v9"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "FreeFlow Print Server"
          }
        ],
        "category": "vendor",
        "name": "Xerox"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-40152",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2022-40152"
    },
    {
      "cve": "CVE-2022-40896",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2022-40896"
    },
    {
      "cve": "CVE-2022-45688",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2022-45688"
    },
    {
      "cve": "CVE-2023-2283",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-2283"
    },
    {
      "cve": "CVE-2023-31122",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-31122"
    },
    {
      "cve": "CVE-2023-33201",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-33201"
    },
    {
      "cve": "CVE-2023-34053",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-34053"
    },
    {
      "cve": "CVE-2023-34055",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-34055"
    },
    {
      "cve": "CVE-2023-4016",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-4016"
    },
    {
      "cve": "CVE-2023-41056",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-41056"
    },
    {
      "cve": "CVE-2023-43496",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-43496"
    },
    {
      "cve": "CVE-2023-44487",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-44487"
    },
    {
      "cve": "CVE-2023-45142",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-45142"
    },
    {
      "cve": "CVE-2023-4641",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-4641"
    },
    {
      "cve": "CVE-2023-46589",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-46589"
    },
    {
      "cve": "CVE-2023-47100",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-47100"
    },
    {
      "cve": "CVE-2023-4863",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-4863"
    },
    {
      "cve": "CVE-2023-48795",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-48795"
    },
    {
      "cve": "CVE-2023-49083",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-49083"
    },
    {
      "cve": "CVE-2023-5072",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-5072"
    },
    {
      "cve": "CVE-2023-51074",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-51074"
    },
    {
      "cve": "CVE-2023-51257",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-51257"
    },
    {
      "cve": "CVE-2023-51775",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-51775"
    },
    {
      "cve": "CVE-2023-5341",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-5341"
    },
    {
      "cve": "CVE-2023-5363",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-5363"
    },
    {
      "cve": "CVE-2023-6507",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2023-6507"
    },
    {
      "cve": "CVE-2024-1635",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-1635"
    },
    {
      "cve": "CVE-2024-21626",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-21626"
    },
    {
      "cve": "CVE-2024-22201",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-22201"
    },
    {
      "cve": "CVE-2024-22233",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-22233"
    },
    {
      "cve": "CVE-2024-22257",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-22257"
    },
    {
      "cve": "CVE-2024-22259",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-22259"
    },
    {
      "cve": "CVE-2024-25062",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-25062"
    },
    {
      "cve": "CVE-2024-26130",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-26130"
    },
    {
      "cve": "CVE-2024-26308",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028682",
          "T034149",
          "T030586",
          "T034148",
          "T030589",
          "67646",
          "T034143",
          "T015632",
          "T012167",
          "T034147",
          "T034146",
          "T030583",
          "T034145",
          "T032088",
          "T034150",
          "T021645",
          "T032091",
          "T027326",
          "T024981",
          "T028684"
        ],
        "last_affected": [
          "T030595",
          "T030593",
          "T034144"
        ]
      },
      "release_date": "2024-04-16T22:00:00.000+00:00",
      "title": "CVE-2024-26308"
    }
  ]
}

wid-sec-w-2024-0351

Vulnerability from csaf_certbund

Published

2024-02-12 23:00

Modified

2024-05-30 22:00

Summary

Red Hat OpenShift und Apache Camel: Schwachstelle ermöglicht Denial of Service

Notes

Produktbeschreibung

Angriff

Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat OpenShift und Apache Camel ausnutzen, um einen Denial of Service Angriff durchzuführen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) L\u00f6sung zur Bereitstellung von Applikationen in der Cloud.\r\nApache Camel ist ein Integrations-Framework, das Enterprise Integration Patterns implementiert.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat OpenShift und Apache Camel ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0351 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0351.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0351 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0351"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory  vom 2024-02-12",
        "url": "https://access.redhat.com/errata/RHSA-2024:0792"
      },
      {
        "category": "external",
        "summary": "GitHub Advisory \u0026 POC",
        "url": "https://github.com/json-path/JsonPath/issues/973"
      },
      {
        "category": "external",
        "summary": "Red Hat Bugzilla \u2013 Bug 2256063",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2707 vom 2024-05-06",
        "url": "https://access.redhat.com/errata/RHSA-2024:2707"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3527 vom 2024-05-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:3527"
      }
    ],
    "source_lang": "en-US",
    "title": "Red Hat OpenShift und Apache Camel: Schwachstelle erm\u00f6glicht Denial of Service",
    "tracking": {
      "current_release_date": "2024-05-30T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:05:06.953+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-0351",
      "initial_release_date": "2024-02-12T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-02-12T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-05-06T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-05-30T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Red Hat aufgenommen"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c4.0",
                "product": {
                  "name": "Apache Camel \u003c4.0",
                  "product_id": "T028461"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c3.20.5",
                "product": {
                  "name": "Apache Camel \u003c3.20.5",
                  "product_id": "T032694"
                }
              }
            ],
            "category": "product_name",
            "name": "Camel"
          }
        ],
        "category": "vendor",
        "name": "Apache"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Red Hat OpenShift",
            "product": {
              "name": "Red Hat OpenShift",
              "product_id": "T032693",
              "product_identification_helper": {
                "cpe": "cpe:/a:redhat:openshift:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-51074",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Red Hat OpenShift und Apache Camel. Dieser Fehler besteht in der Methode Criteria.parse in json-path aufgrund einer unkontrollierten Rekursion, die zu einem stapelbasierten Puffer\u00fcberlauf f\u00fchrt. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T032693"
        ]
      },
      "release_date": "2024-02-12T23:00:00.000+00:00",
      "title": "CVE-2023-51074"
    }
  ]
}

wid-sec-w-2024-1638

Vulnerability from csaf_certbund

Published

2024-07-16 22:00

Modified

2024-07-16 22:00

Summary

Oracle Financial Services Applications: Mehrere Schwachstellen

Notes

Produktbeschreibung

Oracle Financial Services ist eine Zusammenstellung von Anwendungen für den Finanzsektor und eine Technologiebasis zur Erfüllung von IT- und Geschäftsanforderungen.

Angriff

Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Financial Services Applications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.

Betroffene Betriebssysteme

- Sonstiges - UNIX - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Oracle Financial Services ist eine Zusammenstellung  von Anwendungen f\u00fcr den Finanzsektor und eine Technologiebasis zur Erf\u00fcllung von IT- und Gesch\u00e4ftsanforderungen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Financial Services Applications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1638 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1638.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1638 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1638"
      },
      {
        "category": "external",
        "summary": "Oracle Critical Patch Update Advisory - July 2024 - Appendix Oracle Financial Services Applications vom 2024-07-16",
        "url": "https://www.oracle.com/security-alerts/cpujul2024.html#AppendixIFLX"
      }
    ],
    "source_lang": "en-US",
    "title": "Oracle Financial Services Applications: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-07-16T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:11:26.257+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-1638",
      "initial_release_date": "2024-07-16T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-07-16T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "8.1.1",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.1",
                  "product_id": "T019891",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.7",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.7",
                  "product_id": "T021676",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.8",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.8",
                  "product_id": "T021677",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.1.1",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.1.1",
                  "product_id": "T022835",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.1.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.8.0",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.8.0",
                  "product_id": "T022841",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.8.1",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.8.1",
                  "product_id": "T022844",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.7.3",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.7.3",
                  "product_id": "T024989",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.7.3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "14.7.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 14.7.0.0.0",
                  "product_id": "T028702",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:14.7.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.2",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.2",
                  "product_id": "T028705",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.2.5",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.2.5",
                  "product_id": "T028706",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.2.6",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.2.6",
                  "product_id": "T032104",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "14.5.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 14.5.0.0.0",
                  "product_id": "T034160",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:14.5.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "14.6.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 14.6.0.0.0",
                  "product_id": "T034161",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:14.6.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "2.12.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 2.12.0.0.0",
                  "product_id": "T034162",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:2.12.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "2.7.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 2.7.0.0.0",
                  "product_id": "T034163",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:2.7.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "14.4.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 14.4.0.0.0",
                  "product_id": "T036215",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:14.4.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.8.3",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.8.3",
                  "product_id": "T036216",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.2.7",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.2.7",
                  "product_id": "T036217",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.8.2.8",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.8.2.8",
                  "product_id": "T036218",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.2.8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.1.1.18",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.1.1.18",
                  "product_id": "T036219",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.1.1.18"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.2.6.4",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.2.6.4",
                  "product_id": "T036220",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.6.4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.2.7.3",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.2.7.3",
                  "product_id": "T036221",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.7.3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "6.0.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 6.0.0.0.0",
                  "product_id": "T036222",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:6.0.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "6.1.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 6.1.0.0.0",
                  "product_id": "T036223",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:6.1.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "2.4.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 2.4.0.0.0",
                  "product_id": "T036224",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:2.4.0.0.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Financial Services Applications"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-36944",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2022-36944"
    },
    {
      "cve": "CVE-2023-26031",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-26031"
    },
    {
      "cve": "CVE-2023-34055",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-34055"
    },
    {
      "cve": "CVE-2023-44483",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-44483"
    },
    {
      "cve": "CVE-2023-47248",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-47248"
    },
    {
      "cve": "CVE-2023-50447",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-50447"
    },
    {
      "cve": "CVE-2023-51074",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-51074"
    },
    {
      "cve": "CVE-2023-52425",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-52425"
    },
    {
      "cve": "CVE-2023-6129",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-6129"
    },
    {
      "cve": "CVE-2024-21188",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-21188"
    },
    {
      "cve": "CVE-2024-22201",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-22201"
    },
    {
      "cve": "CVE-2024-22262",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-22262"
    },
    {
      "cve": "CVE-2024-23807",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-23807"
    },
    {
      "cve": "CVE-2024-24549",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-24549"
    },
    {
      "cve": "CVE-2024-24816",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-24816"
    },
    {
      "cve": "CVE-2024-25062",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-25062"
    },
    {
      "cve": "CVE-2024-2511",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-2511"
    },
    {
      "cve": "CVE-2024-26308",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-26308"
    },
    {
      "cve": "CVE-2024-29025",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-29025"
    },
    {
      "cve": "CVE-2024-29133",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-29133"
    },
    {
      "cve": "CVE-2024-32114",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-32114"
    }
  ]
}

WID-SEC-W-2024-1638

Vulnerability from csaf_certbund

Published

2024-07-16 22:00

Modified

2024-07-16 22:00

Summary

Oracle Financial Services Applications: Mehrere Schwachstellen

Notes

Produktbeschreibung

Oracle Financial Services ist eine Zusammenstellung von Anwendungen für den Finanzsektor und eine Technologiebasis zur Erfüllung von IT- und Geschäftsanforderungen.

Angriff

Betroffene Betriebssysteme

- Sonstiges - UNIX - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Oracle Financial Services ist eine Zusammenstellung  von Anwendungen f\u00fcr den Finanzsektor und eine Technologiebasis zur Erf\u00fcllung von IT- und Gesch\u00e4ftsanforderungen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Financial Services Applications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1638 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1638.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1638 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1638"
      },
      {
        "category": "external",
        "summary": "Oracle Critical Patch Update Advisory - July 2024 - Appendix Oracle Financial Services Applications vom 2024-07-16",
        "url": "https://www.oracle.com/security-alerts/cpujul2024.html#AppendixIFLX"
      }
    ],
    "source_lang": "en-US",
    "title": "Oracle Financial Services Applications: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-07-16T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:11:26.257+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-1638",
      "initial_release_date": "2024-07-16T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-07-16T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "8.1.1",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.1",
                  "product_id": "T019891",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.7",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.7",
                  "product_id": "T021676",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.8",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.8",
                  "product_id": "T021677",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.1.1",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.1.1",
                  "product_id": "T022835",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.1.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.8.0",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.8.0",
                  "product_id": "T022841",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.8.1",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.8.1",
                  "product_id": "T022844",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.7.3",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.7.3",
                  "product_id": "T024989",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.7.3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "14.7.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 14.7.0.0.0",
                  "product_id": "T028702",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:14.7.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.2",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.2",
                  "product_id": "T028705",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.2.5",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.2.5",
                  "product_id": "T028706",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.2.6",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.2.6",
                  "product_id": "T032104",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "14.5.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 14.5.0.0.0",
                  "product_id": "T034160",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:14.5.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "14.6.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 14.6.0.0.0",
                  "product_id": "T034161",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:14.6.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "2.12.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 2.12.0.0.0",
                  "product_id": "T034162",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:2.12.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "2.7.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 2.7.0.0.0",
                  "product_id": "T034163",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:2.7.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "14.4.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 14.4.0.0.0",
                  "product_id": "T036215",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:14.4.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.8.3",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.8.3",
                  "product_id": "T036216",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.2.7",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.2.7",
                  "product_id": "T036217",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.8.2.8",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.8.2.8",
                  "product_id": "T036218",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.2.8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.1.1.18",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.1.1.18",
                  "product_id": "T036219",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.1.1.18"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.2.6.4",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.2.6.4",
                  "product_id": "T036220",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.6.4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.2.7.3",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.2.7.3",
                  "product_id": "T036221",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.7.3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "6.0.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 6.0.0.0.0",
                  "product_id": "T036222",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:6.0.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "6.1.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 6.1.0.0.0",
                  "product_id": "T036223",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:6.1.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "2.4.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 2.4.0.0.0",
                  "product_id": "T036224",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:2.4.0.0.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Financial Services Applications"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-36944",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2022-36944"
    },
    {
      "cve": "CVE-2023-26031",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-26031"
    },
    {
      "cve": "CVE-2023-34055",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-34055"
    },
    {
      "cve": "CVE-2023-44483",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-44483"
    },
    {
      "cve": "CVE-2023-47248",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-47248"
    },
    {
      "cve": "CVE-2023-50447",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-50447"
    },
    {
      "cve": "CVE-2023-51074",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-51074"
    },
    {
      "cve": "CVE-2023-52425",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-52425"
    },
    {
      "cve": "CVE-2023-6129",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-6129"
    },
    {
      "cve": "CVE-2024-21188",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-21188"
    },
    {
      "cve": "CVE-2024-22201",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-22201"
    },
    {
      "cve": "CVE-2024-22262",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-22262"
    },
    {
      "cve": "CVE-2024-23807",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-23807"
    },
    {
      "cve": "CVE-2024-24549",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-24549"
    },
    {
      "cve": "CVE-2024-24816",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-24816"
    },
    {
      "cve": "CVE-2024-25062",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-25062"
    },
    {
      "cve": "CVE-2024-2511",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-2511"
    },
    {
      "cve": "CVE-2024-26308",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-26308"
    },
    {
      "cve": "CVE-2024-29025",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-29025"
    },
    {
      "cve": "CVE-2024-29133",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-29133"
    },
    {
      "cve": "CVE-2024-32114",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032104",
          "T036223",
          "T036224",
          "T034163",
          "T034162",
          "T019891",
          "T036220",
          "T036221",
          "T036222",
          "T021677",
          "T022844",
          "T021676",
          "T024989",
          "T028705",
          "T034161",
          "T022841",
          "T028706",
          "T034160",
          "T028702",
          "T036216",
          "T036217",
          "T036218",
          "T036219",
          "T036215",
          "T022835"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-32114"
    }
  ]
}

CERTFR-2025-AVI-0756

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
VMware	Tanzu Platform	Tanzu Platform for Cloud Foundry isolation segment 10.2.2+LTS-T
VMware	Tanzu	Tanzu for MySQL on Cloud Foundry versions antérieures à 10.0.2
VMware	Tanzu	Java Buildpack versions antérieures à 4.84.0
VMware	Tanzu	Stemcells pour Ubuntu Jammy Azure Light versions antérieures à 1.894
VMware	Tanzu Platform	Tanzu Platform for Cloud Foundry isolation segment versions antérieures à 10.0.9
VMware	Tanzu	Tanzu Scheduler versions antérieures à 2.0.20
VMware	Tanzu	Spring Cloud Services for VMware Tanzu versions antérieures à 3.3.9
VMware	Tanzu	Tanzu GemFire versions antérieures à 10.1.4
VMware	Tanzu Operations Manager	Tanzu Operations Manager versions antérieures à 3.1.2
VMware	Tanzu Platform	Tanzu Platform for Cloud Foundry isolation segment versions antérieures à 6.0.19+LTS-T
VMware	Tanzu	Single Sign-On for VMware Tanzu Application Service versions antérieures à 1.16.12
VMware	Tanzu	Tanzu Hub versions antérieures à 10.2.1
VMware	Tanzu	Stemcells pour Ubuntu Jammy versions antérieures à 1.894

References

Title

Publication Time

Tags

Bulletin de sécurité VMware 36093	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36102	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36101	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36100	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36105	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36091	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36078	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36107	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36094	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36097	2025-09-04	vendor-advisory
Bulletin de sécurité VMware DSA-2025-46	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36108	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36095	2025-09-04	vendor-advisory
Bulletin de sécurité VMware DSA-2025-09	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36096	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36106	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36109	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36098	2025-09-04	vendor-advisory
Bulletin de sécurité VMware DSA-2025-68	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36103	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36099	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36092	2025-09-04	vendor-advisory
Bulletin de sécurité VMware 36110	2025-09-04	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Tanzu Platform for Cloud Foundry isolation segment 10.2.2+LTS-T",
      "product": {
        "name": "Tanzu Platform",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu for MySQL on Cloud Foundry versions ant\u00e9rieures \u00e0 10.0.2",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Java Buildpack versions ant\u00e9rieures \u00e0 4.84.0",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Stemcells pour Ubuntu Jammy Azure Light versions ant\u00e9rieures \u00e0 1.894",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Platform for Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 10.0.9",
      "product": {
        "name": "Tanzu Platform",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Scheduler versions ant\u00e9rieures \u00e0 2.0.20",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Spring Cloud Services for VMware Tanzu versions ant\u00e9rieures \u00e0 3.3.9",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu GemFire versions ant\u00e9rieures \u00e0 10.1.4",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Operations Manager versions ant\u00e9rieures \u00e0 3.1.2",
      "product": {
        "name": "Tanzu Operations Manager",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Platform for Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 6.0.19+LTS-T",
      "product": {
        "name": "Tanzu Platform",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Single Sign-On for VMware Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.12",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.2.1",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Stemcells pour Ubuntu Jammy versions ant\u00e9rieures \u00e0 1.894",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2021-44832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
    },
    {
      "name": "CVE-2021-45105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
    },
    {
      "name": "CVE-2021-44228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
    },
    {
      "name": "CVE-2013-1548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1548"
    },
    {
      "name": "CVE-2015-4779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4779"
    },
    {
      "name": "CVE-2015-4780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4780"
    },
    {
      "name": "CVE-2015-4787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4787"
    },
    {
      "name": "CVE-2015-4790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4790"
    },
    {
      "name": "CVE-2015-4778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4778"
    },
    {
      "name": "CVE-2015-4782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4782"
    },
    {
      "name": "CVE-2015-4789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4789"
    },
    {
      "name": "CVE-2015-4764",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4764"
    },
    {
      "name": "CVE-2015-4783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4783"
    },
    {
      "name": "CVE-2015-2583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2583"
    },
    {
      "name": "CVE-2015-4781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4781"
    },
    {
      "name": "CVE-2015-4776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4776"
    },
    {
      "name": "CVE-2015-4786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4786"
    },
    {
      "name": "CVE-2015-2656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2656"
    },
    {
      "name": "CVE-2015-4788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4788"
    },
    {
      "name": "CVE-2015-4785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4785"
    },
    {
      "name": "CVE-2015-4754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4754"
    },
    {
      "name": "CVE-2015-4775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4775"
    },
    {
      "name": "CVE-2015-4777",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4777"
    },
    {
      "name": "CVE-2015-2640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2640"
    },
    {
      "name": "CVE-2015-4774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4774"
    },
    {
      "name": "CVE-2015-2626",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2626"
    },
    {
      "name": "CVE-2015-2624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2624"
    },
    {
      "name": "CVE-2015-4784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4784"
    },
    {
      "name": "CVE-2015-2654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2654"
    },
    {
      "name": "CVE-2017-8046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8046"
    },
    {
      "name": "CVE-2018-3280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3280"
    },
    {
      "name": "CVE-2018-3137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3137"
    },
    {
      "name": "CVE-2018-3285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3285"
    },
    {
      "name": "CVE-2018-3182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3182"
    },
    {
      "name": "CVE-2018-3186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3186"
    },
    {
      "name": "CVE-2018-3195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3195"
    },
    {
      "name": "CVE-2018-3286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3286"
    },
    {
      "name": "CVE-2018-3170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3170"
    },
    {
      "name": "CVE-2018-3279",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3279"
    },
    {
      "name": "CVE-2018-3212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3212"
    },
    {
      "name": "CVE-2018-3203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3203"
    },
    {
      "name": "CVE-2018-3145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3145"
    },
    {
      "name": "CVE-2019-2530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2530"
    },
    {
      "name": "CVE-2019-2436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2436"
    },
    {
      "name": "CVE-2019-2539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2539"
    },
    {
      "name": "CVE-2019-2494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2494"
    },
    {
      "name": "CVE-2019-2535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2535"
    },
    {
      "name": "CVE-2019-2533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2533"
    },
    {
      "name": "CVE-2019-2495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2495"
    },
    {
      "name": "CVE-2019-2513",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2513"
    },
    {
      "name": "CVE-2019-2536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2536"
    },
    {
      "name": "CVE-2019-2502",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2502"
    },
    {
      "name": "CVE-2019-2634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2634"
    },
    {
      "name": "CVE-2019-2587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2587"
    },
    {
      "name": "CVE-2019-2584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2584"
    },
    {
      "name": "CVE-2019-2691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2691"
    },
    {
      "name": "CVE-2019-2606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2606"
    },
    {
      "name": "CVE-2019-2630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2630"
    },
    {
      "name": "CVE-2019-2624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2624"
    },
    {
      "name": "CVE-2019-2623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2623"
    },
    {
      "name": "CVE-2019-2695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2695"
    },
    {
      "name": "CVE-2019-2596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2596"
    },
    {
      "name": "CVE-2019-2580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2580"
    },
    {
      "name": "CVE-2019-2644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2644"
    },
    {
      "name": "CVE-2019-2681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2681"
    },
    {
      "name": "CVE-2019-2617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2617"
    },
    {
      "name": "CVE-2019-2636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2636"
    },
    {
      "name": "CVE-2019-2689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2689"
    },
    {
      "name": "CVE-2019-2693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2693"
    },
    {
      "name": "CVE-2019-2593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2593"
    },
    {
      "name": "CVE-2019-2625",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2625"
    },
    {
      "name": "CVE-2019-2585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2585"
    },
    {
      "name": "CVE-2019-2631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2631"
    },
    {
      "name": "CVE-2019-2694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2694"
    },
    {
      "name": "CVE-2019-2620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2620"
    },
    {
      "name": "CVE-2019-2688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2688"
    },
    {
      "name": "CVE-2019-2589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2589"
    },
    {
      "name": "CVE-2019-2635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2635"
    },
    {
      "name": "CVE-2019-2626",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2626"
    },
    {
      "name": "CVE-2019-2686",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2686"
    },
    {
      "name": "CVE-2019-2685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2685"
    },
    {
      "name": "CVE-2019-2687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2687"
    },
    {
      "name": "CVE-2019-2607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2607"
    },
    {
      "name": "CVE-2019-7317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-7317"
    },
    {
      "name": "CVE-2019-2811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2811"
    },
    {
      "name": "CVE-2019-2740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2740"
    },
    {
      "name": "CVE-2019-2879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2879"
    },
    {
      "name": "CVE-2019-2808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2808"
    },
    {
      "name": "CVE-2019-2738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2738"
    },
    {
      "name": "CVE-2019-2819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2819"
    },
    {
      "name": "CVE-2019-2737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2737"
    },
    {
      "name": "CVE-2019-2814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2814"
    },
    {
      "name": "CVE-2019-2778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2778"
    },
    {
      "name": "CVE-2019-2822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2822"
    },
    {
      "name": "CVE-2019-2802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2802"
    },
    {
      "name": "CVE-2019-2803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2803"
    },
    {
      "name": "CVE-2019-2752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2752"
    },
    {
      "name": "CVE-2019-2826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2826"
    },
    {
      "name": "CVE-2019-2784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2784"
    },
    {
      "name": "CVE-2019-2789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2789"
    },
    {
      "name": "CVE-2019-2801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2801"
    },
    {
      "name": "CVE-2019-2791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2791"
    },
    {
      "name": "CVE-2019-2798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2798"
    },
    {
      "name": "CVE-2019-2796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2796"
    },
    {
      "name": "CVE-2019-2815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2815"
    },
    {
      "name": "CVE-2019-2810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2810"
    },
    {
      "name": "CVE-2019-2780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2780"
    },
    {
      "name": "CVE-2019-2758",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2758"
    },
    {
      "name": "CVE-2019-2757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2757"
    },
    {
      "name": "CVE-2019-2785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2785"
    },
    {
      "name": "CVE-2019-2747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2747"
    },
    {
      "name": "CVE-2019-2741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2741"
    },
    {
      "name": "CVE-2019-2830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2830"
    },
    {
      "name": "CVE-2019-2834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2834"
    },
    {
      "name": "CVE-2019-2743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2743"
    },
    {
      "name": "CVE-2019-2739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2739"
    },
    {
      "name": "CVE-2019-2805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2805"
    },
    {
      "name": "CVE-2019-2797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2797"
    },
    {
      "name": "CVE-2019-2774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2774"
    },
    {
      "name": "CVE-2019-2795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2795"
    },
    {
      "name": "CVE-2019-2746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2746"
    },
    {
      "name": "CVE-2019-2812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2812"
    },
    {
      "name": "CVE-2019-2924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2924"
    },
    {
      "name": "CVE-2019-2914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2914"
    },
    {
      "name": "CVE-2019-2960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2960"
    },
    {
      "name": "CVE-2019-2923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2923"
    },
    {
      "name": "CVE-2019-2968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2968"
    },
    {
      "name": "CVE-2019-2993",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2993"
    },
    {
      "name": "CVE-2019-3009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3009"
    },
    {
      "name": "CVE-2019-2969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2969"
    },
    {
      "name": "CVE-2019-3011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3011"
    },
    {
      "name": "CVE-2019-2967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2967"
    },
    {
      "name": "CVE-2019-2946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2946"
    },
    {
      "name": "CVE-2019-2966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2966"
    },
    {
      "name": "CVE-2019-2957",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2957"
    },
    {
      "name": "CVE-2019-2948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2948"
    },
    {
      "name": "CVE-2019-2922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2922"
    },
    {
      "name": "CVE-2019-3004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3004"
    },
    {
      "name": "CVE-2019-2998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2998"
    },
    {
      "name": "CVE-2019-2911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2911"
    },
    {
      "name": "CVE-2019-2950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2950"
    },
    {
      "name": "CVE-2019-2910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2910"
    },
    {
      "name": "CVE-2019-3018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3018"
    },
    {
      "name": "CVE-2019-2974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2974"
    },
    {
      "name": "CVE-2019-2991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2991"
    },
    {
      "name": "CVE-2019-2997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2997"
    },
    {
      "name": "CVE-2019-2938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2938"
    },
    {
      "name": "CVE-2019-3003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3003"
    },
    {
      "name": "CVE-2019-2982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2982"
    },
    {
      "name": "CVE-2019-2963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2963"
    },
    {
      "name": "CVE-2020-2579",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2579"
    },
    {
      "name": "CVE-2020-2584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2584"
    },
    {
      "name": "CVE-2020-2577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2577"
    },
    {
      "name": "CVE-2020-2679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2679"
    },
    {
      "name": "CVE-2020-2570",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2570"
    },
    {
      "name": "CVE-2020-2572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2572"
    },
    {
      "name": "CVE-2020-2627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2627"
    },
    {
      "name": "CVE-2020-2660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2660"
    },
    {
      "name": "CVE-2020-2589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2589"
    },
    {
      "name": "CVE-2020-2573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2573"
    },
    {
      "name": "CVE-2020-2686",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2686"
    },
    {
      "name": "CVE-2020-2694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2694"
    },
    {
      "name": "CVE-2020-2574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2574"
    },
    {
      "name": "CVE-2020-2770",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2770"
    },
    {
      "name": "CVE-2020-2925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2925"
    },
    {
      "name": "CVE-2020-2853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2853"
    },
    {
      "name": "CVE-2020-2774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2774"
    },
    {
      "name": "CVE-2020-2928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2928"
    },
    {
      "name": "CVE-2020-2897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2897"
    },
    {
      "name": "CVE-2020-2812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2812"
    },
    {
      "name": "CVE-2020-2765",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2765"
    },
    {
      "name": "CVE-2020-2761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2761"
    },
    {
      "name": "CVE-2020-2790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2790"
    },
    {
      "name": "CVE-2020-2752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2752"
    },
    {
      "name": "CVE-2020-2904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2904"
    },
    {
      "name": "CVE-2020-2893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2893"
    },
    {
      "name": "CVE-2020-2760",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2760"
    },
    {
      "name": "CVE-2020-2780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2780"
    },
    {
      "name": "CVE-2020-2903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2903"
    },
    {
      "name": "CVE-2020-2924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2924"
    },
    {
      "name": "CVE-2020-2806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2806"
    },
    {
      "name": "CVE-2020-2922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2922"
    },
    {
      "name": "CVE-2020-2901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2901"
    },
    {
      "name": "CVE-2020-2926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2926"
    },
    {
      "name": "CVE-2020-2923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2923"
    },
    {
      "name": "CVE-2020-2921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2921"
    },
    {
      "name": "CVE-2020-2779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2779"
    },
    {
      "name": "CVE-2020-2892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2892"
    },
    {
      "name": "CVE-2020-2896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2896"
    },
    {
      "name": "CVE-2020-2804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2804"
    },
    {
      "name": "CVE-2020-2895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2895"
    },
    {
      "name": "CVE-2020-2930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2930"
    },
    {
      "name": "CVE-2020-2814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2814"
    },
    {
      "name": "CVE-2020-2759",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2759"
    },
    {
      "name": "CVE-2020-2763",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2763"
    },
    {
      "name": "CVE-2020-14550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14550"
    },
    {
      "name": "CVE-2020-14567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14567"
    },
    {
      "name": "CVE-2020-14559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14559"
    },
    {
      "name": "CVE-2020-14576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14576"
    },
    {
      "name": "CVE-2020-14540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14540"
    },
    {
      "name": "CVE-2020-14547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14547"
    },
    {
      "name": "CVE-2020-14553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14553"
    },
    {
      "name": "CVE-2020-14539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14539"
    },
    {
      "name": "CVE-2020-14845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14845"
    },
    {
      "name": "CVE-2020-14799",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14799"
    },
    {
      "name": "CVE-2020-14793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14793"
    },
    {
      "name": "CVE-2020-14888",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14888"
    },
    {
      "name": "CVE-2020-14790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14790"
    },
    {
      "name": "CVE-2020-14789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14789"
    },
    {
      "name": "CVE-2020-14672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14672"
    },
    {
      "name": "CVE-2020-14846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14846"
    },
    {
      "name": "CVE-2020-14771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14771"
    },
    {
      "name": "CVE-2020-14873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14873"
    },
    {
      "name": "CVE-2020-14791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14791"
    },
    {
      "name": "CVE-2020-14769",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14769"
    },
    {
      "name": "CVE-2020-14844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14844"
    },
    {
      "name": "CVE-2020-14809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14809"
    },
    {
      "name": "CVE-2020-14860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14860"
    },
    {
      "name": "CVE-2020-14866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14866"
    },
    {
      "name": "CVE-2020-14861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14861"
    },
    {
      "name": "CVE-2020-14773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14773"
    },
    {
      "name": "CVE-2020-14776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14776"
    },
    {
      "name": "CVE-2020-14852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14852"
    },
    {
      "name": "CVE-2020-14760",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14760"
    },
    {
      "name": "CVE-2020-14870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14870"
    },
    {
      "name": "CVE-2020-14837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14837"
    },
    {
      "name": "CVE-2020-14893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14893"
    },
    {
      "name": "CVE-2020-14836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14836"
    },
    {
      "name": "CVE-2020-14829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14829"
    },
    {
      "name": "CVE-2020-14868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14868"
    },
    {
      "name": "CVE-2020-14827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14827"
    },
    {
      "name": "CVE-2020-14839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14839"
    },
    {
      "name": "CVE-2020-14777",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14777"
    },
    {
      "name": "CVE-2020-14812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14812"
    },
    {
      "name": "CVE-2020-14775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14775"
    },
    {
      "name": "CVE-2020-14838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14838"
    },
    {
      "name": "CVE-2020-14869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14869"
    },
    {
      "name": "CVE-2020-14765",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14765"
    },
    {
      "name": "CVE-2020-14814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14814"
    },
    {
      "name": "CVE-2020-14821",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14821"
    },
    {
      "name": "CVE-2020-14830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14830"
    },
    {
      "name": "CVE-2020-14828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14828"
    },
    {
      "name": "CVE-2020-14804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14804"
    },
    {
      "name": "CVE-2020-14800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14800"
    },
    {
      "name": "CVE-2020-14891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14891"
    },
    {
      "name": "CVE-2020-14848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14848"
    },
    {
      "name": "CVE-2020-14867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14867"
    },
    {
      "name": "CVE-2020-14785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14785"
    },
    {
      "name": "CVE-2020-14794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14794"
    },
    {
      "name": "CVE-2020-14786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14786"
    },
    {
      "name": "CVE-2020-15358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
    },
    {
      "name": "CVE-2020-1971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
    },
    {
      "name": "CVE-2021-2010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2010"
    },
    {
      "name": "CVE-2021-2001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2001"
    },
    {
      "name": "CVE-2021-2060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2060"
    },
    {
      "name": "CVE-2021-2014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2014"
    },
    {
      "name": "CVE-2021-2032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2032"
    },
    {
      "name": "CVE-2021-2036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2036"
    },
    {
      "name": "CVE-2021-2007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2007"
    },
    {
      "name": "CVE-2021-2011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2011"
    },
    {
      "name": "CVE-2021-2022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2022"
    },
    {
      "name": "CVE-2019-25013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
    },
    {
      "name": "CVE-2021-2308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2308"
    },
    {
      "name": "CVE-2021-2213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2213"
    },
    {
      "name": "CVE-2021-2172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2172"
    },
    {
      "name": "CVE-2021-2293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2293"
    },
    {
      "name": "CVE-2021-2208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2208"
    },
    {
      "name": "CVE-2021-2196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2196"
    },
    {
      "name": "CVE-2021-2194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2194"
    },
    {
      "name": "CVE-2021-2298",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2298"
    },
    {
      "name": "CVE-2021-2162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2162"
    },
    {
      "name": "CVE-2021-2179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2179"
    },
    {
      "name": "CVE-2021-2307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2307"
    },
    {
      "name": "CVE-2021-2217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2217"
    },
    {
      "name": "CVE-2021-2180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2180"
    },
    {
      "name": "CVE-2021-2203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2203"
    },
    {
      "name": "CVE-2021-2144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2144"
    },
    {
      "name": "CVE-2021-2226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2226"
    },
    {
      "name": "CVE-2021-2232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2232"
    },
    {
      "name": "CVE-2021-2169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2169"
    },
    {
      "name": "CVE-2021-2301",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2301"
    },
    {
      "name": "CVE-2021-2202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2202"
    },
    {
      "name": "CVE-2021-2166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2166"
    },
    {
      "name": "CVE-2021-2174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2174"
    },
    {
      "name": "CVE-2021-2154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2154"
    },
    {
      "name": "CVE-2021-2193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2193"
    },
    {
      "name": "CVE-2021-2300",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2300"
    },
    {
      "name": "CVE-2021-2299",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2299"
    },
    {
      "name": "CVE-2021-2212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2212"
    },
    {
      "name": "CVE-2021-2178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2178"
    },
    {
      "name": "CVE-2021-2146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2146"
    },
    {
      "name": "CVE-2021-2230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2230"
    },
    {
      "name": "CVE-2021-2278",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2278"
    },
    {
      "name": "CVE-2021-2164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2164"
    },
    {
      "name": "CVE-2021-2201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2201"
    },
    {
      "name": "CVE-2021-2170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2170"
    },
    {
      "name": "CVE-2021-2304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2304"
    },
    {
      "name": "CVE-2021-2160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2160"
    },
    {
      "name": "CVE-2021-2171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2171"
    },
    {
      "name": "CVE-2021-2305",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2305"
    },
    {
      "name": "CVE-2021-2215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2215"
    },
    {
      "name": "CVE-2021-25214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25214"
    },
    {
      "name": "CVE-2012-6153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6153"
    },
    {
      "name": "CVE-2020-10878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10878"
    },
    {
      "name": "CVE-2021-2370",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2370"
    },
    {
      "name": "CVE-2021-2389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2389"
    },
    {
      "name": "CVE-2021-2444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2444"
    },
    {
      "name": "CVE-2021-2429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2429"
    },
    {
      "name": "CVE-2021-2426",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2426"
    },
    {
      "name": "CVE-2021-2427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2427"
    },
    {
      "name": "CVE-2021-2339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2339"
    },
    {
      "name": "CVE-2021-2425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2425"
    },
    {
      "name": "CVE-2021-2387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2387"
    },
    {
      "name": "CVE-2021-2383",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2383"
    },
    {
      "name": "CVE-2021-2372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2372"
    },
    {
      "name": "CVE-2021-2399",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2399"
    },
    {
      "name": "CVE-2021-2384",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2384"
    },
    {
      "name": "CVE-2021-2412",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2412"
    },
    {
      "name": "CVE-2021-2441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2441"
    },
    {
      "name": "CVE-2021-2410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2410"
    },
    {
      "name": "CVE-2021-2342",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2342"
    },
    {
      "name": "CVE-2021-2437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2437"
    },
    {
      "name": "CVE-2021-2417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2417"
    },
    {
      "name": "CVE-2021-2424",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2424"
    },
    {
      "name": "CVE-2021-2385",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2385"
    },
    {
      "name": "CVE-2021-2357",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2357"
    },
    {
      "name": "CVE-2021-2352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2352"
    },
    {
      "name": "CVE-2021-2402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2402"
    },
    {
      "name": "CVE-2021-2440",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2440"
    },
    {
      "name": "CVE-2021-2340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2340"
    },
    {
      "name": "CVE-2021-2390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2390"
    },
    {
      "name": "CVE-2021-2374",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2374"
    },
    {
      "name": "CVE-2021-2356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2356"
    },
    {
      "name": "CVE-2021-2411",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2411"
    },
    {
      "name": "CVE-2021-2418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2418"
    },
    {
      "name": "CVE-2021-2367",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2367"
    },
    {
      "name": "CVE-2021-2354",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2354"
    },
    {
      "name": "CVE-2021-2422",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2422"
    },
    {
      "name": "CVE-2020-10543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10543"
    },
    {
      "name": "CVE-2020-12723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12723"
    },
    {
      "name": "CVE-2020-10029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
    },
    {
      "name": "CVE-2021-23337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
    },
    {
      "name": "CVE-2020-28500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28500"
    },
    {
      "name": "CVE-2019-18276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
    },
    {
      "name": "CVE-2021-3421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
    },
    {
      "name": "CVE-2021-3326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
    },
    {
      "name": "CVE-2019-2708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2708"
    },
    {
      "name": "CVE-2020-27618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
    },
    {
      "name": "CVE-2021-35640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35640"
    },
    {
      "name": "CVE-2021-35626",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35626"
    },
    {
      "name": "CVE-2021-2478",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2478"
    },
    {
      "name": "CVE-2021-35624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35624"
    },
    {
      "name": "CVE-2021-35583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35583"
    },
    {
      "name": "CVE-2021-35628",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35628"
    },
    {
      "name": "CVE-2021-35630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35630"
    },
    {
      "name": "CVE-2021-35644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35644"
    },
    {
      "name": "CVE-2021-2479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2479"
    },
    {
      "name": "CVE-2021-35638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35638"
    },
    {
      "name": "CVE-2021-35646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35646"
    },
    {
      "name": "CVE-2021-35596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35596"
    },
    {
      "name": "CVE-2021-35643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35643"
    },
    {
      "name": "CVE-2021-35637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35637"
    },
    {
      "name": "CVE-2021-35623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35623"
    },
    {
      "name": "CVE-2021-35632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35632"
    },
    {
      "name": "CVE-2021-35641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35641"
    },
    {
      "name": "CVE-2021-35604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35604"
    },
    {
      "name": "CVE-2021-35636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35636"
    },
    {
      "name": "CVE-2021-35546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35546"
    },
    {
      "name": "CVE-2021-35627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35627"
    },
    {
      "name": "CVE-2021-35625",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35625"
    },
    {
      "name": "CVE-2021-35608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35608"
    },
    {
      "name": "CVE-2021-35597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35597"
    },
    {
      "name": "CVE-2021-35537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35537"
    },
    {
      "name": "CVE-2021-2481",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2481"
    },
    {
      "name": "CVE-2021-35622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35622"
    },
    {
      "name": "CVE-2021-35610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35610"
    },
    {
      "name": "CVE-2021-35633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35633"
    },
    {
      "name": "CVE-2021-35634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35634"
    },
    {
      "name": "CVE-2021-35629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35629"
    },
    {
      "name": "CVE-2021-35631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35631"
    },
    {
      "name": "CVE-2021-35645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35645"
    },
    {
      "name": "CVE-2021-35647",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35647"
    },
    {
      "name": "CVE-2021-35612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35612"
    },
    {
      "name": "CVE-2021-35639",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35639"
    },
    {
      "name": "CVE-2021-35648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35648"
    },
    {
      "name": "CVE-2021-35607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35607"
    },
    {
      "name": "CVE-2021-35602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35602"
    },
    {
      "name": "CVE-2021-35577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35577"
    },
    {
      "name": "CVE-2021-35642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35642"
    },
    {
      "name": "CVE-2021-35575",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35575"
    },
    {
      "name": "CVE-2021-35635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35635"
    },
    {
      "name": "CVE-2021-35591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35591"
    },
    {
      "name": "CVE-2021-25219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25219"
    },
    {
      "name": "CVE-2021-3875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3875"
    },
    {
      "name": "CVE-2019-10744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10744"
    },
    {
      "name": "CVE-2022-21352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21352"
    },
    {
      "name": "CVE-2022-21304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21304"
    },
    {
      "name": "CVE-2022-21254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21254"
    },
    {
      "name": "CVE-2022-21265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21265"
    },
    {
      "name": "CVE-2022-21348",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21348"
    },
    {
      "name": "CVE-2022-21372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21372"
    },
    {
      "name": "CVE-2022-21245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21245"
    },
    {
      "name": "CVE-2022-21368",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21368"
    },
    {
      "name": "CVE-2022-21339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21339"
    },
    {
      "name": "CVE-2022-21264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21264"
    },
    {
      "name": "CVE-2022-21297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21297"
    },
    {
      "name": "CVE-2022-21379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21379"
    },
    {
      "name": "CVE-2022-21253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21253"
    },
    {
      "name": "CVE-2022-21301",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21301"
    },
    {
      "name": "CVE-2022-21378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21378"
    },
    {
      "name": "CVE-2022-21370",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21370"
    },
    {
      "name": "CVE-2022-21302",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21302"
    },
    {
      "name": "CVE-2022-21249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21249"
    },
    {
      "name": "CVE-2022-21344",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21344"
    },
    {
      "name": "CVE-2022-21270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21270"
    },
    {
      "name": "CVE-2022-21367",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21367"
    },
    {
      "name": "CVE-2022-21342",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21342"
    },
    {
      "name": "CVE-2022-21362",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21362"
    },
    {
      "name": "CVE-2022-21303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21303"
    },
    {
      "name": "CVE-2022-21256",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21256"
    },
    {
      "name": "CVE-2022-21358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21358"
    },
    {
      "name": "CVE-2022-21374",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21374"
    },
    {
      "name": "CVE-2022-3602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
    },
    {
      "name": "CVE-2022-2309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
    },
    {
      "name": "CVE-2022-29824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
    },
    {
      "name": "CVE-2022-35737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
    },
    {
      "name": "CVE-2022-40303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
    },
    {
      "name": "CVE-2022-40304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
    },
    {
      "name": "CVE-2020-8203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8203"
    },
    {
      "name": "CVE-2022-3786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
    },
    {
      "name": "CVE-2022-2795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2795"
    },
    {
      "name": "CVE-2022-34903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
    },
    {
      "name": "CVE-2022-3515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
    },
    {
      "name": "CVE-2022-3996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
    },
    {
      "name": "CVE-2022-22942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
    },
    {
      "name": "CVE-2021-4193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4193"
    },
    {
      "name": "CVE-2020-15366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15366"
    },
    {
      "name": "CVE-2022-22965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22965"
    },
    {
      "name": "CVE-2022-0213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0213"
    },
    {
      "name": "CVE-2022-21418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21418"
    },
    {
      "name": "CVE-2022-21412",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21412"
    },
    {
      "name": "CVE-2022-21437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21437"
    },
    {
      "name": "CVE-2022-21478",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21478"
    },
    {
      "name": "CVE-2022-21479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21479"
    },
    {
      "name": "CVE-2022-21438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21438"
    },
    {
      "name": "CVE-2022-21440",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21440"
    },
    {
      "name": "CVE-2022-21451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21451"
    },
    {
      "name": "CVE-2022-21427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21427"
    },
    {
      "name": "CVE-2022-21415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21415"
    },
    {
      "name": "CVE-2022-21459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21459"
    },
    {
      "name": "CVE-2022-21460",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21460"
    },
    {
      "name": "CVE-2022-21414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21414"
    },
    {
      "name": "CVE-2022-21413",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21413"
    },
    {
      "name": "CVE-2022-21436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21436"
    },
    {
      "name": "CVE-2022-21435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21435"
    },
    {
      "name": "CVE-2022-21462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21462"
    },
    {
      "name": "CVE-2022-21444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21444"
    },
    {
      "name": "CVE-2022-21417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21417"
    },
    {
      "name": "CVE-2022-21457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21457"
    },
    {
      "name": "CVE-2022-21425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21425"
    },
    {
      "name": "CVE-2022-21452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21452"
    },
    {
      "name": "CVE-2021-20266",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
    },
    {
      "name": "CVE-2022-1292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
    },
    {
      "name": "CVE-2022-1473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
    },
    {
      "name": "CVE-2021-3521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
    },
    {
      "name": "CVE-2021-4122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4122"
    },
    {
      "name": "CVE-2022-2068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
    },
    {
      "name": "CVE-2017-7500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
    },
    {
      "name": "CVE-2021-33574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
    },
    {
      "name": "CVE-2017-11164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
    },
    {
      "name": "CVE-2022-21525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21525"
    },
    {
      "name": "CVE-2022-21537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21537"
    },
    {
      "name": "CVE-2022-21455",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21455"
    },
    {
      "name": "CVE-2022-21534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21534"
    },
    {
      "name": "CVE-2022-21528",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21528"
    },
    {
      "name": "CVE-2022-21529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21529"
    },
    {
      "name": "CVE-2022-21531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21531"
    },
    {
      "name": "CVE-2022-21515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21515"
    },
    {
      "name": "CVE-2022-21538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21538"
    },
    {
      "name": "CVE-2022-21527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21527"
    },
    {
      "name": "CVE-2022-21517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21517"
    },
    {
      "name": "CVE-2022-21539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21539"
    },
    {
      "name": "CVE-2022-21556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21556"
    },
    {
      "name": "CVE-2022-21509",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21509"
    },
    {
      "name": "CVE-2022-21553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21553"
    },
    {
      "name": "CVE-2022-21530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21530"
    },
    {
      "name": "CVE-2022-21522",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21522"
    },
    {
      "name": "CVE-2022-21547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21547"
    },
    {
      "name": "CVE-2022-21569",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21569"
    },
    {
      "name": "CVE-2022-21526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21526"
    },
    {
      "name": "CVE-2021-3999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
    },
    {
      "name": "CVE-2022-23218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
    },
    {
      "name": "CVE-2022-23219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
    },
    {
      "name": "CVE-2022-27782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
    },
    {
      "name": "CVE-2021-25220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25220"
    },
    {
      "name": "CVE-2022-0396",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0396"
    },
    {
      "name": "CVE-2022-3358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
    },
    {
      "name": "CVE-2022-1271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
    },
    {
      "name": "CVE-2012-5783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
    },
    {
      "name": "CVE-2022-21592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21592"
    },
    {
      "name": "CVE-2022-21617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21617"
    },
    {
      "name": "CVE-2022-21595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21595"
    },
    {
      "name": "CVE-2022-21608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21608"
    },
    {
      "name": "CVE-2022-21589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21589"
    },
    {
      "name": "CVE-2023-21863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21863"
    },
    {
      "name": "CVE-2023-21873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21873"
    },
    {
      "name": "CVE-2023-21879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21879"
    },
    {
      "name": "CVE-2023-21880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21880"
    },
    {
      "name": "CVE-2023-21869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21869"
    },
    {
      "name": "CVE-2023-21872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21872"
    },
    {
      "name": "CVE-2023-21877",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21877"
    },
    {
      "name": "CVE-2023-21870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21870"
    },
    {
      "name": "CVE-2023-21887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21887"
    },
    {
      "name": "CVE-2023-21836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21836"
    },
    {
      "name": "CVE-2023-21881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21881"
    },
    {
      "name": "CVE-2023-21876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21876"
    },
    {
      "name": "CVE-2023-21840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21840"
    },
    {
      "name": "CVE-2023-21878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21878"
    },
    {
      "name": "CVE-2023-21866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21866"
    },
    {
      "name": "CVE-2023-21875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21875"
    },
    {
      "name": "CVE-2023-21865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21865"
    },
    {
      "name": "CVE-2023-21883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21883"
    },
    {
      "name": "CVE-2023-21867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21867"
    },
    {
      "name": "CVE-2023-21874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21874"
    },
    {
      "name": "CVE-2023-21871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21871"
    },
    {
      "name": "CVE-2023-0286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
    },
    {
      "name": "CVE-2023-0401",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
    },
    {
      "name": "CVE-2023-0215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
    },
    {
      "name": "CVE-2023-0217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
    },
    {
      "name": "CVE-2023-0216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
    },
    {
      "name": "CVE-2022-4450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
    },
    {
      "name": "CVE-2022-4415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
    },
    {
      "name": "CVE-2023-24329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
    },
    {
      "name": "CVE-2023-0464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
    },
    {
      "name": "CVE-2023-21963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21963"
    },
    {
      "name": "CVE-2023-21977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21977"
    },
    {
      "name": "CVE-2023-21912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21912"
    },
    {
      "name": "CVE-2023-29469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
    },
    {
      "name": "CVE-2023-28484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
    },
    {
      "name": "CVE-2023-20873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-20873"
    },
    {
      "name": "CVE-2023-20883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
    },
    {
      "name": "CVE-2023-27535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
    },
    {
      "name": "CVE-2023-27538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
    },
    {
      "name": "CVE-2023-27536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
    },
    {
      "name": "CVE-2023-27537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
    },
    {
      "name": "CVE-2020-1752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
    },
    {
      "name": "CVE-2021-35942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
    },
    {
      "name": "CVE-2021-38604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
    },
    {
      "name": "CVE-2020-29562",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
    },
    {
      "name": "CVE-2021-27645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
    },
    {
      "name": "CVE-2023-28322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
    },
    {
      "name": "CVE-2022-46908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
    },
    {
      "name": "CVE-2023-28320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
    },
    {
      "name": "CVE-2023-28321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
    },
    {
      "name": "CVE-2023-22053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22053"
    },
    {
      "name": "CVE-2023-22007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22007"
    },
    {
      "name": "CVE-2022-4899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
    },
    {
      "name": "CVE-2022-25883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
    },
    {
      "name": "CVE-2023-40403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
    },
    {
      "name": "CVE-2023-4911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
    },
    {
      "name": "CVE-2023-44487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
    },
    {
      "name": "CVE-2016-1000027",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
    },
    {
      "name": "CVE-2023-35116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
    },
    {
      "name": "CVE-2023-22097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22097"
    },
    {
      "name": "CVE-2023-22084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22084"
    },
    {
      "name": "CVE-2023-22026",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22026"
    },
    {
      "name": "CVE-2023-22028",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22028"
    },
    {
      "name": "CVE-2023-22015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22015"
    },
    {
      "name": "CVE-2023-22103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22103"
    },
    {
      "name": "CVE-2023-22068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22068"
    },
    {
      "name": "CVE-2023-22078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22078"
    },
    {
      "name": "CVE-2023-38546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
    },
    {
      "name": "CVE-2023-22059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22059"
    },
    {
      "name": "CVE-2023-22066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22066"
    },
    {
      "name": "CVE-2023-22114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22114"
    },
    {
      "name": "CVE-2023-22070",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22070"
    },
    {
      "name": "CVE-2023-22032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22032"
    },
    {
      "name": "CVE-2023-5363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
    },
    {
      "name": "CVE-2023-4807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
    },
    {
      "name": "CVE-2023-45853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
    },
    {
      "name": "CVE-2023-5678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
    },
    {
      "name": "CVE-2023-40217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
    },
    {
      "name": "CVE-2023-45803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
    },
    {
      "name": "CVE-2021-22570",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22570"
    },
    {
      "name": "CVE-2023-2603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
    },
    {
      "name": "CVE-2023-2602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
    },
    {
      "name": "CVE-2023-4527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
    },
    {
      "name": "CVE-2023-4813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
    },
    {
      "name": "CVE-2023-4806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
    },
    {
      "name": "CVE-2022-48303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
    },
    {
      "name": "CVE-2023-34055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
    },
    {
      "name": "CVE-2023-4039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
    },
    {
      "name": "CVE-2022-3715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
    },
    {
      "name": "CVE-2023-0687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
    },
    {
      "name": "CVE-2023-5156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
    },
    {
      "name": "CVE-2022-48522",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
    },
    {
      "name": "CVE-2023-39615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
    },
    {
      "name": "CVE-2021-46848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
    },
    {
      "name": "CVE-2021-33294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
    },
    {
      "name": "CVE-2021-43618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
    },
    {
      "name": "CVE-2023-45322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
    },
    {
      "name": "CVE-2022-28321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
    },
    {
      "name": "CVE-2023-4016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
    },
    {
      "name": "CVE-2013-4235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
    },
    {
      "name": "CVE-2023-34969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
    },
    {
      "name": "CVE-2021-20193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20193"
    },
    {
      "name": "CVE-2023-29383",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
    },
    {
      "name": "CVE-2023-5981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
    },
    {
      "name": "CVE-2023-48795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
    },
    {
      "name": "CVE-2023-6237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
    },
    {
      "name": "CVE-2023-31484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
    },
    {
      "name": "CVE-2023-36054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
    },
    {
      "name": "CVE-2023-7104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
    },
    {
      "name": "CVE-2023-6129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
    },
    {
      "name": "CVE-2023-46218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
    },
    {
      "name": "CVE-2023-46219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
    },
    {
      "name": "CVE-2024-0727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
    },
    {
      "name": "CVE-2023-47100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47100"
    },
    {
      "name": "CVE-2023-47038",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
    },
    {
      "name": "CVE-2023-39325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
    },
    {
      "name": "CVE-2022-27772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27772"
    },
    {
      "name": "CVE-2023-27043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
    },
    {
      "name": "CVE-2023-6481",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6481"
    },
    {
      "name": "CVE-2023-36632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
    },
    {
      "name": "CVE-2024-28085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
    },
    {
      "name": "CVE-2024-2511",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
    },
    {
      "name": "CVE-2020-22916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
    },
    {
      "name": "CVE-2016-2781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
    },
    {
      "name": "CVE-2023-3978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
    },
    {
      "name": "CVE-2017-7501",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
    },
    {
      "name": "CVE-2021-35939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
    },
    {
      "name": "CVE-2024-0553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
    },
    {
      "name": "CVE-2021-35938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
    },
    {
      "name": "CVE-2021-35937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
    },
    {
      "name": "CVE-2023-6597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
    },
    {
      "name": "CVE-2024-26686",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26686"
    },
    {
      "name": "CVE-2023-52572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52572"
    },
    {
      "name": "CVE-2007-4559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
    },
    {
      "name": "CVE-2023-3138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3138"
    },
    {
      "name": "CVE-2024-28182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
    },
    {
      "name": "CVE-2023-45288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
    },
    {
      "name": "CVE-2024-4603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
    },
    {
      "name": "CVE-2023-6378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
    },
    {
      "name": "CVE-2023-31486",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31486"
    },
    {
      "name": "CVE-2024-26739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26739"
    },
    {
      "name": "CVE-2024-4741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
    },
    {
      "name": "CVE-2023-51074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
    },
    {
      "name": "CVE-2023-52757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52757"
    },
    {
      "name": "CVE-2024-35866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35866"
    },
    {
      "name": "CVE-2024-35867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35867"
    },
    {
      "name": "CVE-2024-35943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35943"
    },
    {
      "name": "CVE-2024-28180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
    },
    {
      "name": "CVE-2024-29857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
    },
    {
      "name": "CVE-2024-30171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
    },
    {
      "name": "CVE-2024-30172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
    },
    {
      "name": "CVE-2024-5535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
    },
    {
      "name": "CVE-2024-35790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35790"
    },
    {
      "name": "CVE-2024-3651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
    },
    {
      "name": "CVE-2024-2004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2004"
    },
    {
      "name": "CVE-2024-2398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
    },
    {
      "name": "CVE-2024-0397",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
    },
    {
      "name": "CVE-2024-4030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
    },
    {
      "name": "CVE-2024-4032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
    },
    {
      "name": "CVE-2024-3596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
    },
    {
      "name": "CVE-2024-0450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
    },
    {
      "name": "CVE-2024-25062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
    },
    {
      "name": "CVE-2024-26458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
    },
    {
      "name": "CVE-2024-26461",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
    },
    {
      "name": "CVE-2024-28834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
    },
    {
      "name": "CVE-2024-2961",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
    },
    {
      "name": "CVE-2024-33599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
    },
    {
      "name": "CVE-2024-33600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
    },
    {
      "name": "CVE-2024-33601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
    },
    {
      "name": "CVE-2024-33602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
    },
    {
      "name": "CVE-2024-35195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
    },
    {
      "name": "CVE-2024-36945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
    },
    {
      "name": "CVE-2024-38540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
    },
    {
      "name": "CVE-2024-38541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
    },
    {
      "name": "CVE-2023-4641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
    },
    {
      "name": "CVE-2024-0567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
    },
    {
      "name": "CVE-2024-22365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
    },
    {
      "name": "CVE-2024-21137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21137"
    },
    {
      "name": "CVE-2024-0760",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0760"
    },
    {
      "name": "CVE-2024-1737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1737"
    },
    {
      "name": "CVE-2024-1975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1975"
    },
    {
      "name": "CVE-2024-28835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
    },
    {
      "name": "CVE-2024-6923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
    },
    {
      "name": "CVE-2024-3219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
    },
    {
      "name": "CVE-2024-36908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36908"
    },
    {
      "name": "CVE-2024-27402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27402"
    },
    {
      "name": "CVE-2024-37891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
    },
    {
      "name": "CVE-2024-6345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
    },
    {
      "name": "CVE-2024-38808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
    },
    {
      "name": "CVE-2024-38809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
    },
    {
      "name": "CVE-2024-42230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42230"
    },
    {
      "name": "CVE-2024-38807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38807"
    },
    {
      "name": "CVE-2024-6232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
    },
    {
      "name": "CVE-2024-6119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
    },
    {
      "name": "CVE-2024-38816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
    },
    {
      "name": "CVE-2022-48893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48893"
    },
    {
      "name": "CVE-2024-42322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42322"
    },
    {
      "name": "CVE-2024-7264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
    },
    {
      "name": "CVE-2023-5841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5841"
    },
    {
      "name": "CVE-2024-34459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
    },
    {
      "name": "CVE-2024-8096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
    },
    {
      "name": "CVE-2023-6246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6246"
    },
    {
      "name": "CVE-2024-46812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46812"
    },
    {
      "name": "CVE-2024-46821",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46821"
    },
    {
      "name": "CVE-2024-46751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46751"
    },
    {
      "name": "CVE-2024-46753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46753"
    },
    {
      "name": "CVE-2024-46774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46774"
    },
    {
      "name": "CVE-2024-46787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
    },
    {
      "name": "CVE-2022-21454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21454"
    },
    {
      "name": "CVE-2024-21193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21193"
    },
    {
      "name": "CVE-2024-21194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21194"
    },
    {
      "name": "CVE-2024-21196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21196"
    },
    {
      "name": "CVE-2024-21197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21197"
    },
    {
      "name": "CVE-2024-21198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21198"
    },
    {
      "name": "CVE-2024-21199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21199"
    },
    {
      "name": "CVE-2024-21201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21201"
    },
    {
      "name": "CVE-2024-21207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21207"
    },
    {
      "name": "CVE-2024-21209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21209"
    },
    {
      "name": "CVE-2024-21212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21212"
    },
    {
      "name": "CVE-2024-21213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21213"
    },
    {
      "name": "CVE-2024-21219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21219"
    },
    {
      "name": "CVE-2024-21236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21236"
    },
    {
      "name": "CVE-2024-21239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21239"
    },
    {
      "name": "CVE-2024-21241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21241"
    },
    {
      "name": "CVE-2024-7254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
    },
    {
      "name": "CVE-2024-9143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
    },
    {
      "name": "CVE-2024-38819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
    },
    {
      "name": "CVE-2024-38820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
    },
    {
      "name": "CVE-2024-10487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10487"
    },
    {
      "name": "CVE-2024-10458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10458"
    },
    {
      "name": "CVE-2024-10459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10459"
    },
    {
      "name": "CVE-2024-10460",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10460"
    },
    {
      "name": "CVE-2024-10461",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10461"
    },
    {
      "name": "CVE-2024-10462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10462"
    },
    {
      "name": "CVE-2024-10463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10463"
    },
    {
      "name": "CVE-2024-10464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10464"
    },
    {
      "name": "CVE-2024-10465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10465"
    },
    {
      "name": "CVE-2024-10466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10466"
    },
    {
      "name": "CVE-2024-10467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10467"
    },
    {
      "name": "CVE-2024-10468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10468"
    },
    {
      "name": "CVE-2024-34447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
    },
    {
      "name": "CVE-2024-38286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38286"
    },
    {
      "name": "CVE-2024-7592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
    },
    {
      "name": "CVE-2024-8088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
    },
    {
      "name": "CVE-2024-9681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
    },
    {
      "name": "CVE-2024-11168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
    },
    {
      "name": "CVE-2024-38828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
    },
    {
      "name": "CVE-2024-46816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46816"
    },
    {
      "name": "CVE-2024-11395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11395"
    },
    {
      "name": "CVE-2024-49960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49960"
    },
    {
      "name": "CVE-2024-50047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
    },
    {
      "name": "CVE-2024-50073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50073"
    },
    {
      "name": "CVE-2024-11691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11691"
    },
    {
      "name": "CVE-2024-11692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11692"
    },
    {
      "name": "CVE-2024-11693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11693"
    },
    {
      "name": "CVE-2024-11694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11694"
    },
    {
      "name": "CVE-2024-11695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11695"
    },
    {
      "name": "CVE-2024-11696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11696"
    },
    {
      "name": "CVE-2024-11697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11697"
    },
    {
      "name": "CVE-2024-11698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11698"
    },
    {
      "name": "CVE-2024-11699",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11699"
    },
    {
      "name": "CVE-2024-11700",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11700"
    },
    {
      "name": "CVE-2024-11701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11701"
    },
    {
      "name": "CVE-2024-11702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11702"
    },
    {
      "name": "CVE-2024-11703",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11703"
    },
    {
      "name": "CVE-2024-11704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11704"
    },
    {
      "name": "CVE-2024-11705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11705"
    },
    {
      "name": "CVE-2024-11706",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11706"
    },
    {
      "name": "CVE-2024-11708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11708"
    },
    {
      "name": "CVE-2024-50272",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50272"
    },
    {
      "name": "CVE-2024-50280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50280"
    },
    {
      "name": "CVE-2024-11053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
    },
    {
      "name": "CVE-2024-10041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
    },
    {
      "name": "CVE-2024-10963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
    },
    {
      "name": "CVE-2024-47554",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
    },
    {
      "name": "CVE-2024-49989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49989"
    },
    {
      "name": "CVE-2024-50125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50125"
    },
    {
      "name": "CVE-2024-53051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53051"
    },
    {
      "name": "CVE-2024-53144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53144"
    },
    {
      "name": "CVE-2024-8805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8805"
    },
    {
      "name": "CVE-2025-0237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0237"
    },
    {
      "name": "CVE-2025-0238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0238"
    },
    {
      "name": "CVE-2025-0239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0239"
    },
    {
      "name": "CVE-2025-0240",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0240"
    },
    {
      "name": "CVE-2025-0241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0241"
    },
    {
      "name": "CVE-2025-0242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0242"
    },
    {
      "name": "CVE-2025-0243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0243"
    },
    {
      "name": "CVE-2025-0245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0245"
    },
    {
      "name": "CVE-2025-0247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0247"
    },
    {
      "name": "CVE-2025-0434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0434"
    },
    {
      "name": "CVE-2025-0435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0435"
    },
    {
      "name": "CVE-2025-0436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0436"
    },
    {
      "name": "CVE-2025-0437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0437"
    },
    {
      "name": "CVE-2025-0438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0438"
    },
    {
      "name": "CVE-2025-0439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0439"
    },
    {
      "name": "CVE-2025-0440",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0440"
    },
    {
      "name": "CVE-2025-0441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0441"
    },
    {
      "name": "CVE-2025-0442",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0442"
    },
    {
      "name": "CVE-2025-0443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0443"
    },
    {
      "name": "CVE-2025-0446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0446"
    },
    {
      "name": "CVE-2025-0447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0447"
    },
    {
      "name": "CVE-2025-0448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0448"
    },
    {
      "name": "CVE-2025-21523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21523"
    },
    {
      "name": "CVE-2025-0612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0612"
    },
    {
      "name": "CVE-2025-23083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
    },
    {
      "name": "CVE-2025-23084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
    },
    {
      "name": "CVE-2025-23085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
    },
    {
      "name": "CVE-2025-0938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
    },
    {
      "name": "CVE-2025-0444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0444"
    },
    {
      "name": "CVE-2025-0445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0445"
    },
    {
      "name": "CVE-2025-0451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0451"
    },
    {
      "name": "CVE-2025-0762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0762"
    },
    {
      "name": "CVE-2025-1009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1009"
    },
    {
      "name": "CVE-2025-1010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1010"
    },
    {
      "name": "CVE-2025-1011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1011"
    },
    {
      "name": "CVE-2025-1012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1012"
    },
    {
      "name": "CVE-2025-1013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1013"
    },
    {
      "name": "CVE-2025-1014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1014"
    },
    {
      "name": "CVE-2024-56664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56664"
    },
    {
      "name": "CVE-2025-1016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1016"
    },
    {
      "name": "CVE-2025-1017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1017"
    },
    {
      "name": "CVE-2025-1018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1018"
    },
    {
      "name": "CVE-2025-1019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1019"
    },
    {
      "name": "CVE-2025-1020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1020"
    },
    {
      "name": "CVE-2025-0167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
    },
    {
      "name": "CVE-2025-0725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
    },
    {
      "name": "CVE-2024-47535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
    },
    {
      "name": "CVE-2024-50258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50258"
    },
    {
      "name": "CVE-2024-53203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53203"
    },
    {
      "name": "CVE-2024-53128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53128"
    },
    {
      "name": "CVE-2025-0995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0995"
    },
    {
      "name": "CVE-2025-0996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0996"
    },
    {
      "name": "CVE-2025-0997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0997"
    },
    {
      "name": "CVE-2025-0998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0998"
    },
    {
      "name": "CVE-2024-13176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
    },
    {
      "name": "CVE-2025-1414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1414"
    },
    {
      "name": "CVE-2025-0999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0999"
    },
    {
      "name": "CVE-2025-1006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1006"
    },
    {
      "name": "CVE-2025-1426",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1426"
    },
    {
      "name": "CVE-2024-56751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56751"
    },
    {
      "name": "CVE-2023-39017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39017"
    },
    {
      "name": "CVE-2025-1795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
    },
    {
      "name": "CVE-2025-1914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1914"
    },
    {
      "name": "CVE-2025-1915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1915"
    },
    {
      "name": "CVE-2025-1916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1916"
    },
    {
      "name": "CVE-2025-1917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1917"
    },
    {
      "name": "CVE-2025-1918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1918"
    },
    {
      "name": "CVE-2025-1919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1919"
    },
    {
      "name": "CVE-2025-1921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1921"
    },
    {
      "name": "CVE-2025-1922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1922"
    },
    {
      "name": "CVE-2025-1923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1923"
    },
    {
      "name": "CVE-2025-1930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1930"
    },
    {
      "name": "CVE-2025-1931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1931"
    },
    {
      "name": "CVE-2025-1932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1932"
    },
    {
      "name": "CVE-2025-1933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1933"
    },
    {
      "name": "CVE-2025-1934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1934"
    },
    {
      "name": "CVE-2025-1935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1935"
    },
    {
      "name": "CVE-2025-1936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1936"
    },
    {
      "name": "CVE-2025-1937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1937"
    },
    {
      "name": "CVE-2025-1938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1938"
    },
    {
      "name": "CVE-2025-1939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1939"
    },
    {
      "name": "CVE-2025-1940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1940"
    },
    {
      "name": "CVE-2025-1941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1941"
    },
    {
      "name": "CVE-2025-1942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1942"
    },
    {
      "name": "CVE-2025-1943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1943"
    },
    {
      "name": "CVE-2025-1920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1920"
    },
    {
      "name": "CVE-2025-2135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2135"
    },
    {
      "name": "CVE-2025-2136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2136"
    },
    {
      "name": "CVE-2025-2137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2137"
    },
    {
      "name": "CVE-2025-24813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
    },
    {
      "name": "CVE-2024-6763",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6763"
    },
    {
      "name": "CVE-2022-49043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
    },
    {
      "name": "CVE-2024-45338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
    },
    {
      "name": "CVE-2024-51744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
    },
    {
      "name": "CVE-2025-24970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
    },
    {
      "name": "CVE-2025-25193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
    },
    {
      "name": "CVE-2024-45772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45772"
    },
    {
      "name": "CVE-2025-2476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2476"
    },
    {
      "name": "CVE-2025-2857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2857"
    },
    {
      "name": "CVE-2024-45337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
    },
    {
      "name": "CVE-2025-22870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
    },
    {
      "name": "CVE-2025-2783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2783"
    },
    {
      "name": "CVE-2022-49063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49063"
    },
    {
      "name": "CVE-2022-49535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49535"
    },
    {
      "name": "CVE-2024-56171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
    },
    {
      "name": "CVE-2025-27113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
    },
    {
      "name": "CVE-2025-3066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3066"
    },
    {
      "name": "CVE-2025-3067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3067"
    },
    {
      "name": "CVE-2025-3068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3068"
    },
    {
      "name": "CVE-2025-3071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3071"
    },
    {
      "name": "CVE-2025-3072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3072"
    },
    {
      "name": "CVE-2025-3073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3073"
    },
    {
      "name": "CVE-2025-3074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3074"
    },
    {
      "name": "CVE-2025-3028",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3028"
    },
    {
      "name": "CVE-2025-3029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3029"
    },
    {
      "name": "CVE-2025-3030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3030"
    },
    {
      "name": "CVE-2025-3031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3031"
    },
    {
      "name": "CVE-2025-3032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3032"
    },
    {
      "name": "CVE-2025-3033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3033"
    },
    {
      "name": "CVE-2025-3034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3034"
    },
    {
      "name": "CVE-2025-3035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3035"
    },
    {
      "name": "CVE-2024-54458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
    },
    {
      "name": "CVE-2025-3608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3608"
    },
    {
      "name": "CVE-2025-21574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
    },
    {
      "name": "CVE-2025-21575",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
    },
    {
      "name": "CVE-2025-21577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
    },
    {
      "name": "CVE-2025-21579",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
    },
    {
      "name": "CVE-2025-21580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
    },
    {
      "name": "CVE-2025-21581",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
    },
    {
      "name": "CVE-2025-21584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
    },
    {
      "name": "CVE-2025-21585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
    },
    {
      "name": "CVE-2025-21588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21588"
    },
    {
      "name": "CVE-2025-30681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
    },
    {
      "name": "CVE-2025-30682",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
    },
    {
      "name": "CVE-2025-30683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
    },
    {
      "name": "CVE-2025-30684",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
    },
    {
      "name": "CVE-2025-30685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
    },
    {
      "name": "CVE-2025-30687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
    },
    {
      "name": "CVE-2025-30688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
    },
    {
      "name": "CVE-2025-30689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
    },
    {
      "name": "CVE-2025-30693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
    },
    {
      "name": "CVE-2025-30695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
    },
    {
      "name": "CVE-2025-30696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
    },
    {
      "name": "CVE-2025-30699",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
    },
    {
      "name": "CVE-2025-30703",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
    },
    {
      "name": "CVE-2025-30704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
    },
    {
      "name": "CVE-2025-30705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
    },
    {
      "name": "CVE-2025-30715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
    },
    {
      "name": "CVE-2025-30721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
    },
    {
      "name": "CVE-2025-21839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
    },
    {
      "name": "CVE-2025-3619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3619"
    },
    {
      "name": "CVE-2025-3620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3620"
    },
    {
      "name": "CVE-2025-24928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
    },
    {
      "name": "CVE-2025-21941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
    },
    {
      "name": "CVE-2025-21956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
    },
    {
      "name": "CVE-2025-21957",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
    },
    {
      "name": "CVE-2025-21959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
    },
    {
      "name": "CVE-2025-21962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
    },
    {
      "name": "CVE-2025-21963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
    },
    {
      "name": "CVE-2025-21964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
    },
    {
      "name": "CVE-2025-21968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
    },
    {
      "name": "CVE-2025-21970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
    },
    {
      "name": "CVE-2025-21975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
    },
    {
      "name": "CVE-2025-21981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
    },
    {
      "name": "CVE-2025-21991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
    },
    {
      "name": "CVE-2025-21992",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
    },
    {
      "name": "CVE-2025-21994",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
    },
    {
      "name": "CVE-2025-21996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
    },
    {
      "name": "CVE-2025-21999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
    },
    {
      "name": "CVE-2025-22004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
    },
    {
      "name": "CVE-2025-22005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
    },
    {
      "name": "CVE-2025-22007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
    },
    {
      "name": "CVE-2025-22008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
    },
    {
      "name": "CVE-2025-22010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
    },
    {
      "name": "CVE-2025-22014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
    },
    {
      "name": "CVE-2024-12798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
    },
    {
      "name": "CVE-2024-12801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
    },
    {
      "name": "CVE-2025-22868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
    },
    {
      "name": "CVE-2025-22871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
    },
    {
      "name": "CVE-2025-22235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
    },
    {
      "name": "CVE-2025-2312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
    },
    {
      "name": "CVE-2025-30204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
    },
    {
      "name": "CVE-2025-4050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4050"
    },
    {
      "name": "CVE-2025-4051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4051"
    },
    {
      "name": "CVE-2025-4052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4052"
    },
    {
      "name": "CVE-2025-4096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4096"
    },
    {
      "name": "CVE-2025-2817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2817"
    },
    {
      "name": "CVE-2025-4082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4082"
    },
    {
      "name": "CVE-2025-4083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4083"
    },
    {
      "name": "CVE-2025-4085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4085"
    },
    {
      "name": "CVE-2025-4087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4087"
    },
    {
      "name": "CVE-2025-4088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4088"
    },
    {
      "name": "CVE-2025-4089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4089"
    },
    {
      "name": "CVE-2025-4090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4090"
    },
    {
      "name": "CVE-2025-4091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4091"
    },
    {
      "name": "CVE-2025-4092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4092"
    },
    {
      "name": "CVE-2023-53034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
    },
    {
      "name": "CVE-2024-46742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46742"
    },
    {
      "name": "CVE-2025-21853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
    },
    {
      "name": "CVE-2025-22025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
    },
    {
      "name": "CVE-2025-22027",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22027"
    },
    {
      "name": "CVE-2025-22035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22035"
    },
    {
      "name": "CVE-2025-22044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
    },
    {
      "name": "CVE-2025-22045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
    },
    {
      "name": "CVE-2025-22050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
    },
    {
      "name": "CVE-2025-22054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22054"
    },
    {
      "name": "CVE-2025-22055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
    },
    {
      "name": "CVE-2025-22056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22056"
    },
    {
      "name": "CVE-2025-22060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
    },
    {
      "name": "CVE-2025-22063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
    },
    {
      "name": "CVE-2025-22066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22066"
    },
    {
      "name": "CVE-2025-22071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22071"
    },
    {
      "name": "CVE-2025-22073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22073"
    },
    {
      "name": "CVE-2025-22075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
    },
    {
      "name": "CVE-2025-22079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22079"
    },
    {
      "name": "CVE-2025-22081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22081"
    },
    {
      "name": "CVE-2025-22086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
    },
    {
      "name": "CVE-2025-22089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22089"
    },
    {
      "name": "CVE-2025-22097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
    },
    {
      "name": "CVE-2025-23136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
    },
    {
      "name": "CVE-2025-23138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
    },
    {
      "name": "CVE-2025-37785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
    },
    {
      "name": "CVE-2025-37838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37838"
    },
    {
      "name": "CVE-2025-38152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38152"
    },
    {
      "name": "CVE-2025-38575",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38575"
    },
    {
      "name": "CVE-2025-38637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
    },
    {
      "name": "CVE-2025-39728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
    },
    {
      "name": "CVE-2025-39735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
    },
    {
      "name": "CVE-2025-27516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
    },
    {
      "name": "CVE-2025-29087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-29087"
    },
    {
      "name": "CVE-2025-3277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3277"
    },
    {
      "name": "CVE-2025-4609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4609"
    },
    {
      "name": "CVE-2025-4664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4664"
    },
    {
      "name": "CVE-2025-4372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4372"
    },
    {
      "name": "CVE-2025-4516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
    },
    {
      "name": "CVE-2025-22233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
    },
    {
      "name": "CVE-2024-55549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
    },
    {
      "name": "CVE-2024-9287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
    },
    {
      "name": "CVE-2025-24855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
    },
    {
      "name": "CVE-2025-4918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4918"
    },
    {
      "name": "CVE-2025-4919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4919"
    },
    {
      "name": "CVE-2025-41232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-41232"
    },
    {
      "name": "CVE-2025-23165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
    },
    {
      "name": "CVE-2025-23166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
    },
    {
      "name": "CVE-2025-5063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5063"
    },
    {
      "name": "CVE-2025-5064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5064"
    },
    {
      "name": "CVE-2025-5065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5065"
    },
    {
      "name": "CVE-2025-5066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5066"
    },
    {
      "name": "CVE-2025-5067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5067"
    },
    {
      "name": "CVE-2025-32414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
    },
    {
      "name": "CVE-2025-32415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
    },
    {
      "name": "CVE-2022-49728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49728"
    },
    {
      "name": "CVE-2024-58093",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
    },
    {
      "name": "CVE-2025-22018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
    },
    {
      "name": "CVE-2025-22020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
    },
    {
      "name": "CVE-2025-22062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22062"
    },
    {
      "name": "CVE-2025-23145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23145"
    },
    {
      "name": "CVE-2025-37798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
    },
    {
      "name": "CVE-2025-37749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37749"
    },
    {
      "name": "CVE-2025-22869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
    },
    {
      "name": "CVE-2025-5263",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5263"
    },
    {
      "name": "CVE-2025-5264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5264"
    },
    {
      "name": "CVE-2025-5265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5265"
    },
    {
      "name": "CVE-2025-5266",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5266"
    },
    {
      "name": "CVE-2025-5267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5267"
    },
    {
      "name": "CVE-2025-5268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5268"
    },
    {
      "name": "CVE-2025-5270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5270"
    },
    {
      "name": "CVE-2025-5271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5271"
    },
    {
      "name": "CVE-2025-5272",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5272"
    },
    {
      "name": "CVE-2025-5281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5281"
    },
    {
      "name": "CVE-2025-5283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
    },
    {
      "name": "CVE-2025-46701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
    },
    {
      "name": "CVE-2025-22021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
    },
    {
      "name": "CVE-2025-23140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23140"
    },
    {
      "name": "CVE-2025-23142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23142"
    },
    {
      "name": "CVE-2025-23144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23144"
    },
    {
      "name": "CVE-2025-23146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23146"
    },
    {
      "name": "CVE-2025-23147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23147"
    },
    {
      "name": "CVE-2025-23148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23148"
    },
    {
      "name": "CVE-2025-23150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23150"
    },
    {
      "name": "CVE-2025-23151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23151"
    },
    {
      "name": "CVE-2025-23156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23156"
    },
    {
      "name": "CVE-2025-23157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23157"
    },
    {
      "name": "CVE-2025-23158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23158"
    },
    {
      "name": "CVE-2025-23159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23159"
    },
    {
      "name": "CVE-2025-23161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23161"
    },
    {
      "name": "CVE-2025-23163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23163"
    },
    {
      "name": "CVE-2025-37738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37738"
    },
    {
      "name": "CVE-2025-37739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37739"
    },
    {
      "name": "CVE-2025-37740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37740"
    },
    {
      "name": "CVE-2025-37741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37741"
    },
    {
      "name": "CVE-2025-37742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37742"
    },
    {
      "name": "CVE-2025-37756",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
    },
    {
      "name": "CVE-2025-37757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37757"
    },
    {
      "name": "CVE-2025-37758",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37758"
    },
    {
      "name": "CVE-2025-37765",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37765"
    },
    {
      "name": "CVE-2025-37766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37766"
    },
    {
      "name": "CVE-2025-37767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37767"
    },
    {
      "name": "CVE-2025-37768",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37768"
    },
    {
      "name": "CVE-2025-37770",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37770"
    },
    {
      "name": "CVE-2025-37771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37771"
    },
    {
      "name": "CVE-2025-37773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37773"
    },
    {
      "name": "CVE-2025-37780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37780"
    },
    {
      "name": "CVE-2025-37781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37781"
    },
    {
      "name": "CVE-2025-37787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37787"
    },
    {
      "name": "CVE-2025-37788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37788"
    },
    {
      "name": "CVE-2025-37789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37789"
    },
    {
      "name": "CVE-2025-37790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37790"
    },
    {
      "name": "CVE-2025-37792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37792"
    },
    {
      "name": "CVE-2025-37794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37794"
    },
    {
      "name": "CVE-2025-37796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37796"
    },
    {
      "name": "CVE-2025-37797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
    },
    {
      "name": "CVE-2025-37803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37803"
    },
    {
      "name": "CVE-2025-37805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37805"
    },
    {
      "name": "CVE-2025-37808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37808"
    },
    {
      "name": "CVE-2025-37810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37810"
    },
    {
      "name": "CVE-2025-37811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37811"
    },
    {
      "name": "CVE-2025-37812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37812"
    },
    {
      "name": "CVE-2025-37817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37817"
    },
    {
      "name": "CVE-2025-37823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37823"
    },
    {
      "name": "CVE-2025-37824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37824"
    },
    {
      "name": "CVE-2025-37829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37829"
    },
    {
      "name": "CVE-2025-37830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37830"
    },
    {
      "name": "CVE-2025-37836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37836"
    },
    {
      "name": "CVE-2025-37839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37839"
    },
    {
      "name": "CVE-2025-37840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37840"
    },
    {
      "name": "CVE-2025-37841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37841"
    },
    {
      "name": "CVE-2025-37844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37844"
    },
    {
      "name": "CVE-2025-37850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37850"
    },
    {
      "name": "CVE-2025-37851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37851"
    },
    {
      "name": "CVE-2025-37857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37857"
    },
    {
      "name": "CVE-2025-37858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37858"
    },
    {
      "name": "CVE-2025-37859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37859"
    },
    {
      "name": "CVE-2025-37862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37862"
    },
    {
      "name": "CVE-2025-37867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37867"
    },
    {
      "name": "CVE-2025-37871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37871"
    },
    {
      "name": "CVE-2025-37875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37875"
    },
    {
      "name": "CVE-2025-37881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37881"
    },
    {
      "name": "CVE-2025-37883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37883"
    },
    {
      "name": "CVE-2025-37885",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
    },
    {
      "name": "CVE-2025-37889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
    },
    {
      "name": "CVE-2025-37892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37892"
    },
    {
      "name": "CVE-2025-37937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37937"
    },
    {
      "name": "CVE-2025-37940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37940"
    },
    {
      "name": "CVE-2025-37982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37982"
    },
    {
      "name": "CVE-2025-37983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37983"
    },
    {
      "name": "CVE-2025-37985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37985"
    },
    {
      "name": "CVE-2025-37989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37989"
    },
    {
      "name": "CVE-2025-37819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37819"
    },
    {
      "name": "CVE-2025-37890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
    },
    {
      "name": "CVE-2025-37905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37905"
    },
    {
      "name": "CVE-2025-37909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37909"
    },
    {
      "name": "CVE-2025-37911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37911"
    },
    {
      "name": "CVE-2025-37912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37912"
    },
    {
      "name": "CVE-2025-37913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37913"
    },
    {
      "name": "CVE-2025-37914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37914"
    },
    {
      "name": "CVE-2025-37915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37915"
    },
    {
      "name": "CVE-2025-37923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37923"
    },
    {
      "name": "CVE-2025-37927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37927"
    },
    {
      "name": "CVE-2025-37930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37930"
    },
    {
      "name": "CVE-2025-37932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
    },
    {
      "name": "CVE-2025-37949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37949"
    },
    {
      "name": "CVE-2025-37964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37964"
    },
    {
      "name": "CVE-2025-37967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37967"
    },
    {
      "name": "CVE-2025-37969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37969"
    },
    {
      "name": "CVE-2025-37970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37970"
    },
    {
      "name": "CVE-2025-37990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37990"
    },
    {
      "name": "CVE-2025-37991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37991"
    },
    {
      "name": "CVE-2025-5068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5068"
    },
    {
      "name": "CVE-2025-5419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5419"
    },
    {
      "name": "CVE-2025-27144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
    },
    {
      "name": "CVE-2025-49709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49709"
    },
    {
      "name": "CVE-2025-49710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49710"
    },
    {
      "name": "CVE-2023-6779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
    },
    {
      "name": "CVE-2023-6780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
    },
    {
      "name": "CVE-2024-12133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
    },
    {
      "name": "CVE-2024-12243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
    },
    {
      "name": "CVE-2024-2236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
    },
    {
      "name": "CVE-2024-56433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
    },
    {
      "name": "CVE-2025-0395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
    },
    {
      "name": "CVE-2025-1390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
    },
    {
      "name": "CVE-2025-29088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-29088"
    },
    {
      "name": "CVE-2025-31115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
    },
    {
      "name": "CVE-2025-4598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
    },
    {
      "name": "CVE-2025-5958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5958"
    },
    {
      "name": "CVE-2025-5959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5959"
    },
    {
      "name": "CVE-2025-41234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-41234"
    },
    {
      "name": "CVE-2025-49146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
    },
    {
      "name": "CVE-2025-48988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
    },
    {
      "name": "CVE-2025-49124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
    },
    {
      "name": "CVE-2025-49125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
    },
    {
      "name": "CVE-2025-6191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6191"
    },
    {
      "name": "CVE-2025-6192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6192"
    },
    {
      "name": "CVE-2024-53427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
    },
    {
      "name": "CVE-2024-56406",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
    },
    {
      "name": "CVE-2025-22872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
    },
    {
      "name": "CVE-2025-4802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
    },
    {
      "name": "CVE-2022-49168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49168"
    },
    {
      "name": "CVE-2025-37998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37998"
    },
    {
      "name": "CVE-2023-42366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42366"
    },
    {
      "name": "CVE-2025-6424",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6424"
    },
    {
      "name": "CVE-2025-6425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6425"
    },
    {
      "name": "CVE-2025-6426",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6426"
    },
    {
      "name": "CVE-2025-6427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6427"
    },
    {
      "name": "CVE-2025-6429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6429"
    },
    {
      "name": "CVE-2025-6430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6430"
    },
    {
      "name": "CVE-2025-6432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6432"
    },
    {
      "name": "CVE-2025-6433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6433"
    },
    {
      "name": "CVE-2025-6434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6434"
    },
    {
      "name": "CVE-2025-6020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
    },
    {
      "name": "CVE-2025-6555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6555"
    },
    {
      "name": "CVE-2025-6556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6556"
    },
    {
      "name": "CVE-2025-6557",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6557"
    },
    {
      "name": "CVE-2025-6435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6435"
    },
    {
      "name": "CVE-2025-6436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6436"
    },
    {
      "name": "CVE-2025-6554",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6554"
    },
    {
      "name": "CVE-2025-6021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
    },
    {
      "name": "CVE-2022-49636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
    },
    {
      "name": "CVE-2025-37997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
    },
    {
      "name": "CVE-2025-38000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
    },
    {
      "name": "CVE-2025-38001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
    },
    {
      "name": "CVE-2025-32462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
    },
    {
      "name": "CVE-2025-52520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
    },
    {
      "name": "CVE-2025-53506",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
    },
    {
      "name": "CVE-2024-47081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
    },
    {
      "name": "CVE-2025-3576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
    },
    {
      "name": "CVE-2025-47268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
    },
    {
      "name": "CVE-2025-37992",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37992"
    },
    {
      "name": "CVE-2025-37994",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37994"
    },
    {
      "name": "CVE-2025-37995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37995"
    },
    {
      "name": "CVE-2025-38005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38005"
    },
    {
      "name": "CVE-2025-38009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38009"
    },
    {
      "name": "CVE-2025-38023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38023"
    },
    {
      "name": "CVE-2025-38024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38024"
    },
    {
      "name": "CVE-2025-38083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
    },
    {
      "name": "CVE-2025-22227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
    },
    {
      "name": "CVE-2025-6558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6558"
    },
    {
      "name": "CVE-2025-7656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7656"
    },
    {
      "name": "CVE-2025-7657",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7657"
    },
    {
      "name": "CVE-2025-30749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
    },
    {
      "name": "CVE-2025-30754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
    },
    {
      "name": "CVE-2025-50059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
    },
    {
      "name": "CVE-2025-50106",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
    },
    {
      "name": "CVE-2025-50088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
    },
    {
      "name": "CVE-2025-48734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
    },
    {
      "name": "CVE-2022-21546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21546"
    },
    {
      "name": "CVE-2020-16156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-16156"
    },
    {
      "name": "CVE-2025-8010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8010"
    },
    {
      "name": "CVE-2025-8011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8011"
    },
    {
      "name": "CVE-2025-8027",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8027"
    },
    {
      "name": "CVE-2025-8028",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8028"
    },
    {
      "name": "CVE-2025-8029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8029"
    },
    {
      "name": "CVE-2025-8030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8030"
    },
    {
      "name": "CVE-2025-8031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8031"
    },
    {
      "name": "CVE-2025-8032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8032"
    },
    {
      "name": "CVE-2025-8033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8033"
    },
    {
      "name": "CVE-2025-8034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8034"
    },
    {
      "name": "CVE-2025-8035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8035"
    },
    {
      "name": "CVE-2025-8036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8036"
    },
    {
      "name": "CVE-2025-8037",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8037"
    },
    {
      "name": "CVE-2025-8038",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8038"
    },
    {
      "name": "CVE-2025-8039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8039"
    },
    {
      "name": "CVE-2025-8040",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8040"
    },
    {
      "name": "CVE-2025-8041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8041"
    },
    {
      "name": "CVE-2025-8043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8043"
    },
    {
      "name": "CVE-2025-8044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8044"
    },
    {
      "name": "CVE-2024-23337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
    },
    {
      "name": "CVE-2024-45339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45339"
    },
    {
      "name": "CVE-2024-47611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
    },
    {
      "name": "CVE-2025-0913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
    },
    {
      "name": "CVE-2025-22874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
    },
    {
      "name": "CVE-2025-32988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
    },
    {
      "name": "CVE-2025-32989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
    },
    {
      "name": "CVE-2025-32990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
    },
    {
      "name": "CVE-2025-38177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
    },
    {
      "name": "CVE-2025-4673",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
    },
    {
      "name": "CVE-2025-48060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
    },
    {
      "name": "CVE-2025-4877",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
    },
    {
      "name": "CVE-2025-4878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
    },
    {
      "name": "CVE-2025-48924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
    },
    {
      "name": "CVE-2025-50181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
    },
    {
      "name": "CVE-2025-5318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
    },
    {
      "name": "CVE-2025-5372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
    },
    {
      "name": "CVE-2025-5914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
    },
    {
      "name": "CVE-2025-5915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
    },
    {
      "name": "CVE-2025-5916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
    },
    {
      "name": "CVE-2025-5917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
    },
    {
      "name": "CVE-2025-6069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
    },
    {
      "name": "CVE-2025-6395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
    },
    {
      "name": "CVE-2025-38094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38094"
    },
    {
      "name": "CVE-2025-8194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
    },
    {
      "name": "CVE-2025-8292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8292"
    },
    {
      "name": "CVE-2025-7424",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
    },
    {
      "name": "CVE-2025-7425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
    },
    {
      "name": "CVE-2025-50182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
    },
    {
      "name": "CVE-2025-5889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5889"
    },
    {
      "name": "CVE-2025-8576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8576"
    },
    {
      "name": "CVE-2025-8577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8577"
    },
    {
      "name": "CVE-2025-8578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8578"
    },
    {
      "name": "CVE-2025-8579",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8579"
    },
    {
      "name": "CVE-2025-8580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8580"
    },
    {
      "name": "CVE-2025-8581",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8581"
    },
    {
      "name": "CVE-2025-8582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8582"
    },
    {
      "name": "CVE-2025-8583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8583"
    },
    {
      "name": "CVE-2025-27210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
    },
    {
      "name": "CVE-2025-27817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27817"
    },
    {
      "name": "CVE-2025-27818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27818"
    },
    {
      "name": "CVE-2025-8879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8879"
    },
    {
      "name": "CVE-2025-8880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8880"
    },
    {
      "name": "CVE-2025-8881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8881"
    },
    {
      "name": "CVE-2025-8882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8882"
    },
    {
      "name": "CVE-2025-8901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8901"
    },
    {
      "name": "CVE-2025-48989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
    },
    {
      "name": "CVE-2025-7339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7339"
    },
    {
      "name": "CVE-2025-7783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
    },
    {
      "name": "CVE-2021-32256",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
    },
    {
      "name": "CVE-2024-25260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
    },
    {
      "name": "CVE-2025-1371",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
    },
    {
      "name": "CVE-2025-1376",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
    },
    {
      "name": "CVE-2025-1377",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
    },
    {
      "name": "CVE-2025-47273",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
    },
    {
      "name": "CVE-2025-48964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
    },
    {
      "name": "CVE-2025-49794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
    },
    {
      "name": "CVE-2025-49796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
    },
    {
      "name": "CVE-2025-41242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
    },
    {
      "name": "CVE-2025-9132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9132"
    },
    {
      "name": "CVE-2025-54988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
    },
    {
      "name": "CVE-2025-6965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
    },
    {
      "name": "CVE-2024-13009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-13009"
    },
    {
      "name": "CVE-2025-55668",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
    },
    {
      "name": "CVE-2025-4674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
    },
    {
      "name": "CVE-2025-47907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
    },
    {
      "name": "CVE-2025-52999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
    },
    {
      "name": "CVE-2025-55163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
    },
    {
      "name": "CVE-2025-8941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
    },
    {
      "name": "CVE-2025-9288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
    },
    {
      "name": "CVE-2005-2541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2541"
    },
    {
      "name": "CVE-2008-5727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5727"
    },
    {
      "name": "CVE-2008-5728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5728"
    },
    {
      "name": "CVE-2008-5729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5729"
    },
    {
      "name": "CVE-2008-5730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5730"
    },
    {
      "name": "CVE-2008-5742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5742"
    },
    {
      "name": "CVE-2011-3374",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3374"
    },
    {
      "name": "CVE-2014-4715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4715"
    },
    {
      "name": "CVE-2015-2214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2214"
    },
    {
      "name": "CVE-2016-0682",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0682"
    },
    {
      "name": "CVE-2016-0689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0689"
    },
    {
      "name": "CVE-2016-0692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0692"
    },
    {
      "name": "CVE-2016-0694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0694"
    },
    {
      "name": "CVE-2016-2149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2149"
    },
    {
      "name": "CVE-2016-2160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2160"
    },
    {
      "name": "CVE-2016-3418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3418"
    },
    {
      "name": "CVE-2017-10140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10140"
    },
    {
      "name": "CVE-2017-12195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12195"
    },
    {
      "name": "CVE-2017-12629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12629"
    },
    {
      "name": "CVE-2017-3604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3604"
    },
    {
      "name": "CVE-2017-3605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3605"
    },
    {
      "name": "CVE-2017-3606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3606"
    },
    {
      "name": "CVE-2017-3607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3607"
    },
    {
      "name": "CVE-2017-3608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3608"
    },
    {
      "name": "CVE-2017-3609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3609"
    },
    {
      "name": "CVE-2017-3610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3610"
    },
    {
      "name": "CVE-2017-3611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3611"
    },
    {
      "name": "CVE-2017-3612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3612"
    },
    {
      "name": "CVE-2017-3613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3613"
    },
    {
      "name": "CVE-2017-3614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3614"
    },
    {
      "name": "CVE-2017-3615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3615"
    },
    {
      "name": "CVE-2017-3616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3616"
    },
    {
      "name": "CVE-2017-3617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3617"
    },
    {
      "name": "CVE-2018-1000169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000169"
    },
    {
      "name": "CVE-2018-1196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1196"
    },
    {
      "name": "CVE-2018-1273",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1273"
    },
    {
      "name": "CVE-2019-10782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10782"
    },
    {
      "name": "CVE-2019-9658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9658"
    },
    {
      "name": "CVE-2020-2981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2981"
    },
    {
      "name": "CVE-2021-20298",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20298"
    },
    {
      "name": "CVE-2021-20304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20304"
    },
    {
      "name": "CVE-2021-22055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22055"
    },
    {
      "name": "CVE-2021-23169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23169"
    },
    {
      "name": "CVE-2021-3236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3236"
    },
    {
      "name": "CVE-2022-0635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0635"
    },
    {
      "name": "CVE-2022-0667",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0667"
    },
    {
      "name": "CVE-2022-3219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3219"
    },
    {
      "name": "CVE-2022-39046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-39046"
    },
    {
      "name": "CVE-2022-42010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42010"
    },
    {
      "name": "CVE-2022-42011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42011"
    },
    {
      "name": "CVE-2022-42012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42012"
    },
    {
      "name": "CVE-2022-44638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-44638"
    },
    {
      "name": "CVE-2023-31437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31437"
    },
    {
      "name": "CVE-2023-31438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31438"
    },
    {
      "name": "CVE-2023-31439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31439"
    },
    {
      "name": "CVE-2023-37769",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37769"
    },
    {
      "name": "CVE-2023-39810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39810"
    },
    {
      "name": "CVE-2023-4156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4156"
    },
    {
      "name": "CVE-2023-4320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4320"
    },
    {
      "name": "CVE-2023-43785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43785"
    },
    {
      "name": "CVE-2023-43786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43786"
    },
    {
      "name": "CVE-2023-43787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43787"
    },
    {
      "name": "CVE-2023-46129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46129"
    },
    {
      "name": "CVE-2023-47039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47039"
    },
    {
      "name": "CVE-2023-5189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5189"
    },
    {
      "name": "CVE-2024-11584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11584"
    },
    {
      "name": "CVE-2024-21742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
    },
    {
      "name": "CVE-2024-22047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22047"
    },
    {
      "name": "CVE-2024-2397",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2397"
    },
    {
      "name": "CVE-2024-26462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
    },
    {
      "name": "CVE-2024-31047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-31047"
    },
    {
      "name": "CVE-2024-3220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3220"
    },
    {
      "name": "CVE-2024-58251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58251"
    },
    {
      "name": "CVE-2024-6174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6174"
    },
    {
      "name": "CVE-2024-7012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7012"
    },
    {
      "name": "CVE-2025-1352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
    },
    {
      "name": "CVE-2025-1365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
    },
    {
      "name": "CVE-2025-1372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
    },
    {
      "name": "CVE-2025-24294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
    },
    {
      "name": "CVE-2025-26519",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-26519"
    },
    {
      "name": "CVE-2025-27587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
    },
    {
      "name": "CVE-2025-30258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30258"
    },
    {
      "name": "CVE-2025-31672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
    },
    {
      "name": "CVE-2025-40909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
    },
    {
      "name": "CVE-2025-43857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
    },
    {
      "name": "CVE-2025-45582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
    },
    {
      "name": "CVE-2025-45768",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
    },
    {
      "name": "CVE-2025-46392",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46392"
    },
    {
      "name": "CVE-2025-46394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46394"
    },
    {
      "name": "CVE-2025-49795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
    },
    {
      "name": "CVE-2025-5115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5115"
    },
    {
      "name": "CVE-2025-5222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
    },
    {
      "name": "CVE-2025-5278",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5278"
    },
    {
      "name": "CVE-2025-53864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
    },
    {
      "name": "CVE-2025-6170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
    },
    {
      "name": "CVE-2025-6297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6297"
    },
    {
      "name": "CVE-2025-7962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
    },
    {
      "name": "CVE-2025-8058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
    },
    {
      "name": "CVE-2025-8262",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8262"
    },
    {
      "name": "CVE-2025-8732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
    },
    {
      "name": "CVE-2025-8885",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
    },
    {
      "name": "CVE-2025-8916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
    },
    {
      "name": "CVE-2025-9179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9179"
    },
    {
      "name": "CVE-2025-9180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9180"
    },
    {
      "name": "CVE-2025-9181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9181"
    },
    {
      "name": "CVE-2025-9182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9182"
    },
    {
      "name": "CVE-2025-9183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9183"
    },
    {
      "name": "CVE-2025-9184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9184"
    },
    {
      "name": "CVE-2025-9185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9185"
    },
    {
      "name": "CVE-2025-9187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9187"
    },
    {
      "name": "CVE-2025-9308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9308"
    }
  ],
  "initial_release_date": "2025-09-05T00:00:00",
  "last_revision_date": "2025-09-05T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0756",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-09-05T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
  "vendor_advisories": [
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36093",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36093"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36102",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36102"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36101",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36101"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36100",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36100"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36105",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36105"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36091",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36091"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36078",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36078"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36107",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36107"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36094",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36094"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36097",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36097"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-46",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36104"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36108",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36108"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36095",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36095"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-09",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36090"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36096",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36096"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36106",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36106"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36109",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36109"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36098",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36098"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-68",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36111"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36103",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36103"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36099",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36099"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36092",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36092"
    },
    {
      "published_at": "2025-09-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36110",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36110"
    }
  ]
}

CERTFR-2024-AVI-1103

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
IBM	Cognos Analytics	Cognos Analytics versions 12.0.x antérieures à 12.0.4
IBM	Sterling	Sterling External Authentication Server versions 6.1.0.x antérieures à 6.1.0.2 ifix 01
IBM	QRadar SIEM	Security QRadar Log Management AQL Plugin versions antérieures à 1.1.0
IBM	Sterling	Sterling Secure Proxy versions 6.0.x antérieures à 6.0.3.1 (fixpack) GA
IBM	Cognos Analytics	Cognos Analytics versions 11.2.x antérieures à 11.2.4 FP5
IBM	Sterling	Sterling Secure Proxy versions 6.1.x antérieures à 6.1.0.1 (fixpack) GA
IBM	Sterling	Sterling Secure Proxy versions 6.2.x antérieures à 6.2.0.0 ifix 01
IBM	Sterling Connect:Direct	Sterling Connect:Direct Web Services versions 6.3.x antérieures à 6.3.0.11_ifix001

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 7177142	2024-12-17	vendor-advisory
Bulletin de sécurité IBM 7177223	2024-12-17	vendor-advisory
Bulletin de sécurité IBM 7179044	2024-12-16	vendor-advisory
Bulletin de sécurité IBM 7179156	2024-12-17	vendor-advisory
Bulletin de sécurité IBM 7179166	2024-12-17	vendor-advisory
Bulletin de sécurité IBM 7178835	2024-12-13	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cognos Analytics versions 12.0.x ant\u00e9rieures \u00e0 12.0.4",
      "product": {
        "name": "Cognos Analytics",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling External Authentication Server versions 6.1.0.x ant\u00e9rieures \u00e0 6.1.0.2 ifix 01",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": " Security QRadar Log Management AQL Plugin versions ant\u00e9rieures \u00e0 1.1.0",
      "product": {
        "name": "QRadar SIEM",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Secure Proxy versions 6.0.x ant\u00e9rieures \u00e0 6.0.3.1 (fixpack) GA",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.4 FP5",
      "product": {
        "name": "Cognos Analytics",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Secure Proxy versions 6.1.x ant\u00e9rieures \u00e0 6.1.0.1 (fixpack) GA",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Secure Proxy versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.0 ifix 01",
      "product": {
        "name": "Sterling",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Connect:Direct Web Services versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.11_ifix001",
      "product": {
        "name": "Sterling Connect:Direct",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2010-1205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1205"
    },
    {
      "name": "CVE-2014-1544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1544"
    },
    {
      "name": "CVE-2014-1568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1568"
    },
    {
      "name": "CVE-2015-7182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7182"
    },
    {
      "name": "CVE-2015-7181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7181"
    },
    {
      "name": "CVE-2015-7575",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7575"
    },
    {
      "name": "CVE-2016-1938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1938"
    },
    {
      "name": "CVE-2017-5461",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5461"
    },
    {
      "name": "CVE-2018-12384",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12384"
    },
    {
      "name": "CVE-2019-7317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-7317"
    },
    {
      "name": "CVE-2019-11729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11729"
    },
    {
      "name": "CVE-2019-11727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11727"
    },
    {
      "name": "CVE-2019-11719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11719"
    },
    {
      "name": "CVE-2018-12404",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12404"
    },
    {
      "name": "CVE-2019-11756",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11756"
    },
    {
      "name": "CVE-2019-11745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11745"
    },
    {
      "name": "CVE-2019-8331",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
    },
    {
      "name": "CVE-2019-11358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
    },
    {
      "name": "CVE-2019-17023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17023"
    },
    {
      "name": "CVE-2020-11022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
    },
    {
      "name": "CVE-2020-11023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
    },
    {
      "name": "CVE-2020-12400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12400"
    },
    {
      "name": "CVE-2020-12401",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12401"
    },
    {
      "name": "CVE-2020-6829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6829"
    },
    {
      "name": "CVE-2019-17006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17006"
    },
    {
      "name": "CVE-2018-18508",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-18508"
    },
    {
      "name": "CVE-2019-17007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17007"
    },
    {
      "name": "CVE-2018-20677",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
    },
    {
      "name": "CVE-2018-14040",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
    },
    {
      "name": "CVE-2018-14042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
    },
    {
      "name": "CVE-2016-10735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
    },
    {
      "name": "CVE-2018-20676",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
    },
    {
      "name": "CVE-2017-12652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12652"
    },
    {
      "name": "CVE-2020-25648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25648"
    },
    {
      "name": "CVE-2022-23990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
    },
    {
      "name": "CVE-2021-45960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
    },
    {
      "name": "CVE-2022-22827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
    },
    {
      "name": "CVE-2022-22825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
    },
    {
      "name": "CVE-2022-22824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
    },
    {
      "name": "CVE-2022-22826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
    },
    {
      "name": "CVE-2022-23852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
    },
    {
      "name": "CVE-2022-22823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
    },
    {
      "name": "CVE-2020-12403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12403"
    },
    {
      "name": "CVE-2021-38153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38153"
    },
    {
      "name": "CVE-2021-43138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43138"
    },
    {
      "name": "CVE-2022-34749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-34749"
    },
    {
      "name": "CVE-2022-40897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
    },
    {
      "name": "CVE-2023-0286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
    },
    {
      "name": "CVE-2023-0767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
    },
    {
      "name": "CVE-2023-23931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
    },
    {
      "name": "CVE-2023-2650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
    },
    {
      "name": "CVE-2023-31130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31130"
    },
    {
      "name": "CVE-2023-32067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32067"
    },
    {
      "name": "CVE-2023-25194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25194"
    },
    {
      "name": "CVE-2023-3446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
    },
    {
      "name": "CVE-2023-32681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
    },
    {
      "name": "CVE-2023-38325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38325"
    },
    {
      "name": "CVE-2023-4807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
    },
    {
      "name": "CVE-2023-30774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30774"
    },
    {
      "name": "CVE-2023-5678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
    },
    {
      "name": "CVE-2023-40217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
    },
    {
      "name": "CVE-2023-4813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
    },
    {
      "name": "CVE-2023-4806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
    },
    {
      "name": "CVE-2020-19189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19189"
    },
    {
      "name": "CVE-2023-5156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
    },
    {
      "name": "CVE-2021-46848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
    },
    {
      "name": "CVE-2022-21699",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21699"
    },
    {
      "name": "CVE-2023-6237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
    },
    {
      "name": "CVE-2023-30086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30086"
    },
    {
      "name": "CVE-2023-26965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26965"
    },
    {
      "name": "CVE-2023-3316",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3316"
    },
    {
      "name": "CVE-2023-6129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
    },
    {
      "name": "CVE-2022-48554",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48554"
    },
    {
      "name": "CVE-2020-23064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-23064"
    },
    {
      "name": "CVE-2023-5388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
    },
    {
      "name": "CVE-2023-49083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
    },
    {
      "name": "CVE-2024-25710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
    },
    {
      "name": "CVE-2024-26308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
    },
    {
      "name": "CVE-2024-22195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22195"
    },
    {
      "name": "CVE-2023-50782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
    },
    {
      "name": "CVE-2023-52426",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
    },
    {
      "name": "CVE-2024-21011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
    },
    {
      "name": "CVE-2024-21094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
    },
    {
      "name": "CVE-2024-21085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
    },
    {
      "name": "CVE-2024-29133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29133"
    },
    {
      "name": "CVE-2024-29131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29131"
    },
    {
      "name": "CVE-2024-28849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28849"
    },
    {
      "name": "CVE-2024-22201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22201"
    },
    {
      "name": "CVE-2024-25629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25629"
    },
    {
      "name": "CVE-2023-52425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
    },
    {
      "name": "CVE-2024-4367",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4367"
    },
    {
      "name": "CVE-2024-27983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27983"
    },
    {
      "name": "CVE-2023-51074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
    },
    {
      "name": "CVE-2024-23944",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23944"
    },
    {
      "name": "CVE-2023-38264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38264"
    },
    {
      "name": "CVE-2024-29025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
    },
    {
      "name": "CVE-2024-34102",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34102"
    },
    {
      "name": "CVE-2024-28757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
    },
    {
      "name": "CVE-2024-29041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29041"
    },
    {
      "name": "CVE-2024-29857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
    },
    {
      "name": "CVE-2024-30171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
    },
    {
      "name": "CVE-2024-30172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
    },
    {
      "name": "CVE-2021-36770",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36770"
    },
    {
      "name": "CVE-2024-2398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
    },
    {
      "name": "CVE-2024-28176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28176"
    },
    {
      "name": "CVE-2024-28863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28863"
    },
    {
      "name": "CVE-2024-4067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
    },
    {
      "name": "CVE-2024-4068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
    },
    {
      "name": "CVE-2023-50495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
    },
    {
      "name": "CVE-2024-27982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27982"
    },
    {
      "name": "CVE-2023-52356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52356"
    },
    {
      "name": "CVE-2023-6228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
    },
    {
      "name": "CVE-2023-6277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6277"
    },
    {
      "name": "CVE-2024-6345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
    },
    {
      "name": "CVE-2024-37890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37890"
    },
    {
      "name": "CVE-2024-39008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39008"
    },
    {
      "name": "CVE-2023-3164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3164"
    },
    {
      "name": "CVE-2024-22018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22018"
    },
    {
      "name": "CVE-2024-22020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22020"
    },
    {
      "name": "CVE-2024-27980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27980"
    },
    {
      "name": "CVE-2024-36137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36137"
    },
    {
      "name": "CVE-2024-36138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36138"
    },
    {
      "name": "CVE-2024-37372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37372"
    },
    {
      "name": "CVE-2024-39338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
    },
    {
      "name": "CVE-2024-7264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
    },
    {
      "name": "CVE-2024-22871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22871"
    },
    {
      "name": "CVE-2018-15209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-15209"
    },
    {
      "name": "CVE-2023-37536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37536"
    },
    {
      "name": "CVE-2024-45296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
    },
    {
      "name": "CVE-2024-34447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
    },
    {
      "name": "CVE-2024-43796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
    },
    {
      "name": "CVE-2024-45590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
    },
    {
      "name": "CVE-2018-14041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
    },
    {
      "name": "CVE-2024-36114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36114"
    },
    {
      "name": "CVE-2024-25638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25638"
    },
    {
      "name": "CVE-2024-51504",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-51504"
    },
    {
      "name": "CVE-2024-7006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7006"
    },
    {
      "name": "CVE-2013-2099",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2099"
    },
    {
      "name": "CVE-2014-1569",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1569"
    },
    {
      "name": "CVE-2017-11613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-11613"
    },
    {
      "name": "CVE-2017-11695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-11695"
    },
    {
      "name": "CVE-2017-11696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-11696"
    },
    {
      "name": "CVE-2017-11697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-11697"
    },
    {
      "name": "CVE-2017-11698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-11698"
    },
    {
      "name": "CVE-2017-12627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12627"
    },
    {
      "name": "CVE-2017-18013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-18013"
    },
    {
      "name": "CVE-2017-18869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-18869"
    },
    {
      "name": "CVE-2017-9937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9937"
    },
    {
      "name": "CVE-2018-16335",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16335"
    },
    {
      "name": "CVE-2018-17000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17000"
    },
    {
      "name": "CVE-2018-17100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17100"
    },
    {
      "name": "CVE-2018-17101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17101"
    },
    {
      "name": "CVE-2018-19210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-19210"
    },
    {
      "name": "CVE-2018-5784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-5784"
    },
    {
      "name": "CVE-2018-7456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7456"
    },
    {
      "name": "CVE-2019-10255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10255"
    },
    {
      "name": "CVE-2019-14973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14973"
    },
    {
      "name": "CVE-2019-17546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17546"
    },
    {
      "name": "CVE-2019-6128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6128"
    },
    {
      "name": "CVE-2020-15110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15110"
    },
    {
      "name": "CVE-2020-18768",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-18768"
    },
    {
      "name": "CVE-2020-19131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19131"
    },
    {
      "name": "CVE-2020-19144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19144"
    },
    {
      "name": "CVE-2020-26261",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26261"
    },
    {
      "name": "CVE-2020-35521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-35521"
    },
    {
      "name": "CVE-2020-35522",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-35522"
    },
    {
      "name": "CVE-2020-35523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-35523"
    },
    {
      "name": "CVE-2020-35524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-35524"
    },
    {
      "name": "CVE-2020-36191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36191"
    },
    {
      "name": "CVE-2021-32862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-32862"
    },
    {
      "name": "CVE-2022-0561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0561"
    },
    {
      "name": "CVE-2022-0562",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0562"
    },
    {
      "name": "CVE-2022-0891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0891"
    },
    {
      "name": "CVE-2022-0908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0908"
    },
    {
      "name": "CVE-2022-2056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2056"
    },
    {
      "name": "CVE-2022-2057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2057"
    },
    {
      "name": "CVE-2022-2058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2058"
    },
    {
      "name": "CVE-2022-22844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22844"
    },
    {
      "name": "CVE-2022-2867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2867"
    },
    {
      "name": "CVE-2022-2868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2868"
    },
    {
      "name": "CVE-2022-2869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2869"
    },
    {
      "name": "CVE-2022-34266",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-34266"
    },
    {
      "name": "CVE-2022-34526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-34526"
    },
    {
      "name": "CVE-2022-3479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3479"
    },
    {
      "name": "CVE-2022-3570",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3570"
    },
    {
      "name": "CVE-2022-3597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3597"
    },
    {
      "name": "CVE-2022-3598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3598"
    },
    {
      "name": "CVE-2022-3599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3599"
    },
    {
      "name": "CVE-2022-3626",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3626"
    },
    {
      "name": "CVE-2022-3627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3627"
    },
    {
      "name": "CVE-2022-40090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40090"
    },
    {
      "name": "CVE-2022-4645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4645"
    },
    {
      "name": "CVE-2023-0795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0795"
    },
    {
      "name": "CVE-2023-0796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0796"
    },
    {
      "name": "CVE-2023-0797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0797"
    },
    {
      "name": "CVE-2023-0798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0798"
    },
    {
      "name": "CVE-2023-0799",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0799"
    },
    {
      "name": "CVE-2023-0800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0800"
    },
    {
      "name": "CVE-2023-0801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0801"
    },
    {
      "name": "CVE-2023-0802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0802"
    },
    {
      "name": "CVE-2023-0803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0803"
    },
    {
      "name": "CVE-2023-0804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0804"
    },
    {
      "name": "CVE-2023-1916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1916"
    },
    {
      "name": "CVE-2023-24816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24816"
    },
    {
      "name": "CVE-2023-25434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25434"
    },
    {
      "name": "CVE-2023-25435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25435"
    },
    {
      "name": "CVE-2023-2731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2731"
    },
    {
      "name": "CVE-2023-2908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2908"
    },
    {
      "name": "CVE-2023-30775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30775"
    },
    {
      "name": "CVE-2023-3576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3576"
    },
    {
      "name": "CVE-2023-38288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38288"
    },
    {
      "name": "CVE-2023-38289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38289"
    },
    {
      "name": "CVE-2023-40745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40745"
    },
    {
      "name": "CVE-2023-41175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-41175"
    },
    {
      "name": "CVE-2023-41334",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-41334"
    },
    {
      "name": "CVE-2023-4421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4421"
    },
    {
      "name": "CVE-2023-4759",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4759"
    },
    {
      "name": "CVE-2023-50291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50291"
    },
    {
      "name": "CVE-2023-50292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50292"
    },
    {
      "name": "CVE-2023-50298",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50298"
    },
    {
      "name": "CVE-2023-50386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50386"
    },
    {
      "name": "CVE-2023-50447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50447"
    },
    {
      "name": "CVE-2024-25016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25016"
    },
    {
      "name": "CVE-2024-29896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29896"
    },
    {
      "name": "CVE-2024-33883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33883"
    },
    {
      "name": "CVE-2024-38337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38337"
    },
    {
      "name": "CVE-2024-41752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41752"
    },
    {
      "name": "CVE-2024-45082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45082"
    }
  ],
  "initial_release_date": "2024-12-20T00:00:00",
  "last_revision_date": "2024-12-20T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-1103",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-12-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": "2024-12-17",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7177142",
      "url": "https://www.ibm.com/support/pages/node/7177142"
    },
    {
      "published_at": "2024-12-17",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7177223",
      "url": "https://www.ibm.com/support/pages/node/7177223"
    },
    {
      "published_at": "2024-12-16",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7179044",
      "url": "https://www.ibm.com/support/pages/node/7179044"
    },
    {
      "published_at": "2024-12-17",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7179156",
      "url": "https://www.ibm.com/support/pages/node/7179156"
    },
    {
      "published_at": "2024-12-17",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7179166",
      "url": "https://www.ibm.com/support/pages/node/7179166"
    },
    {
      "published_at": "2024-12-13",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7178835",
      "url": "https://www.ibm.com/support/pages/node/7178835"
    }
  ]
}

CERTFR-2024-AVI-0459

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
IBM	N/A	IBM Db2 on Cloud Pak for Data et Db2 Warehouse on Cloud Pak for Data versions postérieures à 3.5 et antérieures à 4.8.5
IBM	N/A	DevOps Code ClearCase versions 11.0.x sans le dernier correctif de sécurité
IBM	N/A	Rational ClearCase versions 9.1.x et 10.0.0.x sans le dernier correctif de sécurité

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 7155114	2024-05-29	vendor-advisory
Bulletin de sécurité IBM 7155078	2024-05-28	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "IBM Db2 on Cloud Pak for Data et Db2 Warehouse on Cloud Pak for Data versions post\u00e9rieures \u00e0 3.5 et ant\u00e9rieures \u00e0 4.8.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "DevOps Code ClearCase versions 11.0.x sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Rational ClearCase versions 9.1.x et 10.0.0.x sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-1597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1597"
    },
    {
      "name": "CVE-2023-49568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49568"
    },
    {
      "name": "CVE-2024-25030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25030"
    },
    {
      "name": "CVE-2023-45857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45857"
    },
    {
      "name": "CVE-2024-23944",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23944"
    },
    {
      "name": "CVE-2020-9546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-9546"
    },
    {
      "name": "CVE-2020-13956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13956"
    },
    {
      "name": "CVE-2020-10673",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10673"
    },
    {
      "name": "CVE-2020-35728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-35728"
    },
    {
      "name": "CVE-2020-36181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36181"
    },
    {
      "name": "CVE-2020-9548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-9548"
    },
    {
      "name": "CVE-2020-36182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36182"
    },
    {
      "name": "CVE-2020-24616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24616"
    },
    {
      "name": "CVE-2023-52296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52296"
    },
    {
      "name": "CVE-2020-36185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36185"
    },
    {
      "name": "CVE-2024-25046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25046"
    },
    {
      "name": "CVE-2023-50782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
    },
    {
      "name": "CVE-2022-36364",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-36364"
    },
    {
      "name": "CVE-2022-1996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1996"
    },
    {
      "name": "CVE-2019-16942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16942"
    },
    {
      "name": "CVE-2019-11358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
    },
    {
      "name": "CVE-2020-9547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-9547"
    },
    {
      "name": "CVE-2020-36179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36179"
    },
    {
      "name": "CVE-2020-10650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10650"
    },
    {
      "name": "CVE-2023-44270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44270"
    },
    {
      "name": "CVE-2020-36186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36186"
    },
    {
      "name": "CVE-2020-36189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36189"
    },
    {
      "name": "CVE-2020-35490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-35490"
    },
    {
      "name": "CVE-2023-34462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34462"
    },
    {
      "name": "CVE-2018-1313",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1313"
    },
    {
      "name": "CVE-2022-46337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-46337"
    },
    {
      "name": "CVE-2021-20190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20190"
    },
    {
      "name": "CVE-2019-13224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-13224"
    },
    {
      "name": "CVE-2019-19204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19204"
    },
    {
      "name": "CVE-2020-11113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11113"
    },
    {
      "name": "CVE-2024-27254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27254"
    },
    {
      "name": "CVE-2020-10672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10672"
    },
    {
      "name": "CVE-2023-51074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
    },
    {
      "name": "CVE-2020-10969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10969"
    },
    {
      "name": "CVE-2020-23064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-23064"
    },
    {
      "name": "CVE-2024-22195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22195"
    },
    {
      "name": "CVE-2020-36187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36187"
    },
    {
      "name": "CVE-2020-11620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11620"
    },
    {
      "name": "CVE-2023-36478",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36478"
    },
    {
      "name": "CVE-2015-1832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1832"
    },
    {
      "name": "CVE-2021-21295",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21295"
    },
    {
      "name": "CVE-2020-24750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24750"
    },
    {
      "name": "CVE-2024-22190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22190"
    },
    {
      "name": "CVE-2019-16163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16163"
    },
    {
      "name": "CVE-2019-16943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16943"
    },
    {
      "name": "CVE-2023-51775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
    },
    {
      "name": "CVE-2024-22360",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22360"
    },
    {
      "name": "CVE-2024-26130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26130"
    },
    {
      "name": "CVE-2019-20330",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20330"
    },
    {
      "name": "CVE-2020-14195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14195"
    },
    {
      "name": "CVE-2023-44981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44981"
    },
    {
      "name": "CVE-2018-10237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-10237"
    },
    {
      "name": "CVE-2020-35491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-35491"
    },
    {
      "name": "CVE-2019-17531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17531"
    },
    {
      "name": "CVE-2023-38729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38729"
    },
    {
      "name": "CVE-2024-21626",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21626"
    },
    {
      "name": "CVE-2019-19203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19203"
    },
    {
      "name": "CVE-2020-14061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14061"
    },
    {
      "name": "CVE-2023-40167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40167"
    },
    {
      "name": "CVE-2023-41900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-41900"
    },
    {
      "name": "CVE-2022-42004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
    },
    {
      "name": "CVE-2020-11619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11619"
    },
    {
      "name": "CVE-2020-36183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36183"
    },
    {
      "name": "CVE-2020-8840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8840"
    },
    {
      "name": "CVE-2023-36479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36479"
    },
    {
      "name": "CVE-2024-24549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24549"
    },
    {
      "name": "CVE-2020-36184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36184"
    },
    {
      "name": "CVE-2020-36180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36180"
    },
    {
      "name": "CVE-2020-11022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
    },
    {
      "name": "CVE-2021-31684",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31684"
    },
    {
      "name": "CVE-2020-36518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
    },
    {
      "name": "CVE-2023-261257",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-261257"
    },
    {
      "name": "CVE-2023-49083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
    },
    {
      "name": "CVE-2023-49569",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49569"
    },
    {
      "name": "CVE-2020-10968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10968"
    },
    {
      "name": "CVE-2022-42003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
    },
    {
      "name": "CVE-2020-25649",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25649"
    },
    {
      "name": "CVE-2024-0690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0690"
    },
    {
      "name": "CVE-2024-22354",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22354"
    },
    {
      "name": "CVE-2020-11112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11112"
    },
    {
      "name": "CVE-2019-19012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19012"
    },
    {
      "name": "CVE-2020-11111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11111"
    },
    {
      "name": "CVE-2012-2677",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2677"
    },
    {
      "name": "CVE-2020-14060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14060"
    },
    {
      "name": "CVE-2020-36188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36188"
    },
    {
      "name": "CVE-2020-11023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
    },
    {
      "name": "CVE-2020-14062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14062"
    }
  ],
  "initial_release_date": "2024-05-31T00:00:00",
  "last_revision_date": "2024-05-31T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0459",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-05-31T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": "2024-05-29",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7155114",
      "url": "https://www.ibm.com/support/pages/node/7155114"
    },
    {
      "published_at": "2024-05-28",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7155078",
      "url": "https://www.ibm.com/support/pages/node/7155078"
    }
  ]
}

ncsc-2025-0124

Vulnerability from csaf_ncscnl

Published

2025-04-16 08:39

Modified

2025-04-16 08:39

Summary

Kwetsbaarheden verholpen in Oracle Communications

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten

Oracle heeft meerdere kwetsbaarheden verholpen in Oracle Communications producten, waaronder de Cloud Native Core en Policy Management.

Interpretaties

De kwetsbaarheden in Oracle Communications producten stellen ongeauthenticeerde aanvallers in staat om ongeautoriseerde toegang te verkrijgen tot gevoelige gegevens en kunnen leiden tot Denial-of-Service (DoS) aanvallen. Specifieke versies van de Cloud Native Core, zoals de Binding Support Function en Network Repository Function, zijn getroffen, met CVSS-scores die variëren van 4.3 tot 9.8, wat wijst op significante risico's voor de beschikbaarheid en vertrouwelijkheid van de systemen.

Oplossingen

Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans

medium

Schade

high

CWE-44

Path Equivalence: 'file.name' (Internal Dot)

CWE-706

Use of Incorrectly-Resolved Name or Reference

CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CWE-1321

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CWE-502

Deserialization of Untrusted Data

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-121

Stack-based Buffer Overflow

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-1395

Dependency on Vulnerable Third-Party Component

CWE-653

Improper Isolation or Compartmentalization

CWE-670

Always-Incorrect Control Flow Implementation

CWE-676

Use of Potentially Dangerous Function

CWE-1336

Improper Neutralization of Special Elements Used in a Template Engine

CWE-392

Missing Report of Error Condition

CWE-772

Missing Release of Resource after Effective Lifetime

CWE-208

Observable Timing Discrepancy

CWE-669

Incorrect Resource Transfer Between Spheres

CWE-349

Acceptance of Extraneous Untrusted Data With Trusted Data

CWE-834

Excessive Iteration

CWE-303

Incorrect Implementation of Authentication Algorithm

CWE-732

Incorrect Permission Assignment for Critical Resource

CWE-367

Time-of-check Time-of-use (TOCTOU) Race Condition

CWE-917

Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')

CWE-1286

Improper Validation of Syntactic Correctness of Input

CWE-754

Improper Check for Unusual or Exceptional Conditions

CWE-680

Integer Overflow to Buffer Overflow

CWE-345

Insufficient Verification of Data Authenticity

CWE-369

Divide By Zero

CWE-552

Files or Directories Accessible to External Parties

CWE-639

Authorization Bypass Through User-Controlled Key

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CWE-404

Improper Resource Shutdown or Release

CWE-862

Missing Authorization

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-1333

Inefficient Regular Expression Complexity

CWE-295

Improper Certificate Validation

CWE-94

Improper Control of Generation of Code ('Code Injection')

CWE-327

Use of a Broken or Risky Cryptographic Algorithm

CWE-400

Uncontrolled Resource Consumption

CWE-770

Allocation of Resources Without Limits or Throttling

CWE-674

Uncontrolled Recursion

CWE-611

Improper Restriction of XML External Entity Reference

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE-269

Improper Privilege Management

CWE-20

Improper Input Validation

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Oracle heeft meerdere kwetsbaarheden verholpen in Oracle Communications producten, waaronder de Cloud Native Core en Policy Management.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden in Oracle Communications producten stellen ongeauthenticeerde aanvallers in staat om ongeautoriseerde toegang te verkrijgen tot gevoelige gegevens en kunnen leiden tot Denial-of-Service (DoS) aanvallen. Specifieke versies van de Cloud Native Core, zoals de Binding Support Function en Network Repository Function, zijn getroffen, met CVSS-scores die vari\u00ebren van 4.3 tot 9.8, wat wijst op significante risico\u0027s voor de beschikbaarheid en vertrouwelijkheid van de systemen.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Path Equivalence: \u0027file.name\u0027 (Internal Dot)",
        "title": "CWE-44"
      },
      {
        "category": "general",
        "text": "Use of Incorrectly-Resolved Name or Reference",
        "title": "CWE-706"
      },
      {
        "category": "general",
        "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
        "title": "CWE-444"
      },
      {
        "category": "general",
        "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
        "title": "CWE-1321"
      },
      {
        "category": "general",
        "text": "Deserialization of Untrusted Data",
        "title": "CWE-502"
      },
      {
        "category": "general",
        "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
        "title": "CWE-22"
      },
      {
        "category": "general",
        "text": "Stack-based Buffer Overflow",
        "title": "CWE-121"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      },
      {
        "category": "general",
        "text": "Dependency on Vulnerable Third-Party Component",
        "title": "CWE-1395"
      },
      {
        "category": "general",
        "text": "Improper Isolation or Compartmentalization",
        "title": "CWE-653"
      },
      {
        "category": "general",
        "text": "Always-Incorrect Control Flow Implementation",
        "title": "CWE-670"
      },
      {
        "category": "general",
        "text": "Use of Potentially Dangerous Function",
        "title": "CWE-676"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements Used in a Template Engine",
        "title": "CWE-1336"
      },
      {
        "category": "general",
        "text": "Missing Report of Error Condition",
        "title": "CWE-392"
      },
      {
        "category": "general",
        "text": "Missing Release of Resource after Effective Lifetime",
        "title": "CWE-772"
      },
      {
        "category": "general",
        "text": "Observable Timing Discrepancy",
        "title": "CWE-208"
      },
      {
        "category": "general",
        "text": "Incorrect Resource Transfer Between Spheres",
        "title": "CWE-669"
      },
      {
        "category": "general",
        "text": "Acceptance of Extraneous Untrusted Data With Trusted Data",
        "title": "CWE-349"
      },
      {
        "category": "general",
        "text": "Excessive Iteration",
        "title": "CWE-834"
      },
      {
        "category": "general",
        "text": "Incorrect Implementation of Authentication Algorithm",
        "title": "CWE-303"
      },
      {
        "category": "general",
        "text": "Incorrect Permission Assignment for Critical Resource",
        "title": "CWE-732"
      },
      {
        "category": "general",
        "text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
        "title": "CWE-367"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)",
        "title": "CWE-917"
      },
      {
        "category": "general",
        "text": "Improper Validation of Syntactic Correctness of Input",
        "title": "CWE-1286"
      },
      {
        "category": "general",
        "text": "Improper Check for Unusual or Exceptional Conditions",
        "title": "CWE-754"
      },
      {
        "category": "general",
        "text": "Integer Overflow to Buffer Overflow",
        "title": "CWE-680"
      },
      {
        "category": "general",
        "text": "Insufficient Verification of Data Authenticity",
        "title": "CWE-345"
      },
      {
        "category": "general",
        "text": "Divide By Zero",
        "title": "CWE-369"
      },
      {
        "category": "general",
        "text": "Files or Directories Accessible to External Parties",
        "title": "CWE-552"
      },
      {
        "category": "general",
        "text": "Authorization Bypass Through User-Controlled Key",
        "title": "CWE-639"
      },
      {
        "category": "general",
        "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
        "title": "CWE-362"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "Missing Authorization",
        "title": "CWE-862"
      },
      {
        "category": "general",
        "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
        "title": "CWE-119"
      },
      {
        "category": "general",
        "text": "Inefficient Regular Expression Complexity",
        "title": "CWE-1333"
      },
      {
        "category": "general",
        "text": "Improper Certificate Validation",
        "title": "CWE-295"
      },
      {
        "category": "general",
        "text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
        "title": "CWE-94"
      },
      {
        "category": "general",
        "text": "Use of a Broken or Risky Cryptographic Algorithm",
        "title": "CWE-327"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Uncontrolled Recursion",
        "title": "CWE-674"
      },
      {
        "category": "general",
        "text": "Improper Restriction of XML External Entity Reference",
        "title": "CWE-611"
      },
      {
        "category": "general",
        "text": "Exposure of Sensitive Information to an Unauthorized Actor",
        "title": "CWE-200"
      },
      {
        "category": "general",
        "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
        "title": "CWE-120"
      },
      {
        "category": "general",
        "text": "Improper Privilege Management",
        "title": "CWE-269"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; nvd; oracle",
        "url": "https://www.oracle.com/security-alerts/cpuapr2025.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Oracle Communications",
    "tracking": {
      "current_release_date": "2025-04-16T08:39:55.217751Z",
      "generator": {
        "date": "2025-02-25T15:15:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.0"
        }
      },
      "id": "NCSC-2025-0124",
      "initial_release_date": "2025-04-16T08:39:55.217751Z",
      "revision_history": [
        {
          "date": "2025-04-16T08:39:55.217751Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/24.2.1",
                    "product": {
                      "name": "vers:unknown/24.2.1",
                      "product_id": "CSAFPID-1838578"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/24.2.0",
                    "product": {
                      "name": "vers:unknown/24.2.0",
                      "product_id": "CSAFPID-1838586"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Communications Cloud Native Core Binding Support Function"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/\u003e=24.2.0|\u003c=24.2.2",
                    "product": {
                      "name": "vers:unknown/\u003e=24.2.0|\u003c=24.2.2",
                      "product_id": "CSAFPID-1838591"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Communications Cloud Native Core Policy"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/24.2.1",
                    "product": {
                      "name": "vers:unknown/24.2.1",
                      "product_id": "CSAFPID-1838592"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Communications Cloud Native Core Console"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/24.2.0",
                    "product": {
                      "name": "vers:unknown/24.2.0",
                      "product_id": "CSAFPID-1838572"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/24.2.1",
                    "product": {
                      "name": "vers:unknown/24.2.1",
                      "product_id": "CSAFPID-1838581"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/24.2.2",
                    "product": {
                      "name": "vers:unknown/24.2.2",
                      "product_id": "CSAFPID-1838584"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Communications Cloud Native Core Security Edge Protection Proxy"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/\u003e=6.0|\u003c=6.1",
                    "product": {
                      "name": "vers:unknown/\u003e=6.0|\u003c=6.1",
                      "product_id": "CSAFPID-2698355"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Communications Unified Assurance"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/24.3.0",
                    "product": {
                      "name": "vers:unknown/24.3.0",
                      "product_id": "CSAFPID-2698333"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Management Cloud Engine"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/24.2.0",
                    "product": {
                      "name": "vers:unknown/24.2.0",
                      "product_id": "CSAFPID-2698334"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Communications Cloud Native Core Network Data Analytics Function"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/24.2.5",
                    "product": {
                      "name": "vers:unknown/24.2.5",
                      "product_id": "CSAFPID-2698374"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Communications Cloud Native Core Network Function Cloud Native Environment"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/9.0.0",
                    "product": {
                      "name": "vers:unknown/9.0.0",
                      "product_id": "CSAFPID-1234193"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/9.0.1",
                    "product": {
                      "name": "vers:unknown/9.0.1",
                      "product_id": "CSAFPID-1234261"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/9.0.2",
                    "product": {
                      "name": "vers:unknown/9.0.2",
                      "product_id": "CSAFPID-2698362"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/9.0.3",
                    "product": {
                      "name": "vers:unknown/9.0.3",
                      "product_id": "CSAFPID-2698358"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/\u003e=9.0.0|\u003c=9.0.3",
                    "product": {
                      "name": "vers:unknown/\u003e=9.0.0|\u003c=9.0.3",
                      "product_id": "CSAFPID-2698372"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Communications Element Manager"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/15.0.0.0.0",
                    "product": {
                      "name": "vers:unknown/15.0.0.0.0",
                      "product_id": "CSAFPID-1837923"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Communications Policy Management"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/\u003e=9.0.0|\u003c=9.0.3",
                    "product": {
                      "name": "vers:unknown/\u003e=9.0.0|\u003c=9.0.3",
                      "product_id": "CSAFPID-2698373"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Communications Session Report Manager"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/9.1.1.9",
                    "product": {
                      "name": "vers:unknown/9.1.1.9",
                      "product_id": "CSAFPID-2698357"
                    }
                  }
                ],
                "category": "product_name",
                "name": "SD-WAN Edge"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/24.2.3",
                    "product": {
                      "name": "vers:unknown/24.2.3",
                      "product_id": "CSAFPID-1838579"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/24.3.0",
                    "product": {
                      "name": "vers:unknown/24.3.0",
                      "product_id": "CSAFPID-1838582"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Communications Cloud Native Core Unified Data Repository"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/10.0.0",
                    "product": {
                      "name": "vers:unknown/10.0.0",
                      "product_id": "CSAFPID-2698381"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/9.2.0",
                    "product": {
                      "name": "vers:unknown/9.2.0",
                      "product_id": "CSAFPID-1207518"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/9.3.0",
                    "product": {
                      "name": "vers:unknown/9.3.0",
                      "product_id": "CSAFPID-1207704"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Communications Session Border Controller"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/4.1.0",
                    "product": {
                      "name": "vers:unknown/4.1.0",
                      "product_id": "CSAFPID-1207607"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/4.2.0",
                    "product": {
                      "name": "vers:unknown/4.2.0",
                      "product_id": "CSAFPID-1207752"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Enterprise Communications Broker"
              }
            ],
            "category": "product_family",
            "name": "Oracle"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.2.0",
                    "product": {
                      "name": "vers:oracle/24.2.0",
                      "product_id": "CSAFPID-1839911",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.2.1",
                    "product": {
                      "name": "vers:oracle/24.2.1",
                      "product_id": "CSAFPID-1839908",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.1:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=24.2.0|\u003c=24.2.2",
                    "product": {
                      "name": "vers:oracle/\u003e=24.2.0|\u003c=24.2.2",
                      "product_id": "CSAFPID-2698963",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.0-24.2.2:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Cloud Native Core Binding Support Function"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.2.3",
                    "product": {
                      "name": "vers:oracle/24.2.3",
                      "product_id": "CSAFPID-2698973",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.2.3:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.2.4",
                    "product": {
                      "name": "vers:oracle/24.2.4",
                      "product_id": "CSAFPID-2699085",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.2.4:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.3.0",
                    "product": {
                      "name": "vers:oracle/24.3.0",
                      "product_id": "CSAFPID-1839941",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.3.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Cloud Native Core DBTier"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=24.2.0|\u003c=24.2.2",
                    "product": {
                      "name": "vers:oracle/\u003e=24.2.0|\u003c=24.2.2",
                      "product_id": "CSAFPID-1839907",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0-24.2.2:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=24.2.0|\u003c=24.2.4",
                    "product": {
                      "name": "vers:oracle/\u003e=24.2.0|\u003c=24.2.4",
                      "product_id": "CSAFPID-2698965",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0-24.2.4:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=24.2.1|\u003c=24.2.4",
                    "product": {
                      "name": "vers:oracle/\u003e=24.2.1|\u003c=24.2.4",
                      "product_id": "CSAFPID-2698944",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.1-24.2.4:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Cloud Native Core Policy"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.2.1",
                    "product": {
                      "name": "vers:oracle/24.2.1",
                      "product_id": "CSAFPID-1839952",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.1:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.2.2",
                    "product": {
                      "name": "vers:oracle/24.2.2",
                      "product_id": "CSAFPID-2699038",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.2:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Cloud Native Core Certificate Management"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.2.1",
                    "product": {
                      "name": "vers:oracle/24.2.1",
                      "product_id": "CSAFPID-1839951",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.1:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.2.2",
                    "product": {
                      "name": "vers:oracle/24.2.2",
                      "product_id": "CSAFPID-2699059",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.2:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Cloud Native Core Console"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.2.2",
                    "product": {
                      "name": "vers:oracle/24.2.2",
                      "product_id": "CSAFPID-1839919",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.2:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.2.3",
                    "product": {
                      "name": "vers:oracle/24.2.3",
                      "product_id": "CSAFPID-2698957",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.3:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Cloud Native Core Network Repository Function"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/23.4.0",
                    "product": {
                      "name": "vers:oracle/23.4.0",
                      "product_id": "CSAFPID-1839924",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.2.0",
                    "product": {
                      "name": "vers:oracle/24.2.0",
                      "product_id": "CSAFPID-1839910",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.2.1",
                    "product": {
                      "name": "vers:oracle/24.2.1",
                      "product_id": "CSAFPID-1839909",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.1:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.2.2",
                    "product": {
                      "name": "vers:oracle/24.2.2",
                      "product_id": "CSAFPID-1839894",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.2:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.2.3",
                    "product": {
                      "name": "vers:oracle/24.2.3",
                      "product_id": "CSAFPID-2698958",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.3:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.3.0",
                    "product": {
                      "name": "vers:oracle/24.3.0",
                      "product_id": "CSAFPID-2699094",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.3.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Cloud Native Core Security Edge Protection Proxy"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.2.0",
                    "product": {
                      "name": "vers:oracle/24.2.0",
                      "product_id": "CSAFPID-1839934",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.2.3",
                    "product": {
                      "name": "vers:oracle/24.2.3",
                      "product_id": "CSAFPID-2699086",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.3:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.3.0",
                    "product": {
                      "name": "vers:oracle/24.3.0",
                      "product_id": "CSAFPID-1839935",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.3.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/25.1.100",
                    "product": {
                      "name": "vers:oracle/25.1.100",
                      "product_id": "CSAFPID-2699073",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:25.1.100:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Cloud Native Core Service Communication Proxy"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/46.6",
                    "product": {
                      "name": "vers:oracle/46.6",
                      "product_id": "CSAFPID-2698993",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications EAGLE Element Management System"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/5.1",
                    "product": {
                      "name": "vers:oracle/5.1",
                      "product_id": "CSAFPID-1839893",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_operations_monitor:5.1:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/5.2",
                    "product": {
                      "name": "vers:oracle/5.2",
                      "product_id": "CSAFPID-1839895",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_operations_monitor:5.2:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Operations Monitor"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/12.11",
                    "product": {
                      "name": "vers:oracle/12.11",
                      "product_id": "CSAFPID-1839890",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.11:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/14.0",
                    "product": {
                      "name": "vers:oracle/14.0",
                      "product_id": "CSAFPID-1839891",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:14.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/14.0.0",
                    "product": {
                      "name": "vers:oracle/14.0.0",
                      "product_id": "CSAFPID-2699072",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:14.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/15.0",
                    "product": {
                      "name": "vers:oracle/15.0",
                      "product_id": "CSAFPID-1839961",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:15.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/15.0.0",
                    "product": {
                      "name": "vers:oracle/15.0.0",
                      "product_id": "CSAFPID-2699023",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:15.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/15.0.1",
                    "product": {
                      "name": "vers:oracle/15.0.1",
                      "product_id": "CSAFPID-2699025",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:15.0.1:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/15.0.2",
                    "product": {
                      "name": "vers:oracle/15.0.2",
                      "product_id": "CSAFPID-2699024",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:15.0.2:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications User Data Repository"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/9.0.0.0",
                    "product": {
                      "name": "vers:oracle/9.0.0.0",
                      "product_id": "CSAFPID-2698999",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Diameter Signaling Router"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.3.0",
                    "product": {
                      "name": "vers:oracle/24.3.0",
                      "product_id": "CSAFPID-2698996",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:management_cloud_engine:24.3.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Management Cloud Engine"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.2.0",
                    "product": {
                      "name": "vers:oracle/24.2.0",
                      "product_id": "CSAFPID-2699007",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Cloud Native Core Network Data Analytics Function"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.2.0",
                    "product": {
                      "name": "vers:oracle/24.2.0",
                      "product_id": "CSAFPID-1839868",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.2.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.2.5",
                    "product": {
                      "name": "vers:oracle/24.2.5",
                      "product_id": "CSAFPID-2699029",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.2.5:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.3.0",
                    "product": {
                      "name": "vers:oracle/24.3.0",
                      "product_id": "CSAFPID-1839869",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.3.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Cloud Native Core Network Function Cloud Native Environment"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/9.0.0",
                    "product": {
                      "name": "vers:oracle/9.0.0",
                      "product_id": "CSAFPID-2699013",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/9.0.1",
                    "product": {
                      "name": "vers:oracle/9.0.1",
                      "product_id": "CSAFPID-2699012",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0.1:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/9.0.2",
                    "product": {
                      "name": "vers:oracle/9.0.2",
                      "product_id": "CSAFPID-2699016",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0.2:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/9.0.3",
                    "product": {
                      "name": "vers:oracle/9.0.3",
                      "product_id": "CSAFPID-2699015",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0.3:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=9.0.0|\u003c=9.0.3",
                    "product": {
                      "name": "vers:oracle/\u003e=9.0.0|\u003c=9.0.3",
                      "product_id": "CSAFPID-2699098",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0.0-9.0.3:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Element Manager"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/15.0.0.0.0",
                    "product": {
                      "name": "vers:oracle/15.0.0.0.0",
                      "product_id": "CSAFPID-1839960",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Policy Management"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/9.0.0",
                    "product": {
                      "name": "vers:oracle/9.0.0",
                      "product_id": "CSAFPID-2699093",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/9.0.1",
                    "product": {
                      "name": "vers:oracle/9.0.1",
                      "product_id": "CSAFPID-2699092",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0.1:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/9.0.2",
                    "product": {
                      "name": "vers:oracle/9.0.2",
                      "product_id": "CSAFPID-2699091",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0.2:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/9.0.3",
                    "product": {
                      "name": "vers:oracle/9.0.3",
                      "product_id": "CSAFPID-2699090",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0.3:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=9.0.0|\u003c=9.0.3",
                    "product": {
                      "name": "vers:oracle/\u003e=9.0.0|\u003c=9.0.3",
                      "product_id": "CSAFPID-2699124",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0.0-9.0.3:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Session Report Manager"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/9.1.1.9",
                    "product": {
                      "name": "vers:oracle/9.1.1.9",
                      "product_id": "CSAFPID-2698959",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:sd-wan_edge:9.1.1.9:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle SD-WAN Edge"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/22.4.0",
                    "product": {
                      "name": "vers:oracle/22.4.0",
                      "product_id": "CSAFPID-2699181",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/23.4.4",
                    "product": {
                      "name": "vers:oracle/23.4.4",
                      "product_id": "CSAFPID-1839930",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.4:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.1.1",
                    "product": {
                      "name": "vers:oracle/24.1.1",
                      "product_id": "CSAFPID-1839933",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.1.1:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.2.2",
                    "product": {
                      "name": "vers:oracle/24.2.2",
                      "product_id": "CSAFPID-1839931",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.2:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.2.3",
                    "product": {
                      "name": "vers:oracle/24.2.3",
                      "product_id": "CSAFPID-1839963",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.3:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.3.0",
                    "product": {
                      "name": "vers:oracle/24.3.0",
                      "product_id": "CSAFPID-1839932",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.3.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/25.1.100",
                    "product": {
                      "name": "vers:oracle/25.1.100",
                      "product_id": "CSAFPID-2698956",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:25.1.100:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=23.1.0|\u003c=23.4.0",
                    "product": {
                      "name": "vers:oracle/\u003e=23.1.0|\u003c=23.4.0",
                      "product_id": "CSAFPID-2699180",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.0-23.4.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Cloud Native Core Unified Data Repository"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/10.0.0",
                    "product": {
                      "name": "vers:oracle/10.0.0",
                      "product_id": "CSAFPID-2699083",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_session_border_controller:10.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/9.2.0",
                    "product": {
                      "name": "vers:oracle/9.2.0",
                      "product_id": "CSAFPID-1839887",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/9.3.0",
                    "product": {
                      "name": "vers:oracle/9.3.0",
                      "product_id": "CSAFPID-1839889",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Session Border Controller"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/4.1.0",
                    "product": {
                      "name": "vers:oracle/4.1.0",
                      "product_id": "CSAFPID-1839888",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:enterprise_communications_broker:4.1.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/4.2.0",
                    "product": {
                      "name": "vers:oracle/4.2.0",
                      "product_id": "CSAFPID-1839886",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:enterprise_communications_broker:4.2.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Enterprise Communications Broker"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.1.0",
                    "product": {
                      "name": "vers:oracle/24.1.0",
                      "product_id": "CSAFPID-1839925",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.2.0",
                    "product": {
                      "name": "vers:oracle/24.2.0",
                      "product_id": "CSAFPID-1840027",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.2.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.3.0",
                    "product": {
                      "name": "vers:oracle/24.3.0",
                      "product_id": "CSAFPID-2699041",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.3.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=24.1.0|\u003c=24.3.0",
                    "product": {
                      "name": "vers:oracle/\u003e=24.1.0|\u003c=24.3.0",
                      "product_id": "CSAFPID-2698961",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0-24.3.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Network Analytics Data Director"
              }
            ],
            "category": "product_family",
            "name": "Oracle Communications"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003e=23.4.0|\u003c=23.4.1",
                "product": {
                  "name": "vers:oracle/\u003e=23.4.0|\u003c=23.4.1",
                  "product_id": "CSAFPID-1145869"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003e=23.4.0|\u003c=23.4.3",
                "product": {
                  "name": "vers:oracle/\u003e=23.4.0|\u003c=23.4.3",
                  "product_id": "CSAFPID-1145271",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.3:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003e=23.4.0|\u003c=23.4.5",
                "product": {
                  "name": "vers:oracle/\u003e=23.4.0|\u003c=23.4.5",
                  "product_id": "CSAFPID-1173947",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:*:*:*:*:*:*:*"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Communications Cloud Native Core Binding Support Function"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003e=23.4.0|\u003c=23.4.2",
                "product": {
                  "name": "vers:oracle/\u003e=23.4.0|\u003c=23.4.2",
                  "product_id": "CSAFPID-1145868"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003e=23.4.0|\u003c=23.4.4",
                "product": {
                  "name": "vers:oracle/\u003e=23.4.0|\u003c=23.4.4",
                  "product_id": "CSAFPID-1145270",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.4:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003e=23.4.0|\u003c=23.4.6",
                "product": {
                  "name": "vers:oracle/\u003e=23.4.0|\u003c=23.4.6",
                  "product_id": "CSAFPID-1173946",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:*:*:*:*:*:*:*"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Communications Cloud Native Core Policy"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/23.4.3",
                "product": {
                  "name": "vers:oracle/23.4.3",
                  "product_id": "CSAFPID-1173942",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.3:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:oracle/24.2.0",
                "product": {
                  "name": "vers:oracle/24.2.0",
                  "product_id": "CSAFPID-1173945",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.0:*:*:*:*:*:*:*"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Communications Cloud Native Core Certificate Management"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/23.4.2",
                "product": {
                  "name": "vers:oracle/23.4.2",
                  "product_id": "CSAFPID-1173940",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.2:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:oracle/24.2.0",
                "product": {
                  "name": "vers:oracle/24.2.0",
                  "product_id": "CSAFPID-1173941",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.0:*:*:*:*:*:*:*"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Communications Cloud Native Core Console"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/23.4.4",
                "product": {
                  "name": "vers:oracle/23.4.4",
                  "product_id": "CSAFPID-1173965",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.4:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:oracle/24.2.1",
                "product": {
                  "name": "vers:oracle/24.2.1",
                  "product_id": "CSAFPID-1173967",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.1:*:*:*:*:*:*:*"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Communications Cloud Native Core Network Repository Function"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/23.4.2",
                "product": {
                  "name": "vers:oracle/23.4.2",
                  "product_id": "CSAFPID-1173943",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.2:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:oracle/24.2.0",
                "product": {
                  "name": "vers:oracle/24.2.0",
                  "product_id": "CSAFPID-1173944",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:*:*:*:*:*:*:*"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Communications Cloud Native Core Security Edge Protection Proxy"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/23.4.0",
                "product": {
                  "name": "vers:oracle/23.4.0",
                  "product_id": "CSAFPID-1145265",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:oracle/24.1.0",
                "product": {
                  "name": "vers:oracle/24.1.0",
                  "product_id": "CSAFPID-1145273",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:oracle/24.2.0",
                "product": {
                  "name": "vers:oracle/24.2.0",
                  "product_id": "CSAFPID-1174046",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:*:*:*:*:*:*:*"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Communications Cloud Native Core Service Communication Proxy"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/7.3.6",
                    "product": {
                      "name": "vers:oracle/7.3.6",
                      "product_id": "CSAFPID-2699077",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_network_integrity:7.3.6:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/7.4.0",
                    "product": {
                      "name": "vers:oracle/7.4.0",
                      "product_id": "CSAFPID-2699075",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_network_integrity:7.4.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/7.5.0",
                    "product": {
                      "name": "vers:oracle/7.5.0",
                      "product_id": "CSAFPID-2699076",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_network_integrity:7.5.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Network Integrity"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/6.0",
                    "product": {
                      "name": "vers:oracle/6.0",
                      "product_id": "CSAFPID-2699027",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=6.0.0|\u003c=6.0.5",
                    "product": {
                      "name": "vers:oracle/\u003e=6.0.0|\u003c=6.0.5",
                      "product_id": "CSAFPID-1839852",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.5:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=6.0.4|\u003c=6.0.5",
                    "product": {
                      "name": "vers:oracle/\u003e=6.0.4|\u003c=6.0.5",
                      "product_id": "CSAFPID-1840033",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.4-6.0.5:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=6.0|\u003c=6.1",
                    "product": {
                      "name": "vers:oracle/\u003e=6.0|\u003c=6.1",
                      "product_id": "CSAFPID-2698955",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0-6.1:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Unified Assurance"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/12.0.0.8.0",
                    "product": {
                      "name": "vers:oracle/12.0.0.8.0",
                      "product_id": "CSAFPID-2699001",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.8.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/15.0.0.0.0",
                    "product": {
                      "name": "vers:oracle/15.0.0.0.0",
                      "product_id": "CSAFPID-2699084",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/15.0.1.0.0",
                    "product": {
                      "name": "vers:oracle/15.0.1.0.0",
                      "product_id": "CSAFPID-2699079",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.1.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=12.0.0.4.0|\u003c=12.0.0.8.0",
                    "product": {
                      "name": "vers:oracle/\u003e=12.0.0.4.0|\u003c=12.0.0.8.0",
                      "product_id": "CSAFPID-2699058",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4.0-12.0.0.8.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=12.0.0.4|\u003c=12.0.0.8",
                    "product": {
                      "name": "vers:oracle/\u003e=12.0.0.4|\u003c=12.0.0.8",
                      "product_id": "CSAFPID-1839957",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4-12.0.0.8:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=15.0.0.0.0|\u003c=15.0.1.0.0",
                    "product": {
                      "name": "vers:oracle/\u003e=15.0.0.0.0|\u003c=15.0.1.0.0",
                      "product_id": "CSAFPID-2699000",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0-15.0.1.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=15.0.0.0|\u003c=15.0.0.1",
                    "product": {
                      "name": "vers:oracle/\u003e=15.0.0.0|\u003c=15.0.0.1",
                      "product_id": "CSAFPID-1839953",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0-15.0.0.1:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Billing and Revenue Management"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/8.1.0.26.0",
                    "product": {
                      "name": "vers:oracle/8.1.0.26.0",
                      "product_id": "CSAFPID-2698964",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.26.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Messaging Server"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/6.3.1",
                    "product": {
                      "name": "vers:oracle/6.3.1",
                      "product_id": "CSAFPID-2698991",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications MetaSolv Solution"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/12.0.6.0.0",
                    "product": {
                      "name": "vers:oracle/12.0.6.0.0",
                      "product_id": "CSAFPID-2699127",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.6.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/15.0.0.0.0",
                    "product": {
                      "name": "vers:oracle/15.0.0.0.0",
                      "product_id": "CSAFPID-2699126",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/15.0.1.0.0",
                    "product": {
                      "name": "vers:oracle/15.0.1.0.0",
                      "product_id": "CSAFPID-2699128",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.1.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Network Charging and Control"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/7.4.0",
                    "product": {
                      "name": "vers:oracle/7.4.0",
                      "product_id": "CSAFPID-1839980",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.4.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/7.5.0",
                    "product": {
                      "name": "vers:oracle/7.5.0",
                      "product_id": "CSAFPID-1840004",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.5.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/7.4.1",
                    "product": {
                      "name": "vers:oracle/7.4.1",
                      "product_id": "CSAFPID-1839981",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.4.1:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Order and Service Management"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/15.0.0.0.0",
                    "product": {
                      "name": "vers:oracle/15.0.0.0.0",
                      "product_id": "CSAFPID-2699056",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/15.0.1.0.0",
                    "product": {
                      "name": "vers:oracle/15.0.1.0.0",
                      "product_id": "CSAFPID-2699063",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_pricing_design_center:15.0.1.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=12.0.0.4.0|\u003c=12.0.0.8.0",
                    "product": {
                      "name": "vers:oracle/\u003e=12.0.0.4.0|\u003c=12.0.0.8.0",
                      "product_id": "CSAFPID-2699060",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4.0-12.0.0.8.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Pricing Design Center"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/8.0.0.3",
                    "product": {
                      "name": "vers:oracle/8.0.0.3",
                      "product_id": "CSAFPID-1839921",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.3:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/8.0.0.4.0",
                    "product": {
                      "name": "vers:oracle/8.0.0.4.0",
                      "product_id": "CSAFPID-2698975",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.4.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/8.1.0.1",
                    "product": {
                      "name": "vers:oracle/8.1.0.1",
                      "product_id": "CSAFPID-1839922",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.1.0.1:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/8.1.0.2.0",
                    "product": {
                      "name": "vers:oracle/8.1.0.2.0",
                      "product_id": "CSAFPID-2698974",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.1.0.2.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Service Catalog and Design"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/7.4.1",
                    "product": {
                      "name": "vers:oracle/7.4.1",
                      "product_id": "CSAFPID-1839978",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/7.4.2",
                    "product": {
                      "name": "vers:oracle/7.4.2",
                      "product_id": "CSAFPID-1839979",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/7.5.0",
                    "product": {
                      "name": "vers:oracle/7.5.0",
                      "product_id": "CSAFPID-2699035",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/7.5.1",
                    "product": {
                      "name": "vers:oracle/7.5.1",
                      "product_id": "CSAFPID-1839983",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.1:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/7.6.0",
                    "product": {
                      "name": "vers:oracle/7.6.0",
                      "product_id": "CSAFPID-1840005",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.6.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/7.7.0",
                    "product": {
                      "name": "vers:oracle/7.7.0",
                      "product_id": "CSAFPID-2699034",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.7.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=7.4.0|\u003c=7.4.2",
                    "product": {
                      "name": "vers:oracle/\u003e=7.4.0|\u003c=7.4.2",
                      "product_id": "CSAFPID-2699036",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0-7.4.2:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=7.5.0|\u003c=7.5.1",
                    "product": {
                      "name": "vers:oracle/\u003e=7.5.0|\u003c=7.5.1",
                      "product_id": "CSAFPID-2699096",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0-7.5.1:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Communications Unified Inventory Management"
              }
            ],
            "category": "product_family",
            "name": "Oracle Communications Applications"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/23.4.0",
                "product": {
                  "name": "vers:oracle/23.4.0",
                  "product_id": "CSAFPID-1145246",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:oracle/24.1.0",
                "product": {
                  "name": "vers:oracle/24.1.0",
                  "product_id": "CSAFPID-1145247",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:*:*:*:*:*:*:*"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Communications Cloud Native Core Network Function Cloud Native Environment"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:semver/7.4.0",
                "product": {
                  "name": "vers:semver/7.4.0",
                  "product_id": "CSAFPID-2698653"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:semver/7.4.1",
                "product": {
                  "name": "vers:semver/7.4.1",
                  "product_id": "CSAFPID-2698654"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:semver/7.5.0",
                "product": {
                  "name": "vers:semver/7.5.0",
                  "product_id": "CSAFPID-2698655"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Communications Order and Service Management"
          }
        ],
        "category": "vendor",
        "name": "Oracle Corporation"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-5388",
      "cwe": {
        "id": "CWE-208",
        "name": "Observable Timing Discrepancy"
      },
      "notes": [
        {
          "category": "other",
          "text": "Observable Timing Discrepancy",
          "title": "CWE-208"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-5388",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5388.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2023-5388"
    },
    {
      "cve": "CVE-2023-5685",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-5685",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5685.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2023-5685"
    },
    {
      "cve": "CVE-2023-49582",
      "cwe": {
        "id": "CWE-732",
        "name": "Incorrect Permission Assignment for Critical Resource"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Permission Assignment for Critical Resource",
          "title": "CWE-732"
        },
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-49582",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49582.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2023-49582"
    },
    {
      "cve": "CVE-2023-51074",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-51074",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51074.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2023-51074"
    },
    {
      "cve": "CVE-2024-1135",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-1135",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1135.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-1135"
    },
    {
      "cve": "CVE-2024-4227",
      "cwe": {
        "id": "CWE-834",
        "name": "Excessive Iteration"
      },
      "notes": [
        {
          "category": "other",
          "text": "Excessive Iteration",
          "title": "CWE-834"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-4227",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4227.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-4227"
    },
    {
      "cve": "CVE-2024-5535",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        },
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        },
        {
          "category": "other",
          "text": "Dependency on Vulnerable Third-Party Component",
          "title": "CWE-1395"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5535",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-5535"
    },
    {
      "cve": "CVE-2024-6763",
      "cwe": {
        "id": "CWE-1286",
        "name": "Improper Validation of Syntactic Correctness of Input"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Validation of Syntactic Correctness of Input",
          "title": "CWE-1286"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-6763",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6763.json"
        }
      ],
      "title": "CVE-2024-6763"
    },
    {
      "cve": "CVE-2024-7254",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Uncontrolled Recursion",
          "title": "CWE-674"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-7254",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7254.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-7254"
    },
    {
      "cve": "CVE-2024-11053",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-11053",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11053.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-11053"
    },
    {
      "cve": "CVE-2024-12797",
      "cwe": {
        "id": "CWE-392",
        "name": "Missing Report of Error Condition"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Report of Error Condition",
          "title": "CWE-392"
        },
        {
          "category": "other",
          "text": "Dependency on Vulnerable Third-Party Component",
          "title": "CWE-1395"
        },
        {
          "category": "other",
          "text": "Improper Certificate Validation",
          "title": "CWE-295"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-12797",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-12797.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-12797"
    },
    {
      "cve": "CVE-2024-12798",
      "cwe": {
        "id": "CWE-917",
        "name": "Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)",
          "title": "CWE-917"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/RE:L/U:Clear",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-12798",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-12798.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-12798"
    },
    {
      "cve": "CVE-2024-21538",
      "cwe": {
        "id": "CWE-1333",
        "name": "Inefficient Regular Expression Complexity"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inefficient Regular Expression Complexity",
          "title": "CWE-1333"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21538",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21538.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-21538"
    },
    {
      "cve": "CVE-2024-25638",
      "cwe": {
        "id": "CWE-345",
        "name": "Insufficient Verification of Data Authenticity"
      },
      "notes": [
        {
          "category": "other",
          "text": "Insufficient Verification of Data Authenticity",
          "title": "CWE-345"
        },
        {
          "category": "other",
          "text": "Acceptance of Extraneous Untrusted Data With Trusted Data",
          "title": "CWE-349"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-25638",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25638.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.9,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-25638"
    },
    {
      "cve": "CVE-2024-28168",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of XML External Entity Reference",
          "title": "CWE-611"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-28168",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28168.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-28168"
    },
    {
      "cve": "CVE-2024-28219",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
          "title": "CWE-120"
        },
        {
          "category": "other",
          "text": "Use of Potentially Dangerous Function",
          "title": "CWE-676"
        },
        {
          "category": "other",
          "text": "Integer Overflow to Buffer Overflow",
          "title": "CWE-680"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-28219",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28219.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-28219"
    },
    {
      "cve": "CVE-2024-28834",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        },
        {
          "category": "other",
          "text": "Use of a Broken or Risky Cryptographic Algorithm",
          "title": "CWE-327"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-28834",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28834.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-28834"
    },
    {
      "cve": "CVE-2024-31141",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        },
        {
          "category": "other",
          "text": "Files or Directories Accessible to External Parties",
          "title": "CWE-552"
        },
        {
          "category": "other",
          "text": "Improper Privilege Management",
          "title": "CWE-269"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-31141",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31141.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-31141"
    },
    {
      "cve": "CVE-2024-34064",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-34064",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34064.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-34064"
    },
    {
      "cve": "CVE-2024-35195",
      "cwe": {
        "id": "CWE-670",
        "name": "Always-Incorrect Control Flow Implementation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Always-Incorrect Control Flow Implementation",
          "title": "CWE-670"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-35195",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35195.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-35195"
    },
    {
      "cve": "CVE-2024-37891",
      "cwe": {
        "id": "CWE-669",
        "name": "Incorrect Resource Transfer Between Spheres"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Resource Transfer Between Spheres",
          "title": "CWE-669"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-37891",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-37891"
    },
    {
      "cve": "CVE-2024-38819",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38819",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38819.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-38819"
    },
    {
      "cve": "CVE-2024-38827",
      "cwe": {
        "id": "CWE-639",
        "name": "Authorization Bypass Through User-Controlled Key"
      },
      "notes": [
        {
          "category": "other",
          "text": "Authorization Bypass Through User-Controlled Key",
          "title": "CWE-639"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38827",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38827.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-38827"
    },
    {
      "cve": "CVE-2024-40896",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of XML External Entity Reference",
          "title": "CWE-611"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-40896",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40896.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-40896"
    },
    {
      "cve": "CVE-2024-43044",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        },
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        },
        {
          "category": "other",
          "text": "Improper Check for Unusual or Exceptional Conditions",
          "title": "CWE-754"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-43044",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43044.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-43044"
    },
    {
      "cve": "CVE-2024-43709",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-43709",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43709.json"
        }
      ],
      "title": "CVE-2024-43709"
    },
    {
      "cve": "CVE-2024-43796",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-43796",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43796.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-43796"
    },
    {
      "cve": "CVE-2024-47072",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        },
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-47072",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47072.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-47072"
    },
    {
      "cve": "CVE-2024-47554",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-47554",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47554.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-47554"
    },
    {
      "cve": "CVE-2024-49767",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-49767",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-49767.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-49767"
    },
    {
      "cve": "CVE-2024-50602",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Improper Check for Unusual or Exceptional Conditions",
          "title": "CWE-754"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-50602",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50602.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-50602"
    },
    {
      "cve": "CVE-2024-52046",
      "cwe": {
        "id": "CWE-94",
        "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
          "title": "CWE-94"
        },
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-52046",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52046.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-52046"
    },
    {
      "cve": "CVE-2024-52303",
      "cwe": {
        "id": "CWE-772",
        "name": "Missing Release of Resource after Effective Lifetime"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Release of Resource after Effective Lifetime",
          "title": "CWE-772"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-52303",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52303.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-52303"
    },
    {
      "cve": "CVE-2024-53122",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
          "title": "CWE-362"
        },
        {
          "category": "other",
          "text": "Divide By Zero",
          "title": "CWE-369"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-53122",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-53122.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-53122"
    },
    {
      "cve": "CVE-2024-56128",
      "cwe": {
        "id": "CWE-303",
        "name": "Incorrect Implementation of Authentication Algorithm"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Implementation of Authentication Algorithm",
          "title": "CWE-303"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-56128",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56128.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-56128"
    },
    {
      "cve": "CVE-2024-56337",
      "cwe": {
        "id": "CWE-367",
        "name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
      },
      "notes": [
        {
          "category": "other",
          "text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
          "title": "CWE-367"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-56337",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56337.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-56337"
    },
    {
      "cve": "CVE-2024-57699",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Uncontrolled Recursion",
          "title": "CWE-674"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-57699",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-57699.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2024-57699"
    },
    {
      "cve": "CVE-2025-1974",
      "cwe": {
        "id": "CWE-653",
        "name": "Improper Isolation or Compartmentalization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Isolation or Compartmentalization",
          "title": "CWE-653"
        },
        {
          "category": "other",
          "text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
          "title": "CWE-94"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-1974",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-1974.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2025-1974"
    },
    {
      "cve": "CVE-2025-23084",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-23084",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23084.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2025-23084"
    },
    {
      "cve": "CVE-2025-23184",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-23184",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23184.json"
        }
      ],
      "title": "CVE-2025-23184"
    },
    {
      "cve": "CVE-2025-24813",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        },
        {
          "category": "other",
          "text": "Path Equivalence: \u0027file.name\u0027 (Internal Dot)",
          "title": "CWE-44"
        },
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        },
        {
          "category": "other",
          "text": "Use of Incorrectly-Resolved Name or Reference",
          "title": "CWE-706"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-24813",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24813.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2025-24813"
    },
    {
      "cve": "CVE-2025-24928",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-24928",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24928.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2025-24928"
    },
    {
      "cve": "CVE-2025-24970",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-24970",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24970.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2025-24970"
    },
    {
      "cve": "CVE-2025-27516",
      "cwe": {
        "id": "CWE-1336",
        "name": "Improper Neutralization of Special Elements Used in a Template Engine"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements Used in a Template Engine",
          "title": "CWE-1336"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-27516",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27516.json"
        }
      ],
      "title": "CVE-2025-27516"
    },
    {
      "cve": "CVE-2025-27789",
      "cwe": {
        "id": "CWE-1333",
        "name": "Inefficient Regular Expression Complexity"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inefficient Regular Expression Complexity",
          "title": "CWE-1333"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-27789",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27789.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2025-27789"
    },
    {
      "cve": "CVE-2025-30729",
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-30729",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30729.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2025-30729"
    },
    {
      "cve": "CVE-2025-31721",
      "cwe": {
        "id": "CWE-862",
        "name": "Missing Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Authorization",
          "title": "CWE-862"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1838578",
          "CSAFPID-1839911",
          "CSAFPID-1839908",
          "CSAFPID-1145869",
          "CSAFPID-1145271",
          "CSAFPID-1173947",
          "CSAFPID-2698963",
          "CSAFPID-2698973",
          "CSAFPID-2699085",
          "CSAFPID-1839941",
          "CSAFPID-1838591",
          "CSAFPID-1145868",
          "CSAFPID-1145270",
          "CSAFPID-1173946",
          "CSAFPID-1839907",
          "CSAFPID-2698965",
          "CSAFPID-2698944",
          "CSAFPID-1173942",
          "CSAFPID-1173945",
          "CSAFPID-1839952",
          "CSAFPID-2699038",
          "CSAFPID-1838592",
          "CSAFPID-1173940",
          "CSAFPID-1173941",
          "CSAFPID-1839951",
          "CSAFPID-2699059",
          "CSAFPID-1173965",
          "CSAFPID-1173967",
          "CSAFPID-1839919",
          "CSAFPID-2698957",
          "CSAFPID-1838572",
          "CSAFPID-1838581",
          "CSAFPID-1838584",
          "CSAFPID-1839924",
          "CSAFPID-1173943",
          "CSAFPID-1173944",
          "CSAFPID-1839910",
          "CSAFPID-1839909",
          "CSAFPID-1839894",
          "CSAFPID-2698958",
          "CSAFPID-2699094",
          "CSAFPID-1145265",
          "CSAFPID-1145273",
          "CSAFPID-1174046",
          "CSAFPID-1839934",
          "CSAFPID-2699086",
          "CSAFPID-1839935",
          "CSAFPID-2699073",
          "CSAFPID-2698993",
          "CSAFPID-1839893",
          "CSAFPID-1839895",
          "CSAFPID-1839890",
          "CSAFPID-1839891",
          "CSAFPID-2699072",
          "CSAFPID-1839961",
          "CSAFPID-2699023",
          "CSAFPID-2699025",
          "CSAFPID-2699024",
          "CSAFPID-2698999",
          "CSAFPID-2699077",
          "CSAFPID-2699075",
          "CSAFPID-2699076",
          "CSAFPID-2698355",
          "CSAFPID-2699027",
          "CSAFPID-1839852",
          "CSAFPID-1840033",
          "CSAFPID-2698955",
          "CSAFPID-2699001",
          "CSAFPID-2699084",
          "CSAFPID-2699079",
          "CSAFPID-2699058",
          "CSAFPID-1839957",
          "CSAFPID-2699000",
          "CSAFPID-1839953",
          "CSAFPID-2698964",
          "CSAFPID-2698991",
          "CSAFPID-2699127",
          "CSAFPID-2699126",
          "CSAFPID-2699128",
          "CSAFPID-1839980",
          "CSAFPID-1840004",
          "CSAFPID-1839981",
          "CSAFPID-2698653",
          "CSAFPID-2698654",
          "CSAFPID-2698655",
          "CSAFPID-2699056",
          "CSAFPID-2699063",
          "CSAFPID-2699060",
          "CSAFPID-1839921",
          "CSAFPID-2698975",
          "CSAFPID-1839922",
          "CSAFPID-2698974",
          "CSAFPID-1839978",
          "CSAFPID-1839979",
          "CSAFPID-2699035",
          "CSAFPID-1839983",
          "CSAFPID-1840005",
          "CSAFPID-2699034",
          "CSAFPID-2699036",
          "CSAFPID-2699096",
          "CSAFPID-2698996",
          "CSAFPID-2698333",
          "CSAFPID-2698334",
          "CSAFPID-2699007",
          "CSAFPID-2698374",
          "CSAFPID-1145246",
          "CSAFPID-1145247",
          "CSAFPID-1839868",
          "CSAFPID-2699029",
          "CSAFPID-1839869",
          "CSAFPID-1234193",
          "CSAFPID-1234261",
          "CSAFPID-2698362",
          "CSAFPID-2698358",
          "CSAFPID-2698372",
          "CSAFPID-2699013",
          "CSAFPID-2699012",
          "CSAFPID-2699016",
          "CSAFPID-2699015",
          "CSAFPID-2699098",
          "CSAFPID-1837923",
          "CSAFPID-1839960",
          "CSAFPID-2698373",
          "CSAFPID-2699093",
          "CSAFPID-2699092",
          "CSAFPID-2699091",
          "CSAFPID-2699090",
          "CSAFPID-2699124",
          "CSAFPID-2698959",
          "CSAFPID-2698357",
          "CSAFPID-1838579",
          "CSAFPID-1838582",
          "CSAFPID-2699181",
          "CSAFPID-1839930",
          "CSAFPID-1839933",
          "CSAFPID-1839931",
          "CSAFPID-1839963",
          "CSAFPID-1839932",
          "CSAFPID-2698956",
          "CSAFPID-2699180",
          "CSAFPID-2698381",
          "CSAFPID-1207518",
          "CSAFPID-1207704",
          "CSAFPID-2699083",
          "CSAFPID-1839887",
          "CSAFPID-1839889",
          "CSAFPID-1207607",
          "CSAFPID-1207752",
          "CSAFPID-1839888",
          "CSAFPID-1839886",
          "CSAFPID-1839925",
          "CSAFPID-1840027",
          "CSAFPID-2699041",
          "CSAFPID-2698961",
          "CSAFPID-1838586"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-31721",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-31721.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1838578",
            "CSAFPID-1839911",
            "CSAFPID-1839908",
            "CSAFPID-1145869",
            "CSAFPID-1145271",
            "CSAFPID-1173947",
            "CSAFPID-2698963",
            "CSAFPID-2698973",
            "CSAFPID-2699085",
            "CSAFPID-1839941",
            "CSAFPID-1838591",
            "CSAFPID-1145868",
            "CSAFPID-1145270",
            "CSAFPID-1173946",
            "CSAFPID-1839907",
            "CSAFPID-2698965",
            "CSAFPID-2698944",
            "CSAFPID-1173942",
            "CSAFPID-1173945",
            "CSAFPID-1839952",
            "CSAFPID-2699038",
            "CSAFPID-1838592",
            "CSAFPID-1173940",
            "CSAFPID-1173941",
            "CSAFPID-1839951",
            "CSAFPID-2699059",
            "CSAFPID-1173965",
            "CSAFPID-1173967",
            "CSAFPID-1839919",
            "CSAFPID-2698957",
            "CSAFPID-1838572",
            "CSAFPID-1838581",
            "CSAFPID-1838584",
            "CSAFPID-1839924",
            "CSAFPID-1173943",
            "CSAFPID-1173944",
            "CSAFPID-1839910",
            "CSAFPID-1839909",
            "CSAFPID-1839894",
            "CSAFPID-2698958",
            "CSAFPID-2699094",
            "CSAFPID-1145265",
            "CSAFPID-1145273",
            "CSAFPID-1174046",
            "CSAFPID-1839934",
            "CSAFPID-2699086",
            "CSAFPID-1839935",
            "CSAFPID-2699073",
            "CSAFPID-2698993",
            "CSAFPID-1839893",
            "CSAFPID-1839895",
            "CSAFPID-1839890",
            "CSAFPID-1839891",
            "CSAFPID-2699072",
            "CSAFPID-1839961",
            "CSAFPID-2699023",
            "CSAFPID-2699025",
            "CSAFPID-2699024",
            "CSAFPID-2698999",
            "CSAFPID-2699077",
            "CSAFPID-2699075",
            "CSAFPID-2699076",
            "CSAFPID-2698355",
            "CSAFPID-2699027",
            "CSAFPID-1839852",
            "CSAFPID-1840033",
            "CSAFPID-2698955",
            "CSAFPID-2699001",
            "CSAFPID-2699084",
            "CSAFPID-2699079",
            "CSAFPID-2699058",
            "CSAFPID-1839957",
            "CSAFPID-2699000",
            "CSAFPID-1839953",
            "CSAFPID-2698964",
            "CSAFPID-2698991",
            "CSAFPID-2699127",
            "CSAFPID-2699126",
            "CSAFPID-2699128",
            "CSAFPID-1839980",
            "CSAFPID-1840004",
            "CSAFPID-1839981",
            "CSAFPID-2698653",
            "CSAFPID-2698654",
            "CSAFPID-2698655",
            "CSAFPID-2699056",
            "CSAFPID-2699063",
            "CSAFPID-2699060",
            "CSAFPID-1839921",
            "CSAFPID-2698975",
            "CSAFPID-1839922",
            "CSAFPID-2698974",
            "CSAFPID-1839978",
            "CSAFPID-1839979",
            "CSAFPID-2699035",
            "CSAFPID-1839983",
            "CSAFPID-1840005",
            "CSAFPID-2699034",
            "CSAFPID-2699036",
            "CSAFPID-2699096",
            "CSAFPID-2698996",
            "CSAFPID-2698333",
            "CSAFPID-2698334",
            "CSAFPID-2699007",
            "CSAFPID-2698374",
            "CSAFPID-1145246",
            "CSAFPID-1145247",
            "CSAFPID-1839868",
            "CSAFPID-2699029",
            "CSAFPID-1839869",
            "CSAFPID-1234193",
            "CSAFPID-1234261",
            "CSAFPID-2698362",
            "CSAFPID-2698358",
            "CSAFPID-2698372",
            "CSAFPID-2699013",
            "CSAFPID-2699012",
            "CSAFPID-2699016",
            "CSAFPID-2699015",
            "CSAFPID-2699098",
            "CSAFPID-1837923",
            "CSAFPID-1839960",
            "CSAFPID-2698373",
            "CSAFPID-2699093",
            "CSAFPID-2699092",
            "CSAFPID-2699091",
            "CSAFPID-2699090",
            "CSAFPID-2699124",
            "CSAFPID-2698959",
            "CSAFPID-2698357",
            "CSAFPID-1838579",
            "CSAFPID-1838582",
            "CSAFPID-2699181",
            "CSAFPID-1839930",
            "CSAFPID-1839933",
            "CSAFPID-1839931",
            "CSAFPID-1839963",
            "CSAFPID-1839932",
            "CSAFPID-2698956",
            "CSAFPID-2699180",
            "CSAFPID-2698381",
            "CSAFPID-1207518",
            "CSAFPID-1207704",
            "CSAFPID-2699083",
            "CSAFPID-1839887",
            "CSAFPID-1839889",
            "CSAFPID-1207607",
            "CSAFPID-1207752",
            "CSAFPID-1839888",
            "CSAFPID-1839886",
            "CSAFPID-1839925",
            "CSAFPID-1840027",
            "CSAFPID-2699041",
            "CSAFPID-2698961",
            "CSAFPID-1838586"
          ]
        }
      ],
      "title": "CVE-2025-31721"
    }
  ]
}

NCSC-2024-0297

Vulnerability from csaf_ncscnl

Published

2024-07-17 13:53

Modified

2024-07-17 13:53

Summary

Kwetsbaarheden verholpen in Oracle Financial Services Applications

Notes

Feiten

Er zijn kwetsbaarheden verholpen in Oracle Financial Services Applications.

Interpretaties

Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade: * Denial-of-Service (DoS) * Toegang tot gevoelige gegevens * Toegang tot systeemgegevens * Manipulatie van gegevens * (Remote) code execution (Gebruikersrechten)

Oplossingen

Oracle heeft updates beschikbaar gesteld om de kwetsbaarheden te verhelpen. Zie de referenties voor meer informatie.

Kans

medium

Schade

high

CWE-1188

Initialization of a Resource with an Insecure Default

CWE-121

Stack-based Buffer Overflow

CWE-20

Improper Input Validation

CWE-306

Missing Authentication for Critical Function

CWE-328

Use of Weak Hash

CWE-400

Uncontrolled Resource Consumption

CWE-404

Improper Resource Shutdown or Release

CWE-416

Use After Free

CWE-426

Untrusted Search Path

CWE-502

Deserialization of Untrusted Data

CWE-532

Insertion of Sensitive Information into Log File

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

CWE-770

Allocation of Resources Without Limits or Throttling

CWE-787

Out-of-bounds Write

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Er zijn kwetsbaarheden verholpen in Oracle Financial Services Applications.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n* Denial-of-Service (DoS)\n* Toegang tot gevoelige gegevens\n* Toegang tot systeemgegevens\n* Manipulatie van gegevens\n* (Remote) code execution (Gebruikersrechten)",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates beschikbaar gesteld om de kwetsbaarheden te verhelpen. Zie de referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Initialization of a Resource with an Insecure Default",
        "title": "CWE-1188"
      },
      {
        "category": "general",
        "text": "Stack-based Buffer Overflow",
        "title": "CWE-121"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Missing Authentication for Critical Function",
        "title": "CWE-306"
      },
      {
        "category": "general",
        "text": "Use of Weak Hash",
        "title": "CWE-328"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "Use After Free",
        "title": "CWE-416"
      },
      {
        "category": "general",
        "text": "Untrusted Search Path",
        "title": "CWE-426"
      },
      {
        "category": "general",
        "text": "Deserialization of Untrusted Data",
        "title": "CWE-502"
      },
      {
        "category": "general",
        "text": "Insertion of Sensitive Information into Log File",
        "title": "CWE-532"
      },
      {
        "category": "general",
        "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
        "title": "CWE-601"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
        "title": "CWE-77"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36944"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26031"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34055"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44483"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47248"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50447"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52425"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6129"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21188"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22201"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22262"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23807"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24549"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24816"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25062"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2511"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26308"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29133"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32114"
      },
      {
        "category": "external",
        "summary": "Reference - oracle",
        "url": "https://www.oracle.com/docs/tech/security-alerts/cpujul2024csaf.json"
      },
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; ibm; nvd; oracle",
        "url": "https://www.oracle.com/security-alerts/cpujul2024.html"
      }
    ],
    "title": " Kwetsbaarheden verholpen in Oracle Financial Services Applications",
    "tracking": {
      "current_release_date": "2024-07-17T13:53:54.655859Z",
      "id": "NCSC-2024-0297",
      "initial_release_date": "2024-07-17T13:53:54.655859Z",
      "revision_history": [
        {
          "date": "2024-07-17T13:53:54.655859Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-9711",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-9300",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-9522",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.9:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-8848",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-189066",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-189065",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_basel_regulatory_capital_basic",
            "product": {
              "name": "financial_services_basel_regulatory_capital_basic",
              "product_id": "CSAFPID-1503626",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.7.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_basel_regulatory_capital_basic",
            "product": {
              "name": "financial_services_basel_regulatory_capital_basic",
              "product_id": "CSAFPID-1503627",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.8.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach",
            "product": {
              "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach",
              "product_id": "CSAFPID-1503628",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.7.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach",
            "product": {
              "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach",
              "product_id": "CSAFPID-1503629",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.8.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-189067",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-93307",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-219772",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-219770",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-816828",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-1503630",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_cash_flow_engine",
            "product": {
              "name": "financial_services_cash_flow_engine",
              "product_id": "CSAFPID-764273",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_cash_flow_engine:8.1.2.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_compliance_studio",
            "product": {
              "name": "financial_services_compliance_studio",
              "product_id": "CSAFPID-345047",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_compliance_studio",
            "product": {
              "name": "financial_services_compliance_studio",
              "product_id": "CSAFPID-816829",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_compliance_studio",
            "product": {
              "name": "financial_services_compliance_studio",
              "product_id": "CSAFPID-1503631",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_compliance_studio",
            "product": {
              "name": "financial_services_compliance_studio",
              "product_id": "CSAFPID-1503632",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-219774",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-1503633",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-180190",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-1503634",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1.18:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-219773",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-219771",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-816830",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-1503635",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-1503636",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.7.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_lending_and_leasing",
            "product": {
              "name": "financial_services_lending_and_leasing",
              "product_id": "CSAFPID-816831",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_lending_and_leasing:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-611392",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-611391",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-1503319",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-1503318",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816833",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:_pricing_services___2.9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816840",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:_security___5.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-765266",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-344846",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.7.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816832",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-912589",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816834",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-765264",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-765265",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-344845",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816835",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-400311",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816836",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-912590",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816837",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-400309",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816838",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-912591",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816839",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-912592",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816841",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816842",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-1503637",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-1503923",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-1503638",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
            "product": {
              "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
              "product_id": "CSAFPID-220374",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
            "product": {
              "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
              "product_id": "CSAFPID-764926",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8.0:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-36944",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-764273",
          "CSAFPID-611392",
          "CSAFPID-611391",
          "CSAFPID-9522",
          "CSAFPID-816828",
          "CSAFPID-816829",
          "CSAFPID-816830",
          "CSAFPID-816831",
          "CSAFPID-344846",
          "CSAFPID-816832",
          "CSAFPID-816833",
          "CSAFPID-816834",
          "CSAFPID-344845",
          "CSAFPID-816835",
          "CSAFPID-765266",
          "CSAFPID-816836",
          "CSAFPID-816837",
          "CSAFPID-816838",
          "CSAFPID-816839",
          "CSAFPID-816840",
          "CSAFPID-816841",
          "CSAFPID-816842",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-8848",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-219772",
          "CSAFPID-219770",
          "CSAFPID-345047",
          "CSAFPID-219774",
          "CSAFPID-180190",
          "CSAFPID-219773",
          "CSAFPID-219771",
          "CSAFPID-220374"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-36944",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36944.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-764273",
            "CSAFPID-611392",
            "CSAFPID-611391",
            "CSAFPID-9522",
            "CSAFPID-816828",
            "CSAFPID-816829",
            "CSAFPID-816830",
            "CSAFPID-816831",
            "CSAFPID-344846",
            "CSAFPID-816832",
            "CSAFPID-816833",
            "CSAFPID-816834",
            "CSAFPID-344845",
            "CSAFPID-816835",
            "CSAFPID-765266",
            "CSAFPID-816836",
            "CSAFPID-816837",
            "CSAFPID-816838",
            "CSAFPID-816839",
            "CSAFPID-816840",
            "CSAFPID-816841",
            "CSAFPID-816842",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-8848",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-219772",
            "CSAFPID-219770",
            "CSAFPID-345047",
            "CSAFPID-219774",
            "CSAFPID-180190",
            "CSAFPID-219773",
            "CSAFPID-219771",
            "CSAFPID-220374"
          ]
        }
      ],
      "title": "CVE-2022-36944"
    },
    {
      "cve": "CVE-2023-6129",
      "cwe": {
        "id": "CWE-328",
        "name": "Use of Weak Hash"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use of Weak Hash",
          "title": "CWE-328"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-6129",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6129.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-6129"
    },
    {
      "cve": "CVE-2023-26031",
      "cwe": {
        "id": "CWE-426",
        "name": "Untrusted Search Path"
      },
      "notes": [
        {
          "category": "other",
          "text": "Untrusted Search Path",
          "title": "CWE-426"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-26031",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26031.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-26031"
    },
    {
      "cve": "CVE-2023-34055",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-8848",
          "CSAFPID-9300",
          "CSAFPID-9522",
          "CSAFPID-9711",
          "CSAFPID-93307",
          "CSAFPID-180190",
          "CSAFPID-189065",
          "CSAFPID-189066",
          "CSAFPID-189067",
          "CSAFPID-219770",
          "CSAFPID-219771",
          "CSAFPID-219774",
          "CSAFPID-220374",
          "CSAFPID-344845",
          "CSAFPID-344846",
          "CSAFPID-765266",
          "CSAFPID-816828",
          "CSAFPID-816829",
          "CSAFPID-816830",
          "CSAFPID-816831",
          "CSAFPID-816832",
          "CSAFPID-816833",
          "CSAFPID-816834",
          "CSAFPID-816835",
          "CSAFPID-816836",
          "CSAFPID-816837",
          "CSAFPID-816838",
          "CSAFPID-816839",
          "CSAFPID-816840",
          "CSAFPID-816841",
          "CSAFPID-816842",
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-34055",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-34055.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-8848",
            "CSAFPID-9300",
            "CSAFPID-9522",
            "CSAFPID-9711",
            "CSAFPID-93307",
            "CSAFPID-180190",
            "CSAFPID-189065",
            "CSAFPID-189066",
            "CSAFPID-189067",
            "CSAFPID-219770",
            "CSAFPID-219771",
            "CSAFPID-219774",
            "CSAFPID-220374",
            "CSAFPID-344845",
            "CSAFPID-344846",
            "CSAFPID-765266",
            "CSAFPID-816828",
            "CSAFPID-816829",
            "CSAFPID-816830",
            "CSAFPID-816831",
            "CSAFPID-816832",
            "CSAFPID-816833",
            "CSAFPID-816834",
            "CSAFPID-816835",
            "CSAFPID-816836",
            "CSAFPID-816837",
            "CSAFPID-816838",
            "CSAFPID-816839",
            "CSAFPID-816840",
            "CSAFPID-816841",
            "CSAFPID-816842",
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-34055"
    },
    {
      "cve": "CVE-2023-44483",
      "cwe": {
        "id": "CWE-532",
        "name": "Insertion of Sensitive Information into Log File"
      },
      "notes": [
        {
          "category": "other",
          "text": "Insertion of Sensitive Information into Log File",
          "title": "CWE-532"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-8848",
          "CSAFPID-9300",
          "CSAFPID-9522",
          "CSAFPID-9711",
          "CSAFPID-93307",
          "CSAFPID-180190",
          "CSAFPID-189065",
          "CSAFPID-189066",
          "CSAFPID-189067",
          "CSAFPID-219770",
          "CSAFPID-219771",
          "CSAFPID-219774",
          "CSAFPID-220374",
          "CSAFPID-344845",
          "CSAFPID-344846",
          "CSAFPID-765266",
          "CSAFPID-816828",
          "CSAFPID-816829",
          "CSAFPID-816830",
          "CSAFPID-816831",
          "CSAFPID-816832",
          "CSAFPID-816833",
          "CSAFPID-816834",
          "CSAFPID-816835",
          "CSAFPID-816836",
          "CSAFPID-816837",
          "CSAFPID-816838",
          "CSAFPID-816839",
          "CSAFPID-816840",
          "CSAFPID-816841",
          "CSAFPID-816842",
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-44483",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44483.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-8848",
            "CSAFPID-9300",
            "CSAFPID-9522",
            "CSAFPID-9711",
            "CSAFPID-93307",
            "CSAFPID-180190",
            "CSAFPID-189065",
            "CSAFPID-189066",
            "CSAFPID-189067",
            "CSAFPID-219770",
            "CSAFPID-219771",
            "CSAFPID-219774",
            "CSAFPID-220374",
            "CSAFPID-344845",
            "CSAFPID-344846",
            "CSAFPID-765266",
            "CSAFPID-816828",
            "CSAFPID-816829",
            "CSAFPID-816830",
            "CSAFPID-816831",
            "CSAFPID-816832",
            "CSAFPID-816833",
            "CSAFPID-816834",
            "CSAFPID-816835",
            "CSAFPID-816836",
            "CSAFPID-816837",
            "CSAFPID-816838",
            "CSAFPID-816839",
            "CSAFPID-816840",
            "CSAFPID-816841",
            "CSAFPID-816842",
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-44483"
    },
    {
      "cve": "CVE-2023-47248",
      "product_status": {
        "known_affected": [
          "CSAFPID-8848",
          "CSAFPID-9300",
          "CSAFPID-9522",
          "CSAFPID-9711",
          "CSAFPID-93307",
          "CSAFPID-180190",
          "CSAFPID-189065",
          "CSAFPID-189066",
          "CSAFPID-189067",
          "CSAFPID-219770",
          "CSAFPID-219771",
          "CSAFPID-219774",
          "CSAFPID-220374",
          "CSAFPID-344845",
          "CSAFPID-344846",
          "CSAFPID-765266",
          "CSAFPID-816828",
          "CSAFPID-816829",
          "CSAFPID-816830",
          "CSAFPID-816831",
          "CSAFPID-816832",
          "CSAFPID-816833",
          "CSAFPID-816834",
          "CSAFPID-816835",
          "CSAFPID-816836",
          "CSAFPID-816837",
          "CSAFPID-816838",
          "CSAFPID-816839",
          "CSAFPID-816840",
          "CSAFPID-816841",
          "CSAFPID-816842",
          "CSAFPID-1503318",
          "CSAFPID-1503319",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-47248",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-47248.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-8848",
            "CSAFPID-9300",
            "CSAFPID-9522",
            "CSAFPID-9711",
            "CSAFPID-93307",
            "CSAFPID-180190",
            "CSAFPID-189065",
            "CSAFPID-189066",
            "CSAFPID-189067",
            "CSAFPID-219770",
            "CSAFPID-219771",
            "CSAFPID-219774",
            "CSAFPID-220374",
            "CSAFPID-344845",
            "CSAFPID-344846",
            "CSAFPID-765266",
            "CSAFPID-816828",
            "CSAFPID-816829",
            "CSAFPID-816830",
            "CSAFPID-816831",
            "CSAFPID-816832",
            "CSAFPID-816833",
            "CSAFPID-816834",
            "CSAFPID-816835",
            "CSAFPID-816836",
            "CSAFPID-816837",
            "CSAFPID-816838",
            "CSAFPID-816839",
            "CSAFPID-816840",
            "CSAFPID-816841",
            "CSAFPID-816842",
            "CSAFPID-1503318",
            "CSAFPID-1503319",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-47248"
    },
    {
      "cve": "CVE-2023-50447",
      "cwe": {
        "id": "CWE-77",
        "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
          "title": "CWE-77"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-50447",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-50447.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-50447"
    },
    {
      "cve": "CVE-2023-51074",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-51074",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51074.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-51074"
    },
    {
      "cve": "CVE-2023-52425",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-52425",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52425.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-52425"
    },
    {
      "cve": "CVE-2024-2511",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-2511",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2511.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-2511"
    },
    {
      "cve": "CVE-2024-21188",
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926",
          "CSAFPID-816842"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21188",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21188.json"
        }
      ],
      "title": "CVE-2024-21188"
    },
    {
      "cve": "CVE-2024-22201",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22201",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-22201"
    },
    {
      "cve": "CVE-2024-22262",
      "cwe": {
        "id": "CWE-601",
        "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
          "title": "CWE-601"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22262",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22262.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-22262"
    },
    {
      "cve": "CVE-2024-23807",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-23807",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-23807"
    },
    {
      "cve": "CVE-2024-24549",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-24549",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-24549"
    },
    {
      "cve": "CVE-2024-24816",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-24816",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24816.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-24816"
    },
    {
      "cve": "CVE-2024-25062",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-25062",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25062.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-25062"
    },
    {
      "cve": "CVE-2024-26308",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-26308",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-26308"
    },
    {
      "cve": "CVE-2024-29025",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29025",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json"
        }
      ],
      "title": "CVE-2024-29025"
    },
    {
      "cve": "CVE-2024-29133",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29133",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json"
        }
      ],
      "title": "CVE-2024-29133"
    },
    {
      "cve": "CVE-2024-32114",
      "cwe": {
        "id": "CWE-306",
        "name": "Missing Authentication for Critical Function"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Authentication for Critical Function",
          "title": "CWE-306"
        },
        {
          "category": "other",
          "text": "Initialization of a Resource with an Insecure Default",
          "title": "CWE-1188"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-32114",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32114.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-32114"
    }
  ]
}

ncsc-2024-0297

Vulnerability from csaf_ncscnl

Published

2024-07-17 13:53

Modified

2024-07-17 13:53

Summary

Kwetsbaarheden verholpen in Oracle Financial Services Applications

Notes

Feiten

Er zijn kwetsbaarheden verholpen in Oracle Financial Services Applications.

Interpretaties

Oplossingen

Oracle heeft updates beschikbaar gesteld om de kwetsbaarheden te verhelpen. Zie de referenties voor meer informatie.

Kans

medium

Schade

high

CWE-1188

Initialization of a Resource with an Insecure Default

CWE-121

Stack-based Buffer Overflow

CWE-20

Improper Input Validation

CWE-306

Missing Authentication for Critical Function

CWE-328

Use of Weak Hash

CWE-400

Uncontrolled Resource Consumption

CWE-404

Improper Resource Shutdown or Release

CWE-416

Use After Free

CWE-426

Untrusted Search Path

CWE-502

Deserialization of Untrusted Data

CWE-532

Insertion of Sensitive Information into Log File

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

CWE-770

Allocation of Resources Without Limits or Throttling

CWE-787

Out-of-bounds Write

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Er zijn kwetsbaarheden verholpen in Oracle Financial Services Applications.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n* Denial-of-Service (DoS)\n* Toegang tot gevoelige gegevens\n* Toegang tot systeemgegevens\n* Manipulatie van gegevens\n* (Remote) code execution (Gebruikersrechten)",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates beschikbaar gesteld om de kwetsbaarheden te verhelpen. Zie de referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Initialization of a Resource with an Insecure Default",
        "title": "CWE-1188"
      },
      {
        "category": "general",
        "text": "Stack-based Buffer Overflow",
        "title": "CWE-121"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Missing Authentication for Critical Function",
        "title": "CWE-306"
      },
      {
        "category": "general",
        "text": "Use of Weak Hash",
        "title": "CWE-328"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "Use After Free",
        "title": "CWE-416"
      },
      {
        "category": "general",
        "text": "Untrusted Search Path",
        "title": "CWE-426"
      },
      {
        "category": "general",
        "text": "Deserialization of Untrusted Data",
        "title": "CWE-502"
      },
      {
        "category": "general",
        "text": "Insertion of Sensitive Information into Log File",
        "title": "CWE-532"
      },
      {
        "category": "general",
        "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
        "title": "CWE-601"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
        "title": "CWE-77"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36944"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26031"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34055"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44483"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47248"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50447"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52425"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6129"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21188"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22201"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22262"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23807"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24549"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24816"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25062"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2511"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26308"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29133"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32114"
      },
      {
        "category": "external",
        "summary": "Reference - oracle",
        "url": "https://www.oracle.com/docs/tech/security-alerts/cpujul2024csaf.json"
      },
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; ibm; nvd; oracle",
        "url": "https://www.oracle.com/security-alerts/cpujul2024.html"
      }
    ],
    "title": " Kwetsbaarheden verholpen in Oracle Financial Services Applications",
    "tracking": {
      "current_release_date": "2024-07-17T13:53:54.655859Z",
      "id": "NCSC-2024-0297",
      "initial_release_date": "2024-07-17T13:53:54.655859Z",
      "revision_history": [
        {
          "date": "2024-07-17T13:53:54.655859Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-9711",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-9300",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-9522",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.9:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-8848",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-189066",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-189065",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_basel_regulatory_capital_basic",
            "product": {
              "name": "financial_services_basel_regulatory_capital_basic",
              "product_id": "CSAFPID-1503626",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.7.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_basel_regulatory_capital_basic",
            "product": {
              "name": "financial_services_basel_regulatory_capital_basic",
              "product_id": "CSAFPID-1503627",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.8.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach",
            "product": {
              "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach",
              "product_id": "CSAFPID-1503628",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.7.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach",
            "product": {
              "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach",
              "product_id": "CSAFPID-1503629",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.8.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-189067",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-93307",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-219772",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-219770",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-816828",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-1503630",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_cash_flow_engine",
            "product": {
              "name": "financial_services_cash_flow_engine",
              "product_id": "CSAFPID-764273",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_cash_flow_engine:8.1.2.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_compliance_studio",
            "product": {
              "name": "financial_services_compliance_studio",
              "product_id": "CSAFPID-345047",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_compliance_studio",
            "product": {
              "name": "financial_services_compliance_studio",
              "product_id": "CSAFPID-816829",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_compliance_studio",
            "product": {
              "name": "financial_services_compliance_studio",
              "product_id": "CSAFPID-1503631",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_compliance_studio",
            "product": {
              "name": "financial_services_compliance_studio",
              "product_id": "CSAFPID-1503632",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-219774",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-1503633",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-180190",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-1503634",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1.18:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-219773",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-219771",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-816830",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-1503635",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-1503636",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.7.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_lending_and_leasing",
            "product": {
              "name": "financial_services_lending_and_leasing",
              "product_id": "CSAFPID-816831",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_lending_and_leasing:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-611392",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-611391",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-1503319",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-1503318",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816833",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:_pricing_services___2.9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816840",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:_security___5.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-765266",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-344846",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.7.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816832",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-912589",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816834",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-765264",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-765265",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-344845",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816835",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-400311",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816836",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-912590",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816837",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-400309",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816838",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-912591",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816839",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-912592",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816841",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816842",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-1503637",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-1503923",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-1503638",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
            "product": {
              "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
              "product_id": "CSAFPID-220374",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
            "product": {
              "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
              "product_id": "CSAFPID-764926",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8.0:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-36944",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-764273",
          "CSAFPID-611392",
          "CSAFPID-611391",
          "CSAFPID-9522",
          "CSAFPID-816828",
          "CSAFPID-816829",
          "CSAFPID-816830",
          "CSAFPID-816831",
          "CSAFPID-344846",
          "CSAFPID-816832",
          "CSAFPID-816833",
          "CSAFPID-816834",
          "CSAFPID-344845",
          "CSAFPID-816835",
          "CSAFPID-765266",
          "CSAFPID-816836",
          "CSAFPID-816837",
          "CSAFPID-816838",
          "CSAFPID-816839",
          "CSAFPID-816840",
          "CSAFPID-816841",
          "CSAFPID-816842",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-8848",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-219772",
          "CSAFPID-219770",
          "CSAFPID-345047",
          "CSAFPID-219774",
          "CSAFPID-180190",
          "CSAFPID-219773",
          "CSAFPID-219771",
          "CSAFPID-220374"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-36944",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36944.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-764273",
            "CSAFPID-611392",
            "CSAFPID-611391",
            "CSAFPID-9522",
            "CSAFPID-816828",
            "CSAFPID-816829",
            "CSAFPID-816830",
            "CSAFPID-816831",
            "CSAFPID-344846",
            "CSAFPID-816832",
            "CSAFPID-816833",
            "CSAFPID-816834",
            "CSAFPID-344845",
            "CSAFPID-816835",
            "CSAFPID-765266",
            "CSAFPID-816836",
            "CSAFPID-816837",
            "CSAFPID-816838",
            "CSAFPID-816839",
            "CSAFPID-816840",
            "CSAFPID-816841",
            "CSAFPID-816842",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-8848",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-219772",
            "CSAFPID-219770",
            "CSAFPID-345047",
            "CSAFPID-219774",
            "CSAFPID-180190",
            "CSAFPID-219773",
            "CSAFPID-219771",
            "CSAFPID-220374"
          ]
        }
      ],
      "title": "CVE-2022-36944"
    },
    {
      "cve": "CVE-2023-6129",
      "cwe": {
        "id": "CWE-328",
        "name": "Use of Weak Hash"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use of Weak Hash",
          "title": "CWE-328"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-6129",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6129.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-6129"
    },
    {
      "cve": "CVE-2023-26031",
      "cwe": {
        "id": "CWE-426",
        "name": "Untrusted Search Path"
      },
      "notes": [
        {
          "category": "other",
          "text": "Untrusted Search Path",
          "title": "CWE-426"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-26031",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26031.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-26031"
    },
    {
      "cve": "CVE-2023-34055",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-8848",
          "CSAFPID-9300",
          "CSAFPID-9522",
          "CSAFPID-9711",
          "CSAFPID-93307",
          "CSAFPID-180190",
          "CSAFPID-189065",
          "CSAFPID-189066",
          "CSAFPID-189067",
          "CSAFPID-219770",
          "CSAFPID-219771",
          "CSAFPID-219774",
          "CSAFPID-220374",
          "CSAFPID-344845",
          "CSAFPID-344846",
          "CSAFPID-765266",
          "CSAFPID-816828",
          "CSAFPID-816829",
          "CSAFPID-816830",
          "CSAFPID-816831",
          "CSAFPID-816832",
          "CSAFPID-816833",
          "CSAFPID-816834",
          "CSAFPID-816835",
          "CSAFPID-816836",
          "CSAFPID-816837",
          "CSAFPID-816838",
          "CSAFPID-816839",
          "CSAFPID-816840",
          "CSAFPID-816841",
          "CSAFPID-816842",
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-34055",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-34055.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-8848",
            "CSAFPID-9300",
            "CSAFPID-9522",
            "CSAFPID-9711",
            "CSAFPID-93307",
            "CSAFPID-180190",
            "CSAFPID-189065",
            "CSAFPID-189066",
            "CSAFPID-189067",
            "CSAFPID-219770",
            "CSAFPID-219771",
            "CSAFPID-219774",
            "CSAFPID-220374",
            "CSAFPID-344845",
            "CSAFPID-344846",
            "CSAFPID-765266",
            "CSAFPID-816828",
            "CSAFPID-816829",
            "CSAFPID-816830",
            "CSAFPID-816831",
            "CSAFPID-816832",
            "CSAFPID-816833",
            "CSAFPID-816834",
            "CSAFPID-816835",
            "CSAFPID-816836",
            "CSAFPID-816837",
            "CSAFPID-816838",
            "CSAFPID-816839",
            "CSAFPID-816840",
            "CSAFPID-816841",
            "CSAFPID-816842",
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-34055"
    },
    {
      "cve": "CVE-2023-44483",
      "cwe": {
        "id": "CWE-532",
        "name": "Insertion of Sensitive Information into Log File"
      },
      "notes": [
        {
          "category": "other",
          "text": "Insertion of Sensitive Information into Log File",
          "title": "CWE-532"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-8848",
          "CSAFPID-9300",
          "CSAFPID-9522",
          "CSAFPID-9711",
          "CSAFPID-93307",
          "CSAFPID-180190",
          "CSAFPID-189065",
          "CSAFPID-189066",
          "CSAFPID-189067",
          "CSAFPID-219770",
          "CSAFPID-219771",
          "CSAFPID-219774",
          "CSAFPID-220374",
          "CSAFPID-344845",
          "CSAFPID-344846",
          "CSAFPID-765266",
          "CSAFPID-816828",
          "CSAFPID-816829",
          "CSAFPID-816830",
          "CSAFPID-816831",
          "CSAFPID-816832",
          "CSAFPID-816833",
          "CSAFPID-816834",
          "CSAFPID-816835",
          "CSAFPID-816836",
          "CSAFPID-816837",
          "CSAFPID-816838",
          "CSAFPID-816839",
          "CSAFPID-816840",
          "CSAFPID-816841",
          "CSAFPID-816842",
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-44483",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44483.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-8848",
            "CSAFPID-9300",
            "CSAFPID-9522",
            "CSAFPID-9711",
            "CSAFPID-93307",
            "CSAFPID-180190",
            "CSAFPID-189065",
            "CSAFPID-189066",
            "CSAFPID-189067",
            "CSAFPID-219770",
            "CSAFPID-219771",
            "CSAFPID-219774",
            "CSAFPID-220374",
            "CSAFPID-344845",
            "CSAFPID-344846",
            "CSAFPID-765266",
            "CSAFPID-816828",
            "CSAFPID-816829",
            "CSAFPID-816830",
            "CSAFPID-816831",
            "CSAFPID-816832",
            "CSAFPID-816833",
            "CSAFPID-816834",
            "CSAFPID-816835",
            "CSAFPID-816836",
            "CSAFPID-816837",
            "CSAFPID-816838",
            "CSAFPID-816839",
            "CSAFPID-816840",
            "CSAFPID-816841",
            "CSAFPID-816842",
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-44483"
    },
    {
      "cve": "CVE-2023-47248",
      "product_status": {
        "known_affected": [
          "CSAFPID-8848",
          "CSAFPID-9300",
          "CSAFPID-9522",
          "CSAFPID-9711",
          "CSAFPID-93307",
          "CSAFPID-180190",
          "CSAFPID-189065",
          "CSAFPID-189066",
          "CSAFPID-189067",
          "CSAFPID-219770",
          "CSAFPID-219771",
          "CSAFPID-219774",
          "CSAFPID-220374",
          "CSAFPID-344845",
          "CSAFPID-344846",
          "CSAFPID-765266",
          "CSAFPID-816828",
          "CSAFPID-816829",
          "CSAFPID-816830",
          "CSAFPID-816831",
          "CSAFPID-816832",
          "CSAFPID-816833",
          "CSAFPID-816834",
          "CSAFPID-816835",
          "CSAFPID-816836",
          "CSAFPID-816837",
          "CSAFPID-816838",
          "CSAFPID-816839",
          "CSAFPID-816840",
          "CSAFPID-816841",
          "CSAFPID-816842",
          "CSAFPID-1503318",
          "CSAFPID-1503319",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-47248",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-47248.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-8848",
            "CSAFPID-9300",
            "CSAFPID-9522",
            "CSAFPID-9711",
            "CSAFPID-93307",
            "CSAFPID-180190",
            "CSAFPID-189065",
            "CSAFPID-189066",
            "CSAFPID-189067",
            "CSAFPID-219770",
            "CSAFPID-219771",
            "CSAFPID-219774",
            "CSAFPID-220374",
            "CSAFPID-344845",
            "CSAFPID-344846",
            "CSAFPID-765266",
            "CSAFPID-816828",
            "CSAFPID-816829",
            "CSAFPID-816830",
            "CSAFPID-816831",
            "CSAFPID-816832",
            "CSAFPID-816833",
            "CSAFPID-816834",
            "CSAFPID-816835",
            "CSAFPID-816836",
            "CSAFPID-816837",
            "CSAFPID-816838",
            "CSAFPID-816839",
            "CSAFPID-816840",
            "CSAFPID-816841",
            "CSAFPID-816842",
            "CSAFPID-1503318",
            "CSAFPID-1503319",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-47248"
    },
    {
      "cve": "CVE-2023-50447",
      "cwe": {
        "id": "CWE-77",
        "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
          "title": "CWE-77"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-50447",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-50447.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-50447"
    },
    {
      "cve": "CVE-2023-51074",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-51074",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51074.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-51074"
    },
    {
      "cve": "CVE-2023-52425",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-52425",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52425.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-52425"
    },
    {
      "cve": "CVE-2024-2511",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-2511",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2511.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-2511"
    },
    {
      "cve": "CVE-2024-21188",
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926",
          "CSAFPID-816842"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21188",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21188.json"
        }
      ],
      "title": "CVE-2024-21188"
    },
    {
      "cve": "CVE-2024-22201",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22201",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-22201"
    },
    {
      "cve": "CVE-2024-22262",
      "cwe": {
        "id": "CWE-601",
        "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
          "title": "CWE-601"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22262",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22262.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-22262"
    },
    {
      "cve": "CVE-2024-23807",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-23807",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-23807"
    },
    {
      "cve": "CVE-2024-24549",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-24549",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-24549"
    },
    {
      "cve": "CVE-2024-24816",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-24816",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24816.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-24816"
    },
    {
      "cve": "CVE-2024-25062",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-25062",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25062.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-25062"
    },
    {
      "cve": "CVE-2024-26308",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-26308",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-26308"
    },
    {
      "cve": "CVE-2024-29025",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29025",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json"
        }
      ],
      "title": "CVE-2024-29025"
    },
    {
      "cve": "CVE-2024-29133",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29133",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json"
        }
      ],
      "title": "CVE-2024-29133"
    },
    {
      "cve": "CVE-2024-32114",
      "cwe": {
        "id": "CWE-306",
        "name": "Missing Authentication for Critical Function"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Authentication for Critical Function",
          "title": "CWE-306"
        },
        {
          "category": "other",
          "text": "Initialization of a Resource with an Insecure Default",
          "title": "CWE-1188"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-32114",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32114.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-32114"
    }
  ]
}

ncsc-2025-0022

Vulnerability from csaf_ncscnl

Published

2025-01-22 13:31

Modified

2025-01-22 13:31

Summary

Kwetsbaarheden verholpen in Oracle Enterprise Manager

Notes

Feiten

Oracle heeft kwetsbaarheden verholpen in Oracle Enterprise Manager

Interpretaties

Een kwaadwillende kan de kwetsbaarheden misbruiken om toegang te verkrijgen tot gevoelige data of een Denial-of-Service te veroorzaken.

Oplossingen

Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans

medium

Schade

high

CWE-125

Out-of-bounds Read

CWE-400

Uncontrolled Resource Consumption

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-121

Stack-based Buffer Overflow

CWE-20

Improper Input Validation

CWE-178

Improper Handling of Case Sensitivity

CWE-284

Improper Access Control

CWE-1321

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Oracle heeft kwetsbaarheden verholpen in Oracle Enterprise Manager",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om toegang te verkrijgen tot gevoelige data of een Denial-of-Service te veroorzaken.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Read",
        "title": "CWE-125"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
        "title": "CWE-22"
      },
      {
        "category": "general",
        "text": "Stack-based Buffer Overflow",
        "title": "CWE-121"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Improper Handling of Case Sensitivity",
        "title": "CWE-178"
      },
      {
        "category": "general",
        "text": "Improper Access Control",
        "title": "CWE-284"
      },
      {
        "category": "general",
        "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
        "title": "CWE-1321"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; nvd; oracle",
        "url": "https://www.oracle.com/security-alerts/cpujan2025.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Oracle Enterprise Manager",
    "tracking": {
      "current_release_date": "2025-01-22T13:31:16.019294Z",
      "id": "NCSC-2025-0022",
      "initial_release_date": "2025-01-22T13:31:16.019294Z",
      "revision_history": [
        {
          "date": "2025-01-22T13:31:16.019294Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "enterprise_manager_base_platform",
            "product": {
              "name": "enterprise_manager_base_platform",
              "product_id": "CSAFPID-179794",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.5.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "enterprise_manager_for_mysql_database",
            "product": {
              "name": "enterprise_manager_for_mysql_database",
              "product_id": "CSAFPID-1751077",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:enterprise_manager_for_mysql_database:13.5.2.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "application_testing_suite",
            "product": {
              "name": "application_testing_suite",
              "product_id": "CSAFPID-5546",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-51074",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-5546",
          "CSAFPID-179794"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-51074",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51074.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-5546",
            "CSAFPID-179794"
          ]
        }
      ],
      "title": "CVE-2023-51074"
    },
    {
      "cve": "CVE-2024-29857",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-5546",
          "CSAFPID-179794"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29857",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29857.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-5546",
            "CSAFPID-179794"
          ]
        }
      ],
      "title": "CVE-2024-29857"
    },
    {
      "cve": "CVE-2024-38819",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751077"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38819",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38819.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751077"
          ]
        }
      ],
      "title": "CVE-2024-38819"
    },
    {
      "cve": "CVE-2024-38820",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        },
        {
          "category": "other",
          "text": "Improper Handling of Case Sensitivity",
          "title": "CWE-178"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751077"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38820",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751077"
          ]
        }
      ],
      "title": "CVE-2024-38820"
    },
    {
      "cve": "CVE-2024-38998",
      "cwe": {
        "id": "CWE-1321",
        "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
          "title": "CWE-1321"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-5546"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38998",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38998.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-5546"
          ]
        }
      ],
      "title": "CVE-2024-38998"
    },
    {
      "cve": "CVE-2024-38999",
      "cwe": {
        "id": "CWE-1321",
        "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
          "title": "CWE-1321"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-5546"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38999",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 10.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-5546"
          ]
        }
      ],
      "title": "CVE-2024-38999"
    }
  ]
}

ncsc-2025-0025

Vulnerability from csaf_ncscnl

Published

2025-01-22 13:33

Modified

2025-01-22 13:33

Summary

Kwetsbaarheden verholpen in Oracle Financial Services

Notes

Feiten

Oracle heeft meerdere kwetsbaarheden verholpen in Financial Services en componenten.

Interpretaties

De kwetsbaarheden stellen ongeauthenticeerde aanvallers in staat om toegang te krijgen tot kritieke gegevens en de systeemintegriteit in gevaar te brengen. Specifieke kwetsbaarheden kunnen leiden tot compromittering van vertrouwelijkheid, integriteit en beschikbaarheid, met schadeclassificaties variërend van gemiddeld tot hoog. Sommige kwetsbaarheden kunnen op afstand worden uitgebuit zonder gebruikersinteractie, wat het risico op privilege-escalatie en denial-of-service vergroot.

Oplossingen

Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans

medium

Schade

high

CWE-681

Incorrect Conversion between Numeric Types

CWE-20

Improper Input Validation

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-131

Incorrect Calculation of Buffer Size

CWE-178

Improper Handling of Case Sensitivity

CWE-284

Improper Access Control

CWE-1321

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CWE-611

Improper Restriction of XML External Entity Reference

CWE-670

Always-Incorrect Control Flow Implementation

CWE-192

Integer Coercion Error

CWE-676

Use of Potentially Dangerous Function

CWE-222

Truncation of Security-relevant Information

CWE-755

Improper Handling of Exceptional Conditions

CWE-704

Incorrect Type Conversion or Cast

CWE-680

Integer Overflow to Buffer Overflow

CWE-426

Untrusted Search Path

CWE-354

Improper Validation of Integrity Check Value

CWE-190

Integer Overflow or Wraparound

CWE-532

Insertion of Sensitive Information into Log File

CWE-639

Authorization Bypass Through User-Controlled Key

CWE-757

Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')

CWE-400

Uncontrolled Resource Consumption

CWE-502

Deserialization of Untrusted Data

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CWE-121

Stack-based Buffer Overflow

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Oracle heeft meerdere kwetsbaarheden verholpen in Financial Services en componenten.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden stellen ongeauthenticeerde aanvallers in staat om toegang te krijgen tot kritieke gegevens en de systeemintegriteit in gevaar te brengen. Specifieke kwetsbaarheden kunnen leiden tot compromittering van vertrouwelijkheid, integriteit en beschikbaarheid, met schadeclassificaties vari\u00ebrend van gemiddeld tot hoog. Sommige kwetsbaarheden kunnen op afstand worden uitgebuit zonder gebruikersinteractie, wat het risico op privilege-escalatie en denial-of-service vergroot.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Incorrect Conversion between Numeric Types",
        "title": "CWE-681"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      },
      {
        "category": "general",
        "text": "Incorrect Calculation of Buffer Size",
        "title": "CWE-131"
      },
      {
        "category": "general",
        "text": "Improper Handling of Case Sensitivity",
        "title": "CWE-178"
      },
      {
        "category": "general",
        "text": "Improper Access Control",
        "title": "CWE-284"
      },
      {
        "category": "general",
        "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
        "title": "CWE-1321"
      },
      {
        "category": "general",
        "text": "Improper Restriction of XML External Entity Reference",
        "title": "CWE-611"
      },
      {
        "category": "general",
        "text": "Always-Incorrect Control Flow Implementation",
        "title": "CWE-670"
      },
      {
        "category": "general",
        "text": "Integer Coercion Error",
        "title": "CWE-192"
      },
      {
        "category": "general",
        "text": "Use of Potentially Dangerous Function",
        "title": "CWE-676"
      },
      {
        "category": "general",
        "text": "Truncation of Security-relevant Information",
        "title": "CWE-222"
      },
      {
        "category": "general",
        "text": "Improper Handling of Exceptional Conditions",
        "title": "CWE-755"
      },
      {
        "category": "general",
        "text": "Incorrect Type Conversion or Cast",
        "title": "CWE-704"
      },
      {
        "category": "general",
        "text": "Integer Overflow to Buffer Overflow",
        "title": "CWE-680"
      },
      {
        "category": "general",
        "text": "Untrusted Search Path",
        "title": "CWE-426"
      },
      {
        "category": "general",
        "text": "Improper Validation of Integrity Check Value",
        "title": "CWE-354"
      },
      {
        "category": "general",
        "text": "Integer Overflow or Wraparound",
        "title": "CWE-190"
      },
      {
        "category": "general",
        "text": "Insertion of Sensitive Information into Log File",
        "title": "CWE-532"
      },
      {
        "category": "general",
        "text": "Authorization Bypass Through User-Controlled Key",
        "title": "CWE-639"
      },
      {
        "category": "general",
        "text": "Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027)",
        "title": "CWE-757"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Deserialization of Untrusted Data",
        "title": "CWE-502"
      },
      {
        "category": "general",
        "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
        "title": "CWE-22"
      },
      {
        "category": "general",
        "text": "Exposure of Sensitive Information to an Unauthorized Actor",
        "title": "CWE-200"
      },
      {
        "category": "general",
        "text": "Stack-based Buffer Overflow",
        "title": "CWE-121"
      },
      {
        "category": "general",
        "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
        "title": "CWE-120"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; nvd; oracle",
        "url": "https://www.oracle.com/security-alerts/cpujan2025.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Oracle Financial Services",
    "tracking": {
      "current_release_date": "2025-01-22T13:33:00.723963Z",
      "id": "NCSC-2025-0025",
      "initial_release_date": "2025-01-22T13:33:00.723963Z",
      "revision_history": [
        {
          "date": "2025-01-22T13:33:00.723963Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-342808",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-345045",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-1751072",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-9711",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-345044",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-1751083",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-9300",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-345043",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-9522",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.9:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-345042",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-8848",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-93309",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-189066",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-93305",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-189064",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-189063",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-1751078",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-189065",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_reconciliation_framework",
            "product": {
              "name": "financial_services_analytical_applications_reconciliation_framework",
              "product_id": "CSAFPID-363146",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.0.7.1.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_reconciliation_framework",
            "product": {
              "name": "financial_services_analytical_applications_reconciliation_framework",
              "product_id": "CSAFPID-363129",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.1.1.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_asset_liability_management",
            "product": {
              "name": "financial_services_asset_liability_management",
              "product_id": "CSAFPID-363142",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_balance_computation_engine",
            "product": {
              "name": "financial_services_balance_computation_engine",
              "product_id": "CSAFPID-363130",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_balance_computation_engine:8.1.1.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_balance_sheet_planning",
            "product": {
              "name": "financial_services_balance_sheet_planning",
              "product_id": "CSAFPID-363135",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8.1.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_basel_regulatory_capital_basic",
            "product": {
              "name": "financial_services_basel_regulatory_capital_basic",
              "product_id": "CSAFPID-1503626",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.7.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_basel_regulatory_capital_basic",
            "product": {
              "name": "financial_services_basel_regulatory_capital_basic",
              "product_id": "CSAFPID-1503627",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.8.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach",
            "product": {
              "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach",
              "product_id": "CSAFPID-1503628",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.7.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach",
            "product": {
              "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach",
              "product_id": "CSAFPID-1503629",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.8.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-765261",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-93312",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-220456",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.7.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-93311",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-189067",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-93308",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-93307",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-93306",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-220368",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-220449",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-345041",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-219772",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-219770",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-816828",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-1503630",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-1751074",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_cash_flow_engine",
            "product": {
              "name": "financial_services_cash_flow_engine",
              "product_id": "CSAFPID-764273",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_cash_flow_engine:8.1.2.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_compliance_studio",
            "product": {
              "name": "financial_services_compliance_studio",
              "product_id": "CSAFPID-345047",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_compliance_studio",
            "product": {
              "name": "financial_services_compliance_studio",
              "product_id": "CSAFPID-816829",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_compliance_studio",
            "product": {
              "name": "financial_services_compliance_studio",
              "product_id": "CSAFPID-1503631",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_compliance_studio",
            "product": {
              "name": "financial_services_compliance_studio",
              "product_id": "CSAFPID-1503632",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_crime_and_compliance_management_studio",
            "product": {
              "name": "financial_services_crime_and_compliance_management_studio",
              "product_id": "CSAFPID-93648",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_crime_and_compliance_management_studio",
            "product": {
              "name": "financial_services_crime_and_compliance_management_studio",
              "product_id": "CSAFPID-93647",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_crime_and_compliance_management_studio",
            "product": {
              "name": "financial_services_crime_and_compliance_management_studio",
              "product_id": "CSAFPID-764857",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_crime_and_compliance_management_studio",
            "product": {
              "name": "financial_services_crime_and_compliance_management_studio",
              "product_id": "CSAFPID-391382",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_crime_and_compliance_management_studio",
            "product": {
              "name": "financial_services_crime_and_compliance_management_studio",
              "product_id": "CSAFPID-765262",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:_studio___8.0.8.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_crime_and_compliance_management_studio",
            "product": {
              "name": "financial_services_crime_and_compliance_management_studio",
              "product_id": "CSAFPID-765263",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:_studio___8.0.8.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_currency_transaction_reporting",
            "product": {
              "name": "financial_services_currency_transaction_reporting",
              "product_id": "CSAFPID-493291",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_currency_transaction_reporting:8.0.8.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_currency_transaction_reporting",
            "product": {
              "name": "financial_services_currency_transaction_reporting",
              "product_id": "CSAFPID-493290",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_currency_transaction_reporting:8.1.1.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_currency_transaction_reporting",
            "product": {
              "name": "financial_services_currency_transaction_reporting",
              "product_id": "CSAFPID-493289",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_currency_transaction_reporting:8.1.2.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_currency_transaction_reporting",
            "product": {
              "name": "financial_services_currency_transaction_reporting",
              "product_id": "CSAFPID-493288",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_currency_transaction_reporting:8.1.2.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_data_governance_for_us_regulatory_reporting",
            "product": {
              "name": "financial_services_data_governance_for_us_regulatory_reporting",
              "product_id": "CSAFPID-363128",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:8.1.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_data_governance_for_us_regulatory_reporting",
            "product": {
              "name": "financial_services_data_governance_for_us_regulatory_reporting",
              "product_id": "CSAFPID-363127",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:8.1.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_data_integration_hub",
            "product": {
              "name": "financial_services_data_integration_hub",
              "product_id": "CSAFPID-363144",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.7.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_data_integration_hub",
            "product": {
              "name": "financial_services_data_integration_hub",
              "product_id": "CSAFPID-363131",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0.1.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_data_integration_hub",
            "product": {
              "name": "financial_services_data_integration_hub",
              "product_id": "CSAFPID-363126",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.2.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_deposit_insurance_calculations_for_liquidity_risk_management",
            "product": {
              "name": "financial_services_deposit_insurance_calculations_for_liquidity_risk_management",
              "product_id": "CSAFPID-363143",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_deposit_insurance_calculations_for_liquidity_risk_management:8.0.7.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_deposit_insurance_calculations_for_liquidity_risk_management",
            "product": {
              "name": "financial_services_deposit_insurance_calculations_for_liquidity_risk_management",
              "product_id": "CSAFPID-363133",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_deposit_insurance_calculations_for_liquidity_risk_management:8.0.8.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-567702",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-220378",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.7.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-220377",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.7.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-220455",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.7.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-220607",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-220372",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-1503633",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-219774",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-180191",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-1503634",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1.18:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-180190",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-180189",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-220369",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-220448",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-345040",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-219773",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-219771",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-1503635",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-816830",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-1503636",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.7.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_financial_performance_analytics",
            "product": {
              "name": "financial_services_enterprise_financial_performance_analytics",
              "product_id": "CSAFPID-363141",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.7.8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_funds_transfer_pricing",
            "product": {
              "name": "financial_services_funds_transfer_pricing",
              "product_id": "CSAFPID-363138",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.7.8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_institutional_performance_analytics",
            "product": {
              "name": "financial_services_institutional_performance_analytics",
              "product_id": "CSAFPID-363136",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7.8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_lending_and_leasing",
            "product": {
              "name": "financial_services_lending_and_leasing",
              "product_id": "CSAFPID-816831",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_lending_and_leasing:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_liquidity_risk_measurement_and_management",
            "product": {
              "name": "financial_services_liquidity_risk_measurement_and_management",
              "product_id": "CSAFPID-363145",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_liquidity_risk_measurement_and_management",
            "product": {
              "name": "financial_services_liquidity_risk_measurement_and_management",
              "product_id": "CSAFPID-363132",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_loan_loss_forecasting_and_provisioning",
            "product": {
              "name": "financial_services_loan_loss_forecasting_and_provisioning",
              "product_id": "CSAFPID-363140",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.7.8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_loan_loss_forecasting_and_provisioning",
            "product": {
              "name": "financial_services_loan_loss_forecasting_and_provisioning",
              "product_id": "CSAFPID-363134",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.8.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-764923",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.0.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-396508",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-764924",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-396507",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-611392",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-611391",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-1503319",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-1503318",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-1751202",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-1751086",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_profitability_management",
            "product": {
              "name": "financial_services_profitability_management",
              "product_id": "CSAFPID-363139",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7.8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_regulatory_reporting",
            "product": {
              "name": "financial_services_regulatory_reporting",
              "product_id": "CSAFPID-570314",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.0.8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_regulatory_reporting",
            "product": {
              "name": "financial_services_regulatory_reporting",
              "product_id": "CSAFPID-570313",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_regulatory_reporting",
            "product": {
              "name": "financial_services_regulatory_reporting",
              "product_id": "CSAFPID-570312",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_regulatory_reporting",
            "product": {
              "name": "financial_services_regulatory_reporting",
              "product_id": "CSAFPID-570311",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_regulatory_reporting",
            "product": {
              "name": "financial_services_regulatory_reporting",
              "product_id": "CSAFPID-1751214",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_regulatory_reporting",
            "product": {
              "name": "financial_services_regulatory_reporting",
              "product_id": "CSAFPID-1751213",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_regulatory_reporting_with_agilereporter",
            "product": {
              "name": "financial_services_regulatory_reporting_with_agilereporter",
              "product_id": "CSAFPID-611433",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting_with_agilereporter:8.1.1.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_retail_performance_analytics",
            "product": {
              "name": "financial_services_retail_performance_analytics",
              "product_id": "CSAFPID-363137",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.7.8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-765266",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-344846",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.7.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-219833",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-912589",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816832",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-219832",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-1751215",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-765264",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-765265",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816834",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-344845",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-219831",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-400311",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816835",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-219830",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-912590",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816836",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-219829",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-400309",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816837",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-219828",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-400307",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-912591",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816838",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-219827",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-912592",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816839",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816841",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-1503637",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816842",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-1503638",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816833",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:_pricing_services___2.9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816840",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:_security___5.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_trade-based_anti_money_laundering",
            "product": {
              "name": "financial_services_trade-based_anti_money_laundering",
              "product_id": "CSAFPID-1751087",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_trade-based_anti_money_laundering",
            "product": {
              "name": "financial_services_trade-based_anti_money_laundering",
              "product_id": "CSAFPID-220375",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
            "product": {
              "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
              "product_id": "CSAFPID-764925",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
            "product": {
              "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
              "product_id": "CSAFPID-764796",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
            "product": {
              "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
              "product_id": "CSAFPID-764926",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
            "product": {
              "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
              "product_id": "CSAFPID-220374",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_liquidity_management",
            "product": {
              "name": "banking_liquidity_management",
              "product_id": "CSAFPID-764262",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_liquidity_management",
            "product": {
              "name": "banking_liquidity_management",
              "product_id": "CSAFPID-180213",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_liquidity_management",
            "product": {
              "name": "banking_liquidity_management",
              "product_id": "CSAFPID-180207",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_liquidity_management",
            "product": {
              "name": "banking_liquidity_management",
              "product_id": "CSAFPID-912094",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.5.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_liquidity_management",
            "product": {
              "name": "banking_liquidity_management",
              "product_id": "CSAFPID-912093",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.6.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_liquidity_management",
            "product": {
              "name": "banking_liquidity_management",
              "product_id": "CSAFPID-912092",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_liquidity_management",
            "product": {
              "name": "banking_liquidity_management",
              "product_id": "CSAFPID-816824",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_liquidity_management",
            "product": {
              "name": "banking_liquidity_management",
              "product_id": "CSAFPID-1673499",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_origination",
            "product": {
              "name": "banking_origination",
              "product_id": "CSAFPID-764263",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_origination:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_origination",
            "product": {
              "name": "banking_origination",
              "product_id": "CSAFPID-180208",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_origination:14.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_origination",
            "product": {
              "name": "banking_origination",
              "product_id": "CSAFPID-1751207",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_origination",
            "product": {
              "name": "banking_origination",
              "product_id": "CSAFPID-912064",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_origination:14.5.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_origination",
            "product": {
              "name": "banking_origination",
              "product_id": "CSAFPID-912063",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_origination:14.6.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_origination",
            "product": {
              "name": "banking_origination",
              "product_id": "CSAFPID-912062",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_origination:14.7.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_corporate_lending_process_management",
            "product": {
              "name": "banking_corporate_lending_process_management",
              "product_id": "CSAFPID-764259",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_corporate_lending_process_management",
            "product": {
              "name": "banking_corporate_lending_process_management",
              "product_id": "CSAFPID-1751206",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_corporate_lending_process_management",
            "product": {
              "name": "banking_corporate_lending_process_management",
              "product_id": "CSAFPID-1503614",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_corporate_lending_process_management",
            "product": {
              "name": "banking_corporate_lending_process_management",
              "product_id": "CSAFPID-180204",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_corporate_lending_process_management",
            "product": {
              "name": "banking_corporate_lending_process_management",
              "product_id": "CSAFPID-1503615",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_corporate_lending_process_management",
            "product": {
              "name": "banking_corporate_lending_process_management",
              "product_id": "CSAFPID-1503616",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.6.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_corporate_lending_process_management",
            "product": {
              "name": "banking_corporate_lending_process_management",
              "product_id": "CSAFPID-1503617",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.7.0.0.0:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-34169",
      "cwe": {
        "id": "CWE-192",
        "name": "Integer Coercion Error"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Coercion Error",
          "title": "CWE-192"
        },
        {
          "category": "other",
          "text": "Incorrect Conversion between Numeric Types",
          "title": "CWE-681"
        },
        {
          "category": "other",
          "text": "Incorrect Type Conversion or Cast",
          "title": "CWE-704"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-219827",
          "CSAFPID-219828",
          "CSAFPID-219829",
          "CSAFPID-219830",
          "CSAFPID-344845",
          "CSAFPID-219831",
          "CSAFPID-219832",
          "CSAFPID-344846",
          "CSAFPID-219833",
          "CSAFPID-764259",
          "CSAFPID-345045",
          "CSAFPID-345044",
          "CSAFPID-345043",
          "CSAFPID-345042",
          "CSAFPID-93309",
          "CSAFPID-93305",
          "CSAFPID-189064",
          "CSAFPID-189063",
          "CSAFPID-363146",
          "CSAFPID-363129",
          "CSAFPID-363142",
          "CSAFPID-363130",
          "CSAFPID-363135",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-345041",
          "CSAFPID-219772",
          "CSAFPID-345047",
          "CSAFPID-391382",
          "CSAFPID-493291",
          "CSAFPID-493290",
          "CSAFPID-493289",
          "CSAFPID-493288",
          "CSAFPID-363128",
          "CSAFPID-363127",
          "CSAFPID-363144",
          "CSAFPID-363131",
          "CSAFPID-363126",
          "CSAFPID-363143",
          "CSAFPID-363133",
          "CSAFPID-219774",
          "CSAFPID-180190",
          "CSAFPID-345040",
          "CSAFPID-219773",
          "CSAFPID-363141",
          "CSAFPID-363138",
          "CSAFPID-363136",
          "CSAFPID-363145",
          "CSAFPID-363132",
          "CSAFPID-363140",
          "CSAFPID-363134",
          "CSAFPID-396508",
          "CSAFPID-396507",
          "CSAFPID-363139",
          "CSAFPID-570314",
          "CSAFPID-570313",
          "CSAFPID-570312",
          "CSAFPID-570311",
          "CSAFPID-611433",
          "CSAFPID-363137",
          "CSAFPID-764796",
          "CSAFPID-764857",
          "CSAFPID-342808",
          "CSAFPID-220456",
          "CSAFPID-93308",
          "CSAFPID-93306",
          "CSAFPID-220368",
          "CSAFPID-220449",
          "CSAFPID-220455",
          "CSAFPID-180191",
          "CSAFPID-180189",
          "CSAFPID-220369",
          "CSAFPID-220448",
          "CSAFPID-764923",
          "CSAFPID-764924",
          "CSAFPID-764925",
          "CSAFPID-764926",
          "CSAFPID-764262",
          "CSAFPID-816824",
          "CSAFPID-764263",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-9522",
          "CSAFPID-180204",
          "CSAFPID-180213",
          "CSAFPID-180207",
          "CSAFPID-180208",
          "CSAFPID-93312",
          "CSAFPID-93311",
          "CSAFPID-765261",
          "CSAFPID-765262",
          "CSAFPID-93648",
          "CSAFPID-765263",
          "CSAFPID-93647",
          "CSAFPID-220378",
          "CSAFPID-220377",
          "CSAFPID-220607",
          "CSAFPID-220372",
          "CSAFPID-567702",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-765266",
          "CSAFPID-400307",
          "CSAFPID-8848",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-219770",
          "CSAFPID-816828",
          "CSAFPID-816829",
          "CSAFPID-219771",
          "CSAFPID-816830",
          "CSAFPID-816831",
          "CSAFPID-816832",
          "CSAFPID-816833",
          "CSAFPID-816834",
          "CSAFPID-816835",
          "CSAFPID-816836",
          "CSAFPID-816837",
          "CSAFPID-816838",
          "CSAFPID-816839",
          "CSAFPID-816840",
          "CSAFPID-816841",
          "CSAFPID-816842",
          "CSAFPID-220374",
          "CSAFPID-912094",
          "CSAFPID-912093",
          "CSAFPID-912092",
          "CSAFPID-912064",
          "CSAFPID-912063",
          "CSAFPID-912062",
          "CSAFPID-912589",
          "CSAFPID-400311",
          "CSAFPID-912590",
          "CSAFPID-400309",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-1503614",
          "CSAFPID-1503615",
          "CSAFPID-1503616",
          "CSAFPID-1503617",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-34169",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-34169.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-219827",
            "CSAFPID-219828",
            "CSAFPID-219829",
            "CSAFPID-219830",
            "CSAFPID-344845",
            "CSAFPID-219831",
            "CSAFPID-219832",
            "CSAFPID-344846",
            "CSAFPID-219833",
            "CSAFPID-764259",
            "CSAFPID-345045",
            "CSAFPID-345044",
            "CSAFPID-345043",
            "CSAFPID-345042",
            "CSAFPID-93309",
            "CSAFPID-93305",
            "CSAFPID-189064",
            "CSAFPID-189063",
            "CSAFPID-363146",
            "CSAFPID-363129",
            "CSAFPID-363142",
            "CSAFPID-363130",
            "CSAFPID-363135",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-345041",
            "CSAFPID-219772",
            "CSAFPID-345047",
            "CSAFPID-391382",
            "CSAFPID-493291",
            "CSAFPID-493290",
            "CSAFPID-493289",
            "CSAFPID-493288",
            "CSAFPID-363128",
            "CSAFPID-363127",
            "CSAFPID-363144",
            "CSAFPID-363131",
            "CSAFPID-363126",
            "CSAFPID-363143",
            "CSAFPID-363133",
            "CSAFPID-219774",
            "CSAFPID-180190",
            "CSAFPID-345040",
            "CSAFPID-219773",
            "CSAFPID-363141",
            "CSAFPID-363138",
            "CSAFPID-363136",
            "CSAFPID-363145",
            "CSAFPID-363132",
            "CSAFPID-363140",
            "CSAFPID-363134",
            "CSAFPID-396508",
            "CSAFPID-396507",
            "CSAFPID-363139",
            "CSAFPID-570314",
            "CSAFPID-570313",
            "CSAFPID-570312",
            "CSAFPID-570311",
            "CSAFPID-611433",
            "CSAFPID-363137",
            "CSAFPID-764796",
            "CSAFPID-764857",
            "CSAFPID-342808",
            "CSAFPID-220456",
            "CSAFPID-93308",
            "CSAFPID-93306",
            "CSAFPID-220368",
            "CSAFPID-220449",
            "CSAFPID-220455",
            "CSAFPID-180191",
            "CSAFPID-180189",
            "CSAFPID-220369",
            "CSAFPID-220448",
            "CSAFPID-764923",
            "CSAFPID-764924",
            "CSAFPID-764925",
            "CSAFPID-764926",
            "CSAFPID-764262",
            "CSAFPID-816824",
            "CSAFPID-764263",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-9522",
            "CSAFPID-180204",
            "CSAFPID-180213",
            "CSAFPID-180207",
            "CSAFPID-180208",
            "CSAFPID-93312",
            "CSAFPID-93311",
            "CSAFPID-765261",
            "CSAFPID-765262",
            "CSAFPID-93648",
            "CSAFPID-765263",
            "CSAFPID-93647",
            "CSAFPID-220378",
            "CSAFPID-220377",
            "CSAFPID-220607",
            "CSAFPID-220372",
            "CSAFPID-567702",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-765266",
            "CSAFPID-400307",
            "CSAFPID-8848",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-219770",
            "CSAFPID-816828",
            "CSAFPID-816829",
            "CSAFPID-219771",
            "CSAFPID-816830",
            "CSAFPID-816831",
            "CSAFPID-816832",
            "CSAFPID-816833",
            "CSAFPID-816834",
            "CSAFPID-816835",
            "CSAFPID-816836",
            "CSAFPID-816837",
            "CSAFPID-816838",
            "CSAFPID-816839",
            "CSAFPID-816840",
            "CSAFPID-816841",
            "CSAFPID-816842",
            "CSAFPID-220374",
            "CSAFPID-912094",
            "CSAFPID-912093",
            "CSAFPID-912092",
            "CSAFPID-912064",
            "CSAFPID-912063",
            "CSAFPID-912062",
            "CSAFPID-912589",
            "CSAFPID-400311",
            "CSAFPID-912590",
            "CSAFPID-400309",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-1503614",
            "CSAFPID-1503615",
            "CSAFPID-1503616",
            "CSAFPID-1503617",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638"
          ]
        }
      ],
      "title": "CVE-2022-34169"
    },
    {
      "cve": "CVE-2023-26031",
      "cwe": {
        "id": "CWE-426",
        "name": "Untrusted Search Path"
      },
      "notes": [
        {
          "category": "other",
          "text": "Untrusted Search Path",
          "title": "CWE-426"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1503614",
          "CSAFPID-1503615",
          "CSAFPID-1503616",
          "CSAFPID-1503617",
          "CSAFPID-912094",
          "CSAFPID-912093",
          "CSAFPID-912092",
          "CSAFPID-912064",
          "CSAFPID-912063",
          "CSAFPID-912062",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926",
          "CSAFPID-816829"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-26031",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26031.json"
        }
      ],
      "title": "CVE-2023-26031"
    },
    {
      "cve": "CVE-2023-33201",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-611391",
          "CSAFPID-611392",
          "CSAFPID-764259",
          "CSAFPID-764262",
          "CSAFPID-764263",
          "CSAFPID-764273",
          "CSAFPID-8848",
          "CSAFPID-9300",
          "CSAFPID-9522",
          "CSAFPID-9711",
          "CSAFPID-93307",
          "CSAFPID-180190",
          "CSAFPID-189065",
          "CSAFPID-189066",
          "CSAFPID-189067",
          "CSAFPID-219770",
          "CSAFPID-219771",
          "CSAFPID-219774",
          "CSAFPID-220374",
          "CSAFPID-344845",
          "CSAFPID-344846",
          "CSAFPID-765266",
          "CSAFPID-816824",
          "CSAFPID-816828",
          "CSAFPID-816829",
          "CSAFPID-816830",
          "CSAFPID-816831",
          "CSAFPID-816832",
          "CSAFPID-816833",
          "CSAFPID-816834",
          "CSAFPID-816835",
          "CSAFPID-816836",
          "CSAFPID-816837",
          "CSAFPID-816838",
          "CSAFPID-816839",
          "CSAFPID-816840",
          "CSAFPID-816841",
          "CSAFPID-816842",
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912062",
          "CSAFPID-912063",
          "CSAFPID-912064",
          "CSAFPID-912092",
          "CSAFPID-912093",
          "CSAFPID-912094",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-1503614",
          "CSAFPID-1503615",
          "CSAFPID-1503616",
          "CSAFPID-1503617",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926",
          "CSAFPID-1751202",
          "CSAFPID-1751086"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-33201",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33201.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-611391",
            "CSAFPID-611392",
            "CSAFPID-764259",
            "CSAFPID-764262",
            "CSAFPID-764263",
            "CSAFPID-764273",
            "CSAFPID-8848",
            "CSAFPID-9300",
            "CSAFPID-9522",
            "CSAFPID-9711",
            "CSAFPID-93307",
            "CSAFPID-180190",
            "CSAFPID-189065",
            "CSAFPID-189066",
            "CSAFPID-189067",
            "CSAFPID-219770",
            "CSAFPID-219771",
            "CSAFPID-219774",
            "CSAFPID-220374",
            "CSAFPID-344845",
            "CSAFPID-344846",
            "CSAFPID-765266",
            "CSAFPID-816824",
            "CSAFPID-816828",
            "CSAFPID-816829",
            "CSAFPID-816830",
            "CSAFPID-816831",
            "CSAFPID-816832",
            "CSAFPID-816833",
            "CSAFPID-816834",
            "CSAFPID-816835",
            "CSAFPID-816836",
            "CSAFPID-816837",
            "CSAFPID-816838",
            "CSAFPID-816839",
            "CSAFPID-816840",
            "CSAFPID-816841",
            "CSAFPID-816842",
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912062",
            "CSAFPID-912063",
            "CSAFPID-912064",
            "CSAFPID-912092",
            "CSAFPID-912093",
            "CSAFPID-912094",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-1503614",
            "CSAFPID-1503615",
            "CSAFPID-1503616",
            "CSAFPID-1503617",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926",
            "CSAFPID-1751202",
            "CSAFPID-1751086"
          ]
        }
      ],
      "title": "CVE-2023-33201"
    },
    {
      "cve": "CVE-2023-39410",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-8848",
          "CSAFPID-9300",
          "CSAFPID-9522",
          "CSAFPID-9711",
          "CSAFPID-93307",
          "CSAFPID-180190",
          "CSAFPID-189065",
          "CSAFPID-189066",
          "CSAFPID-189067",
          "CSAFPID-219770",
          "CSAFPID-219771",
          "CSAFPID-219774",
          "CSAFPID-220374",
          "CSAFPID-344845",
          "CSAFPID-344846",
          "CSAFPID-764259",
          "CSAFPID-764262",
          "CSAFPID-764263",
          "CSAFPID-765266",
          "CSAFPID-816824",
          "CSAFPID-816828",
          "CSAFPID-816829",
          "CSAFPID-816830",
          "CSAFPID-816831",
          "CSAFPID-816832",
          "CSAFPID-816833",
          "CSAFPID-816834",
          "CSAFPID-816835",
          "CSAFPID-816836",
          "CSAFPID-816837",
          "CSAFPID-816838",
          "CSAFPID-816839",
          "CSAFPID-816840",
          "CSAFPID-816841",
          "CSAFPID-816842",
          "CSAFPID-1751202",
          "CSAFPID-1751206",
          "CSAFPID-1751086",
          "CSAFPID-1751207",
          "CSAFPID-1503318"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-39410",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39410.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-8848",
            "CSAFPID-9300",
            "CSAFPID-9522",
            "CSAFPID-9711",
            "CSAFPID-93307",
            "CSAFPID-180190",
            "CSAFPID-189065",
            "CSAFPID-189066",
            "CSAFPID-189067",
            "CSAFPID-219770",
            "CSAFPID-219771",
            "CSAFPID-219774",
            "CSAFPID-220374",
            "CSAFPID-344845",
            "CSAFPID-344846",
            "CSAFPID-764259",
            "CSAFPID-764262",
            "CSAFPID-764263",
            "CSAFPID-765266",
            "CSAFPID-816824",
            "CSAFPID-816828",
            "CSAFPID-816829",
            "CSAFPID-816830",
            "CSAFPID-816831",
            "CSAFPID-816832",
            "CSAFPID-816833",
            "CSAFPID-816834",
            "CSAFPID-816835",
            "CSAFPID-816836",
            "CSAFPID-816837",
            "CSAFPID-816838",
            "CSAFPID-816839",
            "CSAFPID-816840",
            "CSAFPID-816841",
            "CSAFPID-816842",
            "CSAFPID-1751202",
            "CSAFPID-1751206",
            "CSAFPID-1751086",
            "CSAFPID-1751207",
            "CSAFPID-1503318"
          ]
        }
      ],
      "title": "CVE-2023-39410"
    },
    {
      "cve": "CVE-2023-44483",
      "cwe": {
        "id": "CWE-532",
        "name": "Insertion of Sensitive Information into Log File"
      },
      "notes": [
        {
          "category": "other",
          "text": "Insertion of Sensitive Information into Log File",
          "title": "CWE-532"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-8848",
          "CSAFPID-9300",
          "CSAFPID-9522",
          "CSAFPID-9711",
          "CSAFPID-93307",
          "CSAFPID-180190",
          "CSAFPID-189065",
          "CSAFPID-189066",
          "CSAFPID-189067",
          "CSAFPID-219770",
          "CSAFPID-219771",
          "CSAFPID-219774",
          "CSAFPID-220374",
          "CSAFPID-344845",
          "CSAFPID-344846",
          "CSAFPID-764259",
          "CSAFPID-764262",
          "CSAFPID-764263",
          "CSAFPID-765266",
          "CSAFPID-816824",
          "CSAFPID-816828",
          "CSAFPID-816829",
          "CSAFPID-816830",
          "CSAFPID-816831",
          "CSAFPID-816832",
          "CSAFPID-816833",
          "CSAFPID-816834",
          "CSAFPID-816835",
          "CSAFPID-816836",
          "CSAFPID-816837",
          "CSAFPID-816838",
          "CSAFPID-816839",
          "CSAFPID-816840",
          "CSAFPID-816841",
          "CSAFPID-816842",
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912062",
          "CSAFPID-912063",
          "CSAFPID-912064",
          "CSAFPID-912092",
          "CSAFPID-912093",
          "CSAFPID-912094",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-1503614",
          "CSAFPID-1503615",
          "CSAFPID-1503616",
          "CSAFPID-1503617",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-44483",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44483.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-8848",
            "CSAFPID-9300",
            "CSAFPID-9522",
            "CSAFPID-9711",
            "CSAFPID-93307",
            "CSAFPID-180190",
            "CSAFPID-189065",
            "CSAFPID-189066",
            "CSAFPID-189067",
            "CSAFPID-219770",
            "CSAFPID-219771",
            "CSAFPID-219774",
            "CSAFPID-220374",
            "CSAFPID-344845",
            "CSAFPID-344846",
            "CSAFPID-764259",
            "CSAFPID-764262",
            "CSAFPID-764263",
            "CSAFPID-765266",
            "CSAFPID-816824",
            "CSAFPID-816828",
            "CSAFPID-816829",
            "CSAFPID-816830",
            "CSAFPID-816831",
            "CSAFPID-816832",
            "CSAFPID-816833",
            "CSAFPID-816834",
            "CSAFPID-816835",
            "CSAFPID-816836",
            "CSAFPID-816837",
            "CSAFPID-816838",
            "CSAFPID-816839",
            "CSAFPID-816840",
            "CSAFPID-816841",
            "CSAFPID-816842",
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912062",
            "CSAFPID-912063",
            "CSAFPID-912064",
            "CSAFPID-912092",
            "CSAFPID-912093",
            "CSAFPID-912094",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-1503614",
            "CSAFPID-1503615",
            "CSAFPID-1503616",
            "CSAFPID-1503617",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-44483"
    },
    {
      "cve": "CVE-2023-48795",
      "cwe": {
        "id": "CWE-222",
        "name": "Truncation of Security-relevant Information"
      },
      "notes": [
        {
          "category": "other",
          "text": "Truncation of Security-relevant Information",
          "title": "CWE-222"
        },
        {
          "category": "other",
          "text": "Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027)",
          "title": "CWE-757"
        },
        {
          "category": "other",
          "text": "Improper Validation of Integrity Check Value",
          "title": "CWE-354"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-8848",
          "CSAFPID-9300",
          "CSAFPID-9522",
          "CSAFPID-9711",
          "CSAFPID-93307",
          "CSAFPID-180190",
          "CSAFPID-189065",
          "CSAFPID-189066",
          "CSAFPID-189067",
          "CSAFPID-219770",
          "CSAFPID-219771",
          "CSAFPID-219774",
          "CSAFPID-220374",
          "CSAFPID-344845",
          "CSAFPID-344846",
          "CSAFPID-764259",
          "CSAFPID-764262",
          "CSAFPID-764263",
          "CSAFPID-765266",
          "CSAFPID-816824",
          "CSAFPID-816828",
          "CSAFPID-816829",
          "CSAFPID-816830",
          "CSAFPID-816831",
          "CSAFPID-816832",
          "CSAFPID-816833",
          "CSAFPID-816834",
          "CSAFPID-816835",
          "CSAFPID-816836",
          "CSAFPID-816837",
          "CSAFPID-816838",
          "CSAFPID-816839",
          "CSAFPID-816840",
          "CSAFPID-816841",
          "CSAFPID-816842",
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912062",
          "CSAFPID-912063",
          "CSAFPID-912064",
          "CSAFPID-912092",
          "CSAFPID-912093",
          "CSAFPID-912094",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-1503614",
          "CSAFPID-1503615",
          "CSAFPID-1503616",
          "CSAFPID-1503617",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-48795",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-8848",
            "CSAFPID-9300",
            "CSAFPID-9522",
            "CSAFPID-9711",
            "CSAFPID-93307",
            "CSAFPID-180190",
            "CSAFPID-189065",
            "CSAFPID-189066",
            "CSAFPID-189067",
            "CSAFPID-219770",
            "CSAFPID-219771",
            "CSAFPID-219774",
            "CSAFPID-220374",
            "CSAFPID-344845",
            "CSAFPID-344846",
            "CSAFPID-764259",
            "CSAFPID-764262",
            "CSAFPID-764263",
            "CSAFPID-765266",
            "CSAFPID-816824",
            "CSAFPID-816828",
            "CSAFPID-816829",
            "CSAFPID-816830",
            "CSAFPID-816831",
            "CSAFPID-816832",
            "CSAFPID-816833",
            "CSAFPID-816834",
            "CSAFPID-816835",
            "CSAFPID-816836",
            "CSAFPID-816837",
            "CSAFPID-816838",
            "CSAFPID-816839",
            "CSAFPID-816840",
            "CSAFPID-816841",
            "CSAFPID-816842",
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912062",
            "CSAFPID-912063",
            "CSAFPID-912064",
            "CSAFPID-912092",
            "CSAFPID-912093",
            "CSAFPID-912094",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-1503614",
            "CSAFPID-1503615",
            "CSAFPID-1503616",
            "CSAFPID-1503617",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-48795"
    },
    {
      "cve": "CVE-2023-51074",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912062",
          "CSAFPID-912063",
          "CSAFPID-912064",
          "CSAFPID-912092",
          "CSAFPID-912093",
          "CSAFPID-912094",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-1503614",
          "CSAFPID-1503615",
          "CSAFPID-1503616",
          "CSAFPID-1503617",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926",
          "CSAFPID-1751213",
          "CSAFPID-220375",
          "CSAFPID-1751214",
          "CSAFPID-1751074"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-51074",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51074.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912062",
            "CSAFPID-912063",
            "CSAFPID-912064",
            "CSAFPID-912092",
            "CSAFPID-912093",
            "CSAFPID-912094",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-1503614",
            "CSAFPID-1503615",
            "CSAFPID-1503616",
            "CSAFPID-1503617",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926",
            "CSAFPID-1751213",
            "CSAFPID-220375",
            "CSAFPID-1751214",
            "CSAFPID-1751074"
          ]
        }
      ],
      "title": "CVE-2023-51074"
    },
    {
      "cve": "CVE-2023-52070",
      "product_status": {
        "known_affected": [
          "CSAFPID-1751215"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-52070",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52070.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751215"
          ]
        }
      ],
      "title": "CVE-2023-52070"
    },
    {
      "cve": "CVE-2024-28219",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
          "title": "CWE-120"
        },
        {
          "category": "other",
          "text": "Use of Potentially Dangerous Function",
          "title": "CWE-676"
        },
        {
          "category": "other",
          "text": "Integer Overflow to Buffer Overflow",
          "title": "CWE-680"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1503631",
          "CSAFPID-1673499"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-28219",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28219.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1503631",
            "CSAFPID-1673499"
          ]
        }
      ],
      "title": "CVE-2024-28219"
    },
    {
      "cve": "CVE-2024-34064",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1503614",
          "CSAFPID-1503615",
          "CSAFPID-1503616",
          "CSAFPID-1503617",
          "CSAFPID-912094",
          "CSAFPID-912093",
          "CSAFPID-912092",
          "CSAFPID-912064",
          "CSAFPID-912063",
          "CSAFPID-912062",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926",
          "CSAFPID-1673499",
          "CSAFPID-1751206",
          "CSAFPID-1751207"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-34064",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34064.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1503614",
            "CSAFPID-1503615",
            "CSAFPID-1503616",
            "CSAFPID-1503617",
            "CSAFPID-912094",
            "CSAFPID-912093",
            "CSAFPID-912092",
            "CSAFPID-912064",
            "CSAFPID-912063",
            "CSAFPID-912062",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926",
            "CSAFPID-1673499",
            "CSAFPID-1751206",
            "CSAFPID-1751207"
          ]
        }
      ],
      "title": "CVE-2024-34064"
    },
    {
      "cve": "CVE-2024-34750",
      "cwe": {
        "id": "CWE-755",
        "name": "Improper Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Handling of Exceptional Conditions",
          "title": "CWE-755"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751202",
          "CSAFPID-1751086",
          "CSAFPID-1503318"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-34750",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751202",
            "CSAFPID-1751086",
            "CSAFPID-1503318"
          ]
        }
      ],
      "title": "CVE-2024-34750"
    },
    {
      "cve": "CVE-2024-35195",
      "cwe": {
        "id": "CWE-670",
        "name": "Always-Incorrect Control Flow Implementation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Always-Incorrect Control Flow Implementation",
          "title": "CWE-670"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673499",
          "CSAFPID-1503631"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-35195",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35195.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673499",
            "CSAFPID-1503631"
          ]
        }
      ],
      "title": "CVE-2024-35195"
    },
    {
      "cve": "CVE-2024-38819",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751072",
          "CSAFPID-1503630",
          "CSAFPID-1751074",
          "CSAFPID-1751078",
          "CSAFPID-189067",
          "CSAFPID-1751083",
          "CSAFPID-1751086",
          "CSAFPID-1503631",
          "CSAFPID-220375"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38819",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38819.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751072",
            "CSAFPID-1503630",
            "CSAFPID-1751074",
            "CSAFPID-1751078",
            "CSAFPID-189067",
            "CSAFPID-1751083",
            "CSAFPID-1751086",
            "CSAFPID-1503631",
            "CSAFPID-220375"
          ]
        }
      ],
      "title": "CVE-2024-38819"
    },
    {
      "cve": "CVE-2024-38820",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        },
        {
          "category": "other",
          "text": "Improper Handling of Case Sensitivity",
          "title": "CWE-178"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220375",
          "CSAFPID-1751083",
          "CSAFPID-1503630",
          "CSAFPID-1751074",
          "CSAFPID-1751078",
          "CSAFPID-1503631",
          "CSAFPID-189067",
          "CSAFPID-1751086",
          "CSAFPID-1751072"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38820",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220375",
            "CSAFPID-1751083",
            "CSAFPID-1503630",
            "CSAFPID-1751074",
            "CSAFPID-1751078",
            "CSAFPID-1503631",
            "CSAFPID-189067",
            "CSAFPID-1751086",
            "CSAFPID-1751072"
          ]
        }
      ],
      "title": "CVE-2024-38820"
    },
    {
      "cve": "CVE-2024-38827",
      "cwe": {
        "id": "CWE-639",
        "name": "Authorization Bypass Through User-Controlled Key"
      },
      "notes": [
        {
          "category": "other",
          "text": "Authorization Bypass Through User-Controlled Key",
          "title": "CWE-639"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1503631"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38827",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38827.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1503631"
          ]
        }
      ],
      "title": "CVE-2024-38827"
    },
    {
      "cve": "CVE-2024-38998",
      "cwe": {
        "id": "CWE-1321",
        "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
          "title": "CWE-1321"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220375",
          "CSAFPID-1751083",
          "CSAFPID-189067",
          "CSAFPID-1503318",
          "CSAFPID-1751202",
          "CSAFPID-1503630",
          "CSAFPID-1751074",
          "CSAFPID-1751078",
          "CSAFPID-1751213",
          "CSAFPID-1751214",
          "CSAFPID-219774",
          "CSAFPID-1751086",
          "CSAFPID-1751072"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38998",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38998.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220375",
            "CSAFPID-1751083",
            "CSAFPID-189067",
            "CSAFPID-1503318",
            "CSAFPID-1751202",
            "CSAFPID-1503630",
            "CSAFPID-1751074",
            "CSAFPID-1751078",
            "CSAFPID-1751213",
            "CSAFPID-1751214",
            "CSAFPID-219774",
            "CSAFPID-1751086",
            "CSAFPID-1751072"
          ]
        }
      ],
      "title": "CVE-2024-38998"
    },
    {
      "cve": "CVE-2024-38999",
      "cwe": {
        "id": "CWE-1321",
        "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
          "title": "CWE-1321"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220375",
          "CSAFPID-1751083",
          "CSAFPID-189067",
          "CSAFPID-1503318",
          "CSAFPID-1751202",
          "CSAFPID-1503630",
          "CSAFPID-1751074",
          "CSAFPID-1751078",
          "CSAFPID-1751213",
          "CSAFPID-1751214",
          "CSAFPID-219774",
          "CSAFPID-1751086",
          "CSAFPID-1751072"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38999",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 10.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220375",
            "CSAFPID-1751083",
            "CSAFPID-189067",
            "CSAFPID-1503318",
            "CSAFPID-1751202",
            "CSAFPID-1503630",
            "CSAFPID-1751074",
            "CSAFPID-1751078",
            "CSAFPID-1751213",
            "CSAFPID-1751214",
            "CSAFPID-219774",
            "CSAFPID-1751086",
            "CSAFPID-1751072"
          ]
        }
      ],
      "title": "CVE-2024-38999"
    },
    {
      "cve": "CVE-2024-45490",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "other",
          "text": "Incorrect Calculation of Buffer Size",
          "title": "CWE-131"
        },
        {
          "category": "other",
          "text": "Improper Restriction of XML External Entity Reference",
          "title": "CWE-611"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-189067",
          "CSAFPID-1503630",
          "CSAFPID-1751074",
          "CSAFPID-220375"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45490",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45490.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-189067",
            "CSAFPID-1503630",
            "CSAFPID-1751074",
            "CSAFPID-220375"
          ]
        }
      ],
      "title": "CVE-2024-45490"
    },
    {
      "cve": "CVE-2024-45491",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220375",
          "CSAFPID-1503630",
          "CSAFPID-189067",
          "CSAFPID-1751074"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45491",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45491.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220375",
            "CSAFPID-1503630",
            "CSAFPID-189067",
            "CSAFPID-1751074"
          ]
        }
      ],
      "title": "CVE-2024-45491"
    },
    {
      "cve": "CVE-2024-45492",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220375",
          "CSAFPID-1503630",
          "CSAFPID-189067",
          "CSAFPID-1751074"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45492",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220375",
            "CSAFPID-1503630",
            "CSAFPID-189067",
            "CSAFPID-1751074"
          ]
        }
      ],
      "title": "CVE-2024-45492"
    },
    {
      "cve": "CVE-2025-21550",
      "product_status": {
        "known_affected": [
          "CSAFPID-189067",
          "CSAFPID-1503630",
          "CSAFPID-1751074"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21550",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21550.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-189067",
            "CSAFPID-1503630",
            "CSAFPID-1751074"
          ]
        }
      ],
      "title": "CVE-2025-21550"
    }
  ]
}

rhsa-2024_3527

Vulnerability from csaf_redhat

Published

2024-05-30 20:24

Modified

2025-01-06 20:02

Summary

Red Hat Security Advisory: Red Hat AMQ Streams 2.7.0 release and security update

Notes

Topic

Red Hat AMQ Streams 2.7.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 2.7.0 serves as a replacement for Red Hat AMQ Streams 2.6.0, and includes security and bug fixes, and enhancements. Security Fix(es): * lz4: memory corruption due to an integer overflow bug caused by memmove argument (CVE-2021-3520) * zstd: Race condition allows attacker to access world-readable destination file (CVE-2021-24032) * RocksDB: zstd: mysql: buffer overrun in util.c (CVE-2022-4899) * netty-codec-http: Allocation of Resources Without Limits or Throttling (CVE-2024-29025) * commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file (CVE-2024-25710) * apache-commons-text: variable interpolation RCE (CVE-2022-42889) * snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact (CVE-2023-43642) * json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion) (CVE-2023-1370) * protobuf-java: timeout in parser leads to DoS (CVE-2022-3171) * Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing (CVE-2022-42920) * bc-java: Out of memory while parsing ASN.1 crafted data in org.bouncycastle.openssl.PEMParser class (CVE-2023-33202) * bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201) * json-path: stack-based buffer overflow in Criteria.parse method (CVE-2023-51074) * guava: insecure temporary directory creation (CVE-2023-2976) * io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support (CVE-2024-1300) * io.vertx/vertx-core: memory leak due to the use of Netty FastThreadLocal data structures in Vertx (CVE-2024-1023) * quarkus-core: Leak of local configuration properties into Quarkus applications (CVE-2024-2700)

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat AMQ Streams 2.7.0 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. \n\nThis release of Red Hat AMQ Streams 2.7.0 serves as a replacement for Red Hat AMQ Streams 2.6.0, and includes security and bug fixes, and enhancements.\n\nSecurity Fix(es):\n\n* lz4: memory corruption due to an integer overflow bug caused by memmove argument  (CVE-2021-3520)\n* zstd: Race condition allows attacker to access world-readable destination file (CVE-2021-24032)\n* RocksDB: zstd: mysql: buffer overrun in util.c  (CVE-2022-4899)\n* netty-codec-http: Allocation of Resources Without Limits or Throttling  (CVE-2024-29025)\n* commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file (CVE-2024-25710)\n* apache-commons-text: variable interpolation RCE (CVE-2022-42889)\n* snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact  (CVE-2023-43642)\n* json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)  (CVE-2023-1370)\n*  protobuf-java: timeout in parser leads to DoS (CVE-2022-3171)\n* Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing  (CVE-2022-42920)\n* bc-java: Out of memory while parsing ASN.1 crafted data in org.bouncycastle.openssl.PEMParser class  (CVE-2023-33202)\n* bouncycastle: potential blind LDAP injection attack using a self-signed certificate  (CVE-2023-33201)\n* json-path: stack-based buffer overflow in Criteria.parse method  (CVE-2023-51074)\n* guava: insecure temporary directory creation  (CVE-2023-2976)\n* io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support (CVE-2024-1300)\n* io.vertx/vertx-core: memory leak due to the use of Netty FastThreadLocal data structures in Vertx (CVE-2024-1023)\n* quarkus-core: Leak of local configuration properties into Quarkus applications  (CVE-2024-2700)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:3527",
        "url": "https://access.redhat.com/errata/RHSA-2024:3527"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "1928090",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928090"
      },
      {
        "category": "external",
        "summary": "1954559",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954559"
      },
      {
        "category": "external",
        "summary": "2135435",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
      },
      {
        "category": "external",
        "summary": "2137645",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137645"
      },
      {
        "category": "external",
        "summary": "2142707",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142707"
      },
      {
        "category": "external",
        "summary": "2179864",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179864"
      },
      {
        "category": "external",
        "summary": "2188542",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188542"
      },
      {
        "category": "external",
        "summary": "2215229",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
      },
      {
        "category": "external",
        "summary": "2215465",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215465"
      },
      {
        "category": "external",
        "summary": "2241722",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241722"
      },
      {
        "category": "external",
        "summary": "2251281",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251281"
      },
      {
        "category": "external",
        "summary": "2256063",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063"
      },
      {
        "category": "external",
        "summary": "2260840",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260840"
      },
      {
        "category": "external",
        "summary": "2263139",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263139"
      },
      {
        "category": "external",
        "summary": "2264988",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264988"
      },
      {
        "category": "external",
        "summary": "2272907",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907"
      },
      {
        "category": "external",
        "summary": "2273281",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273281"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5619",
        "url": "https://issues.redhat.com/browse/ENTMQST-5619"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5881",
        "url": "https://issues.redhat.com/browse/ENTMQST-5881"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5882",
        "url": "https://issues.redhat.com/browse/ENTMQST-5882"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5883",
        "url": "https://issues.redhat.com/browse/ENTMQST-5883"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5884",
        "url": "https://issues.redhat.com/browse/ENTMQST-5884"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5885",
        "url": "https://issues.redhat.com/browse/ENTMQST-5885"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5886",
        "url": "https://issues.redhat.com/browse/ENTMQST-5886"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_3527.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat AMQ Streams 2.7.0 release and security update",
    "tracking": {
      "current_release_date": "2025-01-06T20:02:34+00:00",
      "generator": {
        "date": "2025-01-06T20:02:34+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.5"
        }
      },
      "id": "RHSA-2024:3527",
      "initial_release_date": "2024-05-30T20:24:46+00:00",
      "revision_history": [
        {
          "date": "2024-05-30T20:24:46+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-06-25T17:26:45+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-01-06T20:02:34+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat AMQ Streams 2.7.0",
                "product": {
                  "name": "Red Hat AMQ Streams 2.7.0",
                  "product_id": "Red Hat AMQ Streams 2.7.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:amq_streams:2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Streams for Apache Kafka"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-3520",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "discovery_date": "2021-03-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1954559"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "There\u0027s a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "lz4: memory corruption due to an integer overflow bug caused by memmove argument",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw is out of support scope for Red Hat Enterprise Linux 7. To learn more about Red Hat Enterprise Linux support life cycles, please see https://access.redhat.com/support/policy/updates/errata .",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-3520"
        },
        {
          "category": "external",
          "summary": "RHBZ#1954559",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954559"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3520",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3520",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3520"
        }
      ],
      "release_date": "2021-04-28T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "lz4: memory corruption due to an integer overflow bug caused by memmove argument"
    },
    {
      "cve": "CVE-2021-24032",
      "cwe": {
        "id": "CWE-281",
        "name": "Improper Preservation of Permissions"
      },
      "discovery_date": "2021-02-12T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1928090"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in zstd. While the final file mode is reflective of the input file, when compressing or uncompressing, the file can temporarily gain greater permissions than the input and potentially leading to security issues (especially if large files are being handled).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "zstd: Race condition allows attacker to access world-readable destination file",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In OpenShift Container Platform (OCP) the zstd package was delivered in OCP 4.3 which is already end of life.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-24032"
        },
        {
          "category": "external",
          "summary": "RHBZ#1928090",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928090"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-24032",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-24032"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-24032",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-24032"
        }
      ],
      "release_date": "2021-02-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "zstd: Race condition allows attacker to access world-readable destination file"
    },
    {
      "cve": "CVE-2022-3171",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2022-10-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2137645"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "protobuf-java: timeout in parser leads to DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-3171"
        },
        {
          "category": "external",
          "summary": "RHBZ#2137645",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137645"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3171",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3171",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3171"
        },
        {
          "category": "external",
          "summary": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2",
          "url": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2"
        }
      ],
      "release_date": "2022-10-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "protobuf-java: timeout in parser leads to DoS"
    },
    {
      "cve": "CVE-2022-4899",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-01-31T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2179864"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "zstd: mysql: buffer overrun in util.c",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-4899"
        },
        {
          "category": "external",
          "summary": "RHBZ#2179864",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179864"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-4899",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4899",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4899"
        }
      ],
      "release_date": "2022-07-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "zstd: mysql: buffer overrun in util.c"
    },
    {
      "cve": "CVE-2022-42889",
      "cwe": {
        "id": "CWE-1188",
        "name": "Initialization of a Resource with an Insecure Default"
      },
      "discovery_date": "2022-10-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2135435"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9.  The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "apache-commons-text: variable interpolation RCE",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n  - Usage of specific methods that interpolate the variables as described in the flaw\n  - Usage of external input for those methods\n  - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-42889"
        },
        {
          "category": "external",
          "summary": "RHBZ#2135435",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
        },
        {
          "category": "external",
          "summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
          "url": "https://blogs.apache.org/security/entry/cve-2022-42889"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
          "url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
        },
        {
          "category": "external",
          "summary": "https://seclists.org/oss-sec/2022/q4/22",
          "url": "https://seclists.org/oss-sec/2022/q4/22"
        }
      ],
      "release_date": "2022-10-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        },
        {
          "category": "workaround",
          "details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "apache-commons-text: variable interpolation RCE"
    },
    {
      "cve": "CVE-2022-42920",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "discovery_date": "2022-11-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2142707"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An out-of-bounds (OOB) write flaw was found in Apache Commons BCEL API. This flaw can be used to produce arbitrary bytecode and may abuse applications that pass attacker-controlled data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Fuse 7 ships the code in question but does not utilize it in the product, so it is affected at a reduced impact of Moderate.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-42920"
        },
        {
          "category": "external",
          "summary": "RHBZ#2142707",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142707"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42920",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-42920"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42920",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42920"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4",
          "url": "https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4"
        }
      ],
      "release_date": "2022-11-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing"
    },
    {
      "cve": "CVE-2023-1370",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "discovery_date": "2023-04-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2188542"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the json-smart package. This security flaw occurs when reaching a \u2018[\u2018 or \u2018{\u2018 character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed recursively, nesting too many of them can cause stack exhaustion (stack overflow) and crash the software.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-1370"
        },
        {
          "category": "external",
          "summary": "RHBZ#2188542",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188542"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-1370",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1370",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1370"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-493p-pfq6-5258",
          "url": "https://github.com/advisories/GHSA-493p-pfq6-5258"
        },
        {
          "category": "external",
          "summary": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/",
          "url": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/"
        }
      ],
      "release_date": "2023-03-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)"
    },
    {
      "cve": "CVE-2023-2976",
      "cwe": {
        "id": "CWE-552",
        "name": "Files or Directories Accessible to External Parties"
      },
      "discovery_date": "2023-06-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2215229"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "guava: insecure temporary directory creation",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Single Sign-On 7 ships the affected component as a layered product of Red Hat JBoss Enterprise Application 7, and as such is affected by this flaw. However, Single Sign-On 7 does not use the affected code and is not vulnerable to exploit.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-2976"
        },
        {
          "category": "external",
          "summary": "RHBZ#2215229",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-2976",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976"
        }
      ],
      "release_date": "2023-06-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        },
        {
          "category": "workaround",
          "details": "Temp files should be created with sufficiently non-predictable names and in a secure-permissioned, dedicated temp folder.",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "guava: insecure temporary directory creation"
    },
    {
      "cve": "CVE-2023-33201",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2023-06-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2215465"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Bouncy Castle 1.73. This issue targets the fix of LDAP wild cards. Before the fix there was no validation for the X.500 name of any certificate, subject, or issuer, so the presence of a wild card may lead to information disclosure. This could allow a malicious user to obtain unauthorized information via blind LDAP Injection, exploring the environment and enumerating data. The exploit depends on the structure of the target LDAP directory as well as what kind of errors are exposed to the user.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "bouncycastle: potential  blind LDAP injection attack using a self-signed certificate",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-33201"
        },
        {
          "category": "external",
          "summary": "RHBZ#2215465",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215465"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-33201",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-33201"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-33201",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33201"
        },
        {
          "category": "external",
          "summary": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201",
          "url": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201"
        }
      ],
      "release_date": "2023-06-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "bouncycastle: potential  blind LDAP injection attack using a self-signed certificate"
    },
    {
      "cve": "CVE-2023-33202",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-11-23T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2251281"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Bouncy Castle for the Java pkix module, which is vulnerable to a potential Denial of Service (DoS) issue within the org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "bc-java: Out of memory while parsing ASN.1 crafted data in org.bouncycastle.openssl.PEMParser class",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-33202"
        },
        {
          "category": "external",
          "summary": "RHBZ#2251281",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251281"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-33202",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-33202"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-33202",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33202"
        },
        {
          "category": "external",
          "summary": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33202",
          "url": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33202"
        }
      ],
      "release_date": "2023-11-23T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "bc-java: Out of memory while parsing ASN.1 crafted data in org.bouncycastle.openssl.PEMParser class"
    },
    {
      "cve": "CVE-2023-43642",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2023-09-26T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2241722"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in SnappyInputStream in snappy-java, a data compression library in Java. This issue occurs when decompressing data with a too-large chunk size due to a missing upper bound check on chunk length. An unrecoverable fatal error can occur, resulting in a Denial of Service (DoS).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-43642"
        },
        {
          "category": "external",
          "summary": "RHBZ#2241722",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241722"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-43642",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-43642"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-43642",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43642"
        },
        {
          "category": "external",
          "summary": "https://github.com/xerial/snappy-java/security/advisories/GHSA-55g7-9cwv-5qfv",
          "url": "https://github.com/xerial/snappy-java/security/advisories/GHSA-55g7-9cwv-5qfv"
        }
      ],
      "release_date": "2023-09-26T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact"
    },
    {
      "cve": "CVE-2023-51074",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "discovery_date": "2023-12-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2256063"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A stack overflow vulnerability was found in the Criteria.parse() method in json-path. This issue occurs due to an uncontrolled recursion caused by specially crafted input, leading to a stack overflow. This vulnerability has the potential to trigger a crash, resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "json-path: stack-based buffer overflow in Criteria.parse method",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates this at maximum of a Moderate impact. When interacting with a server to explore this possible vulnerability, the attacker would be the only one seeing a HTTP 500 error and no other user (or the server entirely) would be vulnerable in a real application scenario with multi-threads.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "RHBZ#2256063",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-51074",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "https://github.com/json-path/JsonPath/issues/973",
          "url": "https://github.com/json-path/JsonPath/issues/973"
        }
      ],
      "release_date": "2023-12-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "json-path: stack-based buffer overflow in Criteria.parse method"
    },
    {
      "cve": "CVE-2024-1023",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "discovery_date": "2024-01-29T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2260840"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in the Eclipse Vert.x toolkit results in a memory leak due to using Netty FastThreadLocal data structures. Specifically, when the Vert.x HTTP client establishes connections to different hosts, triggering the memory leak. The leak can be accelerated with intimate runtime knowledge, allowing an attacker to exploit this vulnerability. For instance, a server accepting arbitrary internet addresses could serve as an attack vector by connecting to these addresses, thereby accelerating the memory leak.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "io.vertx/vertx-core: memory leak due to the use of Netty FastThreadLocal data structures in Vertx",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-1023"
        },
        {
          "category": "external",
          "summary": "RHBZ#2260840",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260840"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-1023",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-1023"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1023",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1023"
        },
        {
          "category": "external",
          "summary": "https://github.com/eclipse-vertx/vert.x/issues/5078",
          "url": "https://github.com/eclipse-vertx/vert.x/issues/5078"
        },
        {
          "category": "external",
          "summary": "https://github.com/eclipse-vertx/vert.x/pull/5080",
          "url": "https://github.com/eclipse-vertx/vert.x/pull/5080"
        },
        {
          "category": "external",
          "summary": "https://github.com/eclipse-vertx/vert.x/pull/5082",
          "url": "https://github.com/eclipse-vertx/vert.x/pull/5082"
        }
      ],
      "release_date": "2024-01-26T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "io.vertx/vertx-core: memory leak due to the use of Netty FastThreadLocal data structures in Vertx"
    },
    {
      "cve": "CVE-2024-1300",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "discovery_date": "2024-02-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2263139"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server name map, leading to memory exhaustion. This flaw allows attackers to send TLS client hello messages with fake server names, triggering a JVM out-of-memory error.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This affects only TLS servers with SNI enabled.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-1300"
        },
        {
          "category": "external",
          "summary": "RHBZ#2263139",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263139"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-1300",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-1300"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1300",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1300"
        },
        {
          "category": "external",
          "summary": "https://vertx.io/docs/vertx-core/java/#_server_name_indication_sni.",
          "url": "https://vertx.io/docs/vertx-core/java/#_server_name_indication_sni."
        }
      ],
      "release_date": "2024-02-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support"
    },
    {
      "cve": "CVE-2024-2700",
      "cwe": {
        "id": "CWE-526",
        "name": "Cleartext Storage of Sensitive Information in an Environment Variable"
      },
      "discovery_date": "2024-04-03T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2273281"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the quarkus-core component. Quarkus captures local environment variables from the Quarkus namespace during the application\u0027s build, therefore, running the resulting application inherits the values captured at build time. Some local environment variables may have been set by the developer or CI environment for testing purposes, such as dropping the database during application startup or trusting all TLS certificates to accept self-signed certificates. If these properties are configured using environment variables or the .env facility, they are captured into the built application, which can lead to dangerous behavior if the application does not override these values. This behavior only happens for configuration properties from the `quarkus.*` namespace. Application-specific properties are not captured.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "quarkus-core: Leak of local configuration properties into Quarkus applications",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates this as a Moderate impact vulnerability since this requires an attacker to have direct access to the environment variables to override, and the application must use that environment variable to be jeopardized.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-2700"
        },
        {
          "category": "external",
          "summary": "RHBZ#2273281",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273281"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-2700",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-2700"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-2700",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2700"
        }
      ],
      "release_date": "2024-04-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        },
        {
          "category": "workaround",
          "details": "Currently, no mitigation is available for this vulnerability. Please update as the patches become available.",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "quarkus-core: Leak of local configuration properties into Quarkus applications"
    },
    {
      "cve": "CVE-2024-25710",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "discovery_date": "2024-02-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2264988"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A loop with an unreachable exit condition (Infinite Loop) vulnerability was found in Apache Common Compress. This issue can lead to a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-25710"
        },
        {
          "category": "external",
          "summary": "RHBZ#2264988",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264988"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-25710",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25710",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25710"
        },
        {
          "category": "external",
          "summary": "http://www.openwall.com/lists/oss-security/2024/02/19/1",
          "url": "http://www.openwall.com/lists/oss-security/2024/02/19/1"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/cz8qkcwphy4cx8gltn932ln51cbtq6kf",
          "url": "https://lists.apache.org/thread/cz8qkcwphy4cx8gltn932ln51cbtq6kf"
        }
      ],
      "release_date": "2024-02-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        },
        {
          "category": "workaround",
          "details": "No mitigation is currently available for this vulnerability.",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file"
    },
    {
      "cve": "CVE-2024-29025",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2024-04-03T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2272907"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the io.netty:netty-codec-http package. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling issues due to the accumulation of data in the HttpPostRequestDecoder. The decoder cumulates bytes in the undecodedChunk buffer until it can decode a field, allowing data to accumulate without limits. This flaw allows an attacker to cause a denial of service by sending a chunked post consisting of many small fields that will be accumulated in the bodyListHttpData list.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "netty-codec-http: Allocation of Resources Without Limits or Throttling",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The vulnerability in io.netty:netty-codec-http, allowing for Allocation of Resources Without Limits or Throttling issues, is assessed as moderate severity due to its potential impact on system availability and performance. By exploiting the flaw in HttpPostRequestDecoder, an attacker can craft chunked POST requests with numerous small fields, causing excessive accumulation of data in memory buffers. This unrestricted accumulation can lead to significant memory consumption on the server, potentially exhausting available resources and resulting in denial of service (DoS) conditions.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-29025"
        },
        {
          "category": "external",
          "summary": "RHBZ#2272907",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-29025",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025"
        },
        {
          "category": "external",
          "summary": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3",
          "url": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3"
        },
        {
          "category": "external",
          "summary": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c",
          "url": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c"
        },
        {
          "category": "external",
          "summary": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v",
          "url": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v"
        },
        {
          "category": "external",
          "summary": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812",
          "url": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812"
        }
      ],
      "release_date": "2024-03-25T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "netty-codec-http: Allocation of Resources Without Limits or Throttling"
    }
  ]
}

RHSA-2024:3527

Vulnerability from csaf_redhat

Published

2024-05-30 20:24

Modified

2025-10-23 22:36

Summary

Red Hat Security Advisory: Red Hat AMQ Streams 2.7.0 release and security update

Notes

Topic

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat AMQ Streams 2.7.0 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. \n\nThis release of Red Hat AMQ Streams 2.7.0 serves as a replacement for Red Hat AMQ Streams 2.6.0, and includes security and bug fixes, and enhancements.\n\nSecurity Fix(es):\n\n* lz4: memory corruption due to an integer overflow bug caused by memmove argument  (CVE-2021-3520)\n* zstd: Race condition allows attacker to access world-readable destination file (CVE-2021-24032)\n* RocksDB: zstd: mysql: buffer overrun in util.c  (CVE-2022-4899)\n* netty-codec-http: Allocation of Resources Without Limits or Throttling  (CVE-2024-29025)\n* commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file (CVE-2024-25710)\n* apache-commons-text: variable interpolation RCE (CVE-2022-42889)\n* snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact  (CVE-2023-43642)\n* json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)  (CVE-2023-1370)\n*  protobuf-java: timeout in parser leads to DoS (CVE-2022-3171)\n* Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing  (CVE-2022-42920)\n* bc-java: Out of memory while parsing ASN.1 crafted data in org.bouncycastle.openssl.PEMParser class  (CVE-2023-33202)\n* bouncycastle: potential blind LDAP injection attack using a self-signed certificate  (CVE-2023-33201)\n* json-path: stack-based buffer overflow in Criteria.parse method  (CVE-2023-51074)\n* guava: insecure temporary directory creation  (CVE-2023-2976)\n* io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support (CVE-2024-1300)\n* io.vertx/vertx-core: memory leak due to the use of Netty FastThreadLocal data structures in Vertx (CVE-2024-1023)\n* quarkus-core: Leak of local configuration properties into Quarkus applications  (CVE-2024-2700)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:3527",
        "url": "https://access.redhat.com/errata/RHSA-2024:3527"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "1928090",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928090"
      },
      {
        "category": "external",
        "summary": "1954559",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954559"
      },
      {
        "category": "external",
        "summary": "2135435",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
      },
      {
        "category": "external",
        "summary": "2137645",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137645"
      },
      {
        "category": "external",
        "summary": "2142707",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142707"
      },
      {
        "category": "external",
        "summary": "2179864",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179864"
      },
      {
        "category": "external",
        "summary": "2188542",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188542"
      },
      {
        "category": "external",
        "summary": "2215229",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
      },
      {
        "category": "external",
        "summary": "2215465",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215465"
      },
      {
        "category": "external",
        "summary": "2241722",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241722"
      },
      {
        "category": "external",
        "summary": "2251281",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251281"
      },
      {
        "category": "external",
        "summary": "2256063",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063"
      },
      {
        "category": "external",
        "summary": "2260840",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260840"
      },
      {
        "category": "external",
        "summary": "2263139",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263139"
      },
      {
        "category": "external",
        "summary": "2264988",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264988"
      },
      {
        "category": "external",
        "summary": "2272907",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907"
      },
      {
        "category": "external",
        "summary": "2273281",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273281"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5619",
        "url": "https://issues.redhat.com/browse/ENTMQST-5619"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5881",
        "url": "https://issues.redhat.com/browse/ENTMQST-5881"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5882",
        "url": "https://issues.redhat.com/browse/ENTMQST-5882"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5883",
        "url": "https://issues.redhat.com/browse/ENTMQST-5883"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5884",
        "url": "https://issues.redhat.com/browse/ENTMQST-5884"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5885",
        "url": "https://issues.redhat.com/browse/ENTMQST-5885"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5886",
        "url": "https://issues.redhat.com/browse/ENTMQST-5886"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_3527.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat AMQ Streams 2.7.0 release and security update",
    "tracking": {
      "current_release_date": "2025-10-23T22:36:14+00:00",
      "generator": {
        "date": "2025-10-23T22:36:14+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.9"
        }
      },
      "id": "RHSA-2024:3527",
      "initial_release_date": "2024-05-30T20:24:46+00:00",
      "revision_history": [
        {
          "date": "2024-05-30T20:24:46+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-06-25T17:26:45+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-10-23T22:36:14+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat AMQ Streams 2.7.0",
                "product": {
                  "name": "Red Hat AMQ Streams 2.7.0",
                  "product_id": "Red Hat AMQ Streams 2.7.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:amq_streams:2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Streams for Apache Kafka"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-3520",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "discovery_date": "2021-03-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1954559"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "There\u0027s a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "lz4: memory corruption due to an integer overflow bug caused by memmove argument",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw is out of support scope for Red Hat Enterprise Linux 7. To learn more about Red Hat Enterprise Linux support life cycles, please see https://access.redhat.com/support/policy/updates/errata .",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-3520"
        },
        {
          "category": "external",
          "summary": "RHBZ#1954559",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954559"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3520",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3520",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3520"
        }
      ],
      "release_date": "2021-04-28T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "lz4: memory corruption due to an integer overflow bug caused by memmove argument"
    },
    {
      "cve": "CVE-2021-24032",
      "cwe": {
        "id": "CWE-281",
        "name": "Improper Preservation of Permissions"
      },
      "discovery_date": "2021-02-12T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1928090"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in zstd. While the final file mode is reflective of the input file, when compressing or uncompressing, the file can temporarily gain greater permissions than the input and potentially leading to security issues (especially if large files are being handled).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "zstd: Race condition allows attacker to access world-readable destination file",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In OpenShift Container Platform (OCP) the zstd package was delivered in OCP 4.3 which is already end of life.\n\nThis vulnerability can be considered low severity rather than moderate due to the fact that the elevated file permissions are only temporary and only exist during the compression or decompression process. Once the operation completes, the file permissions revert to their intended state, mirroring those of the input file. The risk is further minimized by the fact that the exposure window is brief, and the elevated permissions are not persistent. Additionally, the issue only arises during the processing of files, and only those with larger sizes or more involved operations would be at risk.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-24032"
        },
        {
          "category": "external",
          "summary": "RHBZ#1928090",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928090"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-24032",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-24032"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-24032",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-24032"
        }
      ],
      "release_date": "2021-02-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "zstd: Race condition allows attacker to access world-readable destination file"
    },
    {
      "cve": "CVE-2022-3171",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2022-10-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2137645"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "protobuf-java: timeout in parser leads to DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-3171"
        },
        {
          "category": "external",
          "summary": "RHBZ#2137645",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137645"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3171",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3171",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3171"
        },
        {
          "category": "external",
          "summary": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2",
          "url": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2"
        }
      ],
      "release_date": "2022-10-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "protobuf-java: timeout in parser leads to DoS"
    },
    {
      "cve": "CVE-2022-4899",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-01-31T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2179864"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in zstd. This flaw allows an attacker to supply an empty string as an argument to the command line tool to cause a buffer overrun.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "zstd: mysql: buffer overrun in util.c",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as Moderate because a buffer overrun in Zstd can be triggered by supplying an empty string as an argument to the command-line tool. On exploitation, it could lead to application crashes or unpredictable behavior.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-4899"
        },
        {
          "category": "external",
          "summary": "RHBZ#2179864",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179864"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-4899",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4899",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4899"
        }
      ],
      "release_date": "2022-07-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "zstd: mysql: buffer overrun in util.c"
    },
    {
      "cve": "CVE-2022-42889",
      "cwe": {
        "id": "CWE-1188",
        "name": "Initialization of a Resource with an Insecure Default"
      },
      "discovery_date": "2022-10-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2135435"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9.  The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "apache-commons-text: variable interpolation RCE",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n  - Usage of specific methods that interpolate the variables as described in the flaw\n  - Usage of external input for those methods\n  - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-42889"
        },
        {
          "category": "external",
          "summary": "RHBZ#2135435",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
        },
        {
          "category": "external",
          "summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
          "url": "https://blogs.apache.org/security/entry/cve-2022-42889"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
          "url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
        },
        {
          "category": "external",
          "summary": "https://seclists.org/oss-sec/2022/q4/22",
          "url": "https://seclists.org/oss-sec/2022/q4/22"
        }
      ],
      "release_date": "2022-10-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        },
        {
          "category": "workaround",
          "details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "apache-commons-text: variable interpolation RCE"
    },
    {
      "cve": "CVE-2022-42920",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "discovery_date": "2022-11-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2142707"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An out-of-bounds (OOB) write flaw was found in Apache Commons BCEL API. This flaw can be used to produce arbitrary bytecode and may abuse applications that pass attacker-controlled data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Fuse 7 ships the code in question but does not utilize it in the product, so it is affected at a reduced impact of Moderate.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-42920"
        },
        {
          "category": "external",
          "summary": "RHBZ#2142707",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142707"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42920",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-42920"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42920",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42920"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4",
          "url": "https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4"
        }
      ],
      "release_date": "2022-11-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing"
    },
    {
      "cve": "CVE-2023-1370",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "discovery_date": "2023-04-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2188542"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the json-smart package. This security flaw occurs when reaching a \u2018[\u2018 or \u2018{\u2018 character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed recursively, nesting too many of them can cause stack exhaustion (stack overflow) and crash the software.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-1370"
        },
        {
          "category": "external",
          "summary": "RHBZ#2188542",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188542"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-1370",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1370",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1370"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-493p-pfq6-5258",
          "url": "https://github.com/advisories/GHSA-493p-pfq6-5258"
        },
        {
          "category": "external",
          "summary": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/",
          "url": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/"
        }
      ],
      "release_date": "2023-03-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)"
    },
    {
      "cve": "CVE-2023-2976",
      "cwe": {
        "id": "CWE-552",
        "name": "Files or Directories Accessible to External Parties"
      },
      "discovery_date": "2023-06-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2215229"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "guava: insecure temporary directory creation",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Single Sign-On 7 ships the affected component as a layered product of Red Hat JBoss Enterprise Application 7, and as such is affected by this flaw. However, Single Sign-On 7 does not use the affected code and is not vulnerable to exploit.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-2976"
        },
        {
          "category": "external",
          "summary": "RHBZ#2215229",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-2976",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976"
        }
      ],
      "release_date": "2023-06-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        },
        {
          "category": "workaround",
          "details": "Temp files should be created with sufficiently non-predictable names and in a secure-permissioned, dedicated temp folder.",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "guava: insecure temporary directory creation"
    },
    {
      "cve": "CVE-2023-33201",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2023-06-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2215465"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Bouncy Castle 1.73. This issue targets the fix of LDAP wild cards. Before the fix there was no validation for the X.500 name of any certificate, subject, or issuer, so the presence of a wild card may lead to information disclosure. This could allow a malicious user to obtain unauthorized information via blind LDAP Injection, exploring the environment and enumerating data. The exploit depends on the structure of the target LDAP directory as well as what kind of errors are exposed to the user.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "bouncycastle: potential  blind LDAP injection attack using a self-signed certificate",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-33201"
        },
        {
          "category": "external",
          "summary": "RHBZ#2215465",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215465"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-33201",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-33201"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-33201",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33201"
        },
        {
          "category": "external",
          "summary": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201",
          "url": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201"
        }
      ],
      "release_date": "2023-06-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "bouncycastle: potential  blind LDAP injection attack using a self-signed certificate"
    },
    {
      "cve": "CVE-2023-33202",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-11-23T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2251281"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Bouncy Castle for the Java pkix module, which is vulnerable to a potential Denial of Service (DoS) issue within the org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "bc-java: Out of memory while parsing ASN.1 crafted data in org.bouncycastle.openssl.PEMParser class",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-33202"
        },
        {
          "category": "external",
          "summary": "RHBZ#2251281",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251281"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-33202",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-33202"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-33202",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33202"
        },
        {
          "category": "external",
          "summary": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33202",
          "url": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33202"
        }
      ],
      "release_date": "2023-11-23T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "bc-java: Out of memory while parsing ASN.1 crafted data in org.bouncycastle.openssl.PEMParser class"
    },
    {
      "cve": "CVE-2023-43642",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2023-09-26T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2241722"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in SnappyInputStream in snappy-java, a data compression library in Java. This issue occurs when decompressing data with a too-large chunk size due to a missing upper bound check on chunk length. An unrecoverable fatal error can occur, resulting in a Denial of Service (DoS).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-43642"
        },
        {
          "category": "external",
          "summary": "RHBZ#2241722",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241722"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-43642",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-43642"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-43642",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43642"
        },
        {
          "category": "external",
          "summary": "https://github.com/xerial/snappy-java/security/advisories/GHSA-55g7-9cwv-5qfv",
          "url": "https://github.com/xerial/snappy-java/security/advisories/GHSA-55g7-9cwv-5qfv"
        }
      ],
      "release_date": "2023-09-26T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact"
    },
    {
      "cve": "CVE-2023-51074",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "discovery_date": "2023-12-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2256063"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A stack overflow vulnerability was found in the Criteria.parse() method in json-path. This issue occurs due to an uncontrolled recursion caused by specially crafted input, leading to a stack overflow. This vulnerability has the potential to trigger a crash, resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "json-path: stack-based buffer overflow in Criteria.parse method",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates this at maximum of a Moderate impact. When interacting with a server to explore this possible vulnerability, the attacker would be the only one seeing a HTTP 500 error and no other user (or the server entirely) would be vulnerable in a real application scenario with multi-threads.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "RHBZ#2256063",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-51074",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "https://github.com/json-path/JsonPath/issues/973",
          "url": "https://github.com/json-path/JsonPath/issues/973"
        }
      ],
      "release_date": "2023-12-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "json-path: stack-based buffer overflow in Criteria.parse method"
    },
    {
      "cve": "CVE-2024-1023",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "discovery_date": "2024-01-29T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2260840"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in the Eclipse Vert.x toolkit results in a memory leak due to using Netty FastThreadLocal data structures. Specifically, when the Vert.x HTTP client establishes connections to different hosts, triggering the memory leak. The leak can be accelerated with intimate runtime knowledge, allowing an attacker to exploit this vulnerability. For instance, a server accepting arbitrary internet addresses could serve as an attack vector by connecting to these addresses, thereby accelerating the memory leak.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "io.vertx/vertx-core: memory leak due to the use of Netty FastThreadLocal data structures in Vertx",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-1023"
        },
        {
          "category": "external",
          "summary": "RHBZ#2260840",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260840"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-1023",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-1023"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1023",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1023"
        },
        {
          "category": "external",
          "summary": "https://github.com/eclipse-vertx/vert.x/issues/5078",
          "url": "https://github.com/eclipse-vertx/vert.x/issues/5078"
        },
        {
          "category": "external",
          "summary": "https://github.com/eclipse-vertx/vert.x/pull/5080",
          "url": "https://github.com/eclipse-vertx/vert.x/pull/5080"
        },
        {
          "category": "external",
          "summary": "https://github.com/eclipse-vertx/vert.x/pull/5082",
          "url": "https://github.com/eclipse-vertx/vert.x/pull/5082"
        }
      ],
      "release_date": "2024-01-26T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "io.vertx/vertx-core: memory leak due to the use of Netty FastThreadLocal data structures in Vertx"
    },
    {
      "cve": "CVE-2024-1300",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "discovery_date": "2024-02-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2263139"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server name map, leading to memory exhaustion. This flaw allows attackers to send TLS client hello messages with fake server names, triggering a JVM out-of-memory error.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This affects only TLS servers with SNI enabled.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-1300"
        },
        {
          "category": "external",
          "summary": "RHBZ#2263139",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263139"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-1300",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-1300"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1300",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1300"
        },
        {
          "category": "external",
          "summary": "https://vertx.io/docs/vertx-core/java/#_server_name_indication_sni.",
          "url": "https://vertx.io/docs/vertx-core/java/#_server_name_indication_sni."
        }
      ],
      "release_date": "2024-02-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support"
    },
    {
      "cve": "CVE-2024-2700",
      "cwe": {
        "id": "CWE-526",
        "name": "Cleartext Storage of Sensitive Information in an Environment Variable"
      },
      "discovery_date": "2024-04-03T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2273281"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the quarkus-core component. Quarkus captures local environment variables from the Quarkus namespace during the application\u0027s build, therefore, running the resulting application inherits the values captured at build time. Some local environment variables may have been set by the developer or CI environment for testing purposes, such as dropping the database during application startup or trusting all TLS certificates to accept self-signed certificates. If these properties are configured using environment variables or the .env facility, they are captured into the built application, which can lead to dangerous behavior if the application does not override these values. This behavior only happens for configuration properties from the `quarkus.*` namespace. Application-specific properties are not captured.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "quarkus-core: Leak of local configuration properties into Quarkus applications",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates this as a Moderate impact vulnerability since this requires an attacker to have direct access to the environment variables to override, and the application must use that environment variable to be jeopardized.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-2700"
        },
        {
          "category": "external",
          "summary": "RHBZ#2273281",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273281"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-2700",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-2700"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-2700",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2700"
        }
      ],
      "release_date": "2024-04-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        },
        {
          "category": "workaround",
          "details": "Currently, no mitigation is available for this vulnerability. Please update as the patches become available.",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "quarkus-core: Leak of local configuration properties into Quarkus applications"
    },
    {
      "cve": "CVE-2024-25710",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "discovery_date": "2024-02-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2264988"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A loop with an unreachable exit condition (Infinite Loop) vulnerability was found in Apache Common Compress. This issue can lead to a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-25710"
        },
        {
          "category": "external",
          "summary": "RHBZ#2264988",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264988"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-25710",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25710",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25710"
        },
        {
          "category": "external",
          "summary": "http://www.openwall.com/lists/oss-security/2024/02/19/1",
          "url": "http://www.openwall.com/lists/oss-security/2024/02/19/1"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/cz8qkcwphy4cx8gltn932ln51cbtq6kf",
          "url": "https://lists.apache.org/thread/cz8qkcwphy4cx8gltn932ln51cbtq6kf"
        }
      ],
      "release_date": "2024-02-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        },
        {
          "category": "workaround",
          "details": "No mitigation is currently available for this vulnerability.",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file"
    },
    {
      "cve": "CVE-2024-29025",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2024-04-03T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2272907"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the io.netty:netty-codec-http package. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling issues due to the accumulation of data in the HttpPostRequestDecoder. The decoder cumulates bytes in the undecodedChunk buffer until it can decode a field, allowing data to accumulate without limits. This flaw allows an attacker to cause a denial of service by sending a chunked post consisting of many small fields that will be accumulated in the bodyListHttpData list.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "netty-codec-http: Allocation of Resources Without Limits or Throttling",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The vulnerability in io.netty:netty-codec-http, allowing for Allocation of Resources Without Limits or Throttling issues, is assessed as moderate severity due to its potential impact on system availability and performance. By exploiting the flaw in HttpPostRequestDecoder, an attacker can craft chunked POST requests with numerous small fields, causing excessive accumulation of data in memory buffers. This unrestricted accumulation can lead to significant memory consumption on the server, potentially exhausting available resources and resulting in denial of service (DoS) conditions.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-29025"
        },
        {
          "category": "external",
          "summary": "RHBZ#2272907",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-29025",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025"
        },
        {
          "category": "external",
          "summary": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3",
          "url": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3"
        },
        {
          "category": "external",
          "summary": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c",
          "url": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c"
        },
        {
          "category": "external",
          "summary": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v",
          "url": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v"
        },
        {
          "category": "external",
          "summary": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812",
          "url": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812"
        }
      ],
      "release_date": "2024-03-25T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "netty-codec-http: Allocation of Resources Without Limits or Throttling"
    }
  ]
}

rhsa-2024:0792

Vulnerability from csaf_redhat

Published

2024-02-12 17:37

Modified

2025-09-25 22:01

Summary

Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.20.5 release and security update

Notes

Topic

Red Hat Integration Camel for Spring Boot 3.20.5 release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

A security update for 3.20.5 is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Security Fix(es): * json-path: stack-based buffer overflow in Criteria.parse method (CVE-2023-51074) A Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat Integration Camel for Spring Boot 3.20.5 release and security update is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "A security update for 3.20.5 is now available.\n\nThe purpose of this text-only errata is to inform you about the security issues fixed.\n\nSecurity Fix(es):\n\n* json-path: stack-based buffer overflow in Criteria.parse method (CVE-2023-51074)\n\nA Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:0792",
        "url": "https://access.redhat.com/errata/RHSA-2024:0792"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "2256063",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0792.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.20.5 release and security update",
    "tracking": {
      "current_release_date": "2025-09-25T22:01:46+00:00",
      "generator": {
        "date": "2025-09-25T22:01:46+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.8"
        }
      },
      "id": "RHSA-2024:0792",
      "initial_release_date": "2024-02-12T17:37:59+00:00",
      "revision_history": [
        {
          "date": "2024-02-12T17:37:59+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-02-12T17:37:59+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-09-25T22:01:46+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "RHINT Camel-Springboot 3.20.5",
                "product": {
                  "name": "RHINT Camel-Springboot 3.20.5",
                  "product_id": "RHINT Camel-Springboot 3.20.5",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:camel_spring_boot:3.20.5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Integration"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-51074",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "discovery_date": "2023-12-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2256063"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A stack overflow vulnerability was found in the Criteria.parse() method in json-path. This issue occurs due to an uncontrolled recursion caused by specially crafted input, leading to a stack overflow. This vulnerability has the potential to trigger a crash, resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "json-path: stack-based buffer overflow in Criteria.parse method",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates this at maximum of a Moderate impact. When interacting with a server to explore this possible vulnerability, the attacker would be the only one seeing a HTTP 500 error and no other user (or the server entirely) would be vulnerable in a real application scenario with multi-threads.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "RHINT Camel-Springboot 3.20.5"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "RHBZ#2256063",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-51074",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "https://github.com/json-path/JsonPath/issues/973",
          "url": "https://github.com/json-path/JsonPath/issues/973"
        }
      ],
      "release_date": "2023-12-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-02-12T17:37:59+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "RHINT Camel-Springboot 3.20.5"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0792"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "RHINT Camel-Springboot 3.20.5"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "json-path: stack-based buffer overflow in Criteria.parse method"
    }
  ]
}

RHSA-2024:0789

Vulnerability from csaf_redhat

Published

2024-02-12 16:02

Modified

2025-10-28 19:51

Summary

Red Hat Security Advisory: Red Hat Build of Apache Camel 4.0 for Quarkus 3.2 release (RHBQ 3.2.10.Final)

Notes

Topic

An update for Red Hat Build of Apache Camel 4.0 for Quarkus 3.2 is now available (updates to RHBQ 3.2.10.Final). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

An update for Red Hat Build of Apache Camel 4.0 for Quarkus 3.2 is now available (updates to RHBQ 3.2.10.Final). The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Security Fix(es): * parsson: Denial of Service due to large number parsing (CVE-2023-4043) * santuario: Private Key disclosure in debug-log output (CVE-2023-44483) * ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795) * json-path: stack-based buffer overflow in Criteria.parse method (CVE-2023-51074) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for Red Hat Build of Apache Camel 4.0 for Quarkus 3.2 is now available (updates to RHBQ 3.2.10.Final).\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "An update for Red Hat Build of Apache Camel 4.0 for Quarkus 3.2 is now available (updates to RHBQ 3.2.10.Final). The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products.\n\nSecurity Fix(es):\n\n* parsson: Denial of Service due to large number parsing (CVE-2023-4043)\n\n* santuario: Private Key disclosure in debug-log output (CVE-2023-44483)\n\n* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)\n\n* json-path: stack-based buffer overflow in Criteria.parse method (CVE-2023-51074)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:0789",
        "url": "https://access.redhat.com/errata/RHSA-2024:0789"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=rhboac\u0026downloadType=distributions\u0026version=4.0.x",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=rhboac\u0026downloadType=distributions\u0026version=4.0.x"
      },
      {
        "category": "external",
        "summary": "2246070",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246070"
      },
      {
        "category": "external",
        "summary": "2254210",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
      },
      {
        "category": "external",
        "summary": "2254594",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254594"
      },
      {
        "category": "external",
        "summary": "2256063",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0789.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Build of Apache Camel 4.0 for Quarkus 3.2 release (RHBQ 3.2.10.Final)",
    "tracking": {
      "current_release_date": "2025-10-28T19:51:29+00:00",
      "generator": {
        "date": "2025-10-28T19:51:29+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.10"
        }
      },
      "id": "RHSA-2024:0789",
      "initial_release_date": "2024-02-12T16:02:02+00:00",
      "revision_history": [
        {
          "date": "2024-02-12T16:02:02+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-02-12T16:02:02+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-10-28T19:51:29+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)",
                "product": {
                  "name": "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)",
                  "product_id": "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:camel_quarkus:3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Integration"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-4043",
      "cwe": {
        "id": "CWE-834",
        "name": "Excessive Iteration"
      },
      "discovery_date": "2023-12-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2254594"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Eclipse Parsson library when processing untrusted source content. This issue may cause a Denial of Service (DoS) due to built-in support for parsing numbers with a large scale, and some cases where processing a large number may take much more time than expected.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "parsson: Denial of Service due to large number parsing",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates this as an important impact since one needs to process untrusted and if there is no sanitization a Denial of Service (DoS) may happen.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-4043"
        },
        {
          "category": "external",
          "summary": "RHBZ#2254594",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254594"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-4043",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-4043"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4043",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4043"
        }
      ],
      "release_date": "2023-11-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-02-12T16:02:02+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0789"
        },
        {
          "category": "workaround",
          "details": "Avoid processing untrusted sources content in order to minimize the chance for Denial of Service attack.",
          "product_ids": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "parsson: Denial of Service due to large number parsing"
    },
    {
      "cve": "CVE-2023-44483",
      "cwe": {
        "id": "CWE-532",
        "name": "Insertion of Sensitive Information into Log File"
      },
      "discovery_date": "2023-10-25T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2246070"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "All versions of Apache Santuario - XML Security for Java prior to 2.2.6, 2.3.4, and 3.0.3, when using the JSR 105 API, are vulnerable to an issue where a private key may be disclosed in log files when generating an XML Signature and logging with debug level is enabled.\u00a0Users are recommended to upgrade to version 2.2.6, 2.3.4, or 3.0.3, which fixes this issue.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "santuario: Private Key disclosure in debug-log output",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-44483"
        },
        {
          "category": "external",
          "summary": "RHBZ#2246070",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246070"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-44483",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-44483"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44483",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44483"
        },
        {
          "category": "external",
          "summary": "http://www.openwall.com/lists/oss-security/2023/10/20/5",
          "url": "http://www.openwall.com/lists/oss-security/2023/10/20/5"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/vmqbp9mfxtrf0kmbnnmbn3h9j6dr9q55",
          "url": "https://lists.apache.org/thread/vmqbp9mfxtrf0kmbnnmbn3h9j6dr9q55"
        }
      ],
      "release_date": "2023-10-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-02-12T16:02:02+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0789"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "santuario: Private Key disclosure in debug-log output"
    },
    {
      "cve": "CVE-2023-48795",
      "cwe": {
        "id": "CWE-222",
        "name": "Truncation of Security-relevant Information"
      },
      "discovery_date": "2023-12-12T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2254210"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-48795"
        },
        {
          "category": "external",
          "summary": "RHBZ#2254210",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/solutions/7071748",
          "url": "https://access.redhat.com/solutions/7071748"
        },
        {
          "category": "external",
          "summary": "https://terrapin-attack.com/",
          "url": "https://terrapin-attack.com/"
        }
      ],
      "release_date": "2023-12-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-02-12T16:02:02+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0789"
        },
        {
          "category": "workaround",
          "details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748",
          "product_ids": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)"
    },
    {
      "cve": "CVE-2023-51074",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "discovery_date": "2023-12-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2256063"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A stack overflow vulnerability was found in the Criteria.parse() method in json-path. This issue occurs due to an uncontrolled recursion caused by specially crafted input, leading to a stack overflow. This vulnerability has the potential to trigger a crash, resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "json-path: stack-based buffer overflow in Criteria.parse method",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates this at maximum of a Moderate impact. When interacting with a server to explore this possible vulnerability, the attacker would be the only one seeing a HTTP 500 error and no other user (or the server entirely) would be vulnerable in a real application scenario with multi-threads.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "RHBZ#2256063",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-51074",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "https://github.com/json-path/JsonPath/issues/973",
          "url": "https://github.com/json-path/JsonPath/issues/973"
        }
      ],
      "release_date": "2023-12-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-02-12T16:02:02+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0789"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "json-path: stack-based buffer overflow in Criteria.parse method"
    }
  ]
}

rhsa-2024:3527

Vulnerability from csaf_redhat

Published

2024-05-30 20:24

Modified

2025-10-23 22:36

Summary

Red Hat Security Advisory: Red Hat AMQ Streams 2.7.0 release and security update

Notes

Topic

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat AMQ Streams 2.7.0 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. \n\nThis release of Red Hat AMQ Streams 2.7.0 serves as a replacement for Red Hat AMQ Streams 2.6.0, and includes security and bug fixes, and enhancements.\n\nSecurity Fix(es):\n\n* lz4: memory corruption due to an integer overflow bug caused by memmove argument  (CVE-2021-3520)\n* zstd: Race condition allows attacker to access world-readable destination file (CVE-2021-24032)\n* RocksDB: zstd: mysql: buffer overrun in util.c  (CVE-2022-4899)\n* netty-codec-http: Allocation of Resources Without Limits or Throttling  (CVE-2024-29025)\n* commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file (CVE-2024-25710)\n* apache-commons-text: variable interpolation RCE (CVE-2022-42889)\n* snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact  (CVE-2023-43642)\n* json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)  (CVE-2023-1370)\n*  protobuf-java: timeout in parser leads to DoS (CVE-2022-3171)\n* Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing  (CVE-2022-42920)\n* bc-java: Out of memory while parsing ASN.1 crafted data in org.bouncycastle.openssl.PEMParser class  (CVE-2023-33202)\n* bouncycastle: potential blind LDAP injection attack using a self-signed certificate  (CVE-2023-33201)\n* json-path: stack-based buffer overflow in Criteria.parse method  (CVE-2023-51074)\n* guava: insecure temporary directory creation  (CVE-2023-2976)\n* io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support (CVE-2024-1300)\n* io.vertx/vertx-core: memory leak due to the use of Netty FastThreadLocal data structures in Vertx (CVE-2024-1023)\n* quarkus-core: Leak of local configuration properties into Quarkus applications  (CVE-2024-2700)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:3527",
        "url": "https://access.redhat.com/errata/RHSA-2024:3527"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "1928090",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928090"
      },
      {
        "category": "external",
        "summary": "1954559",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954559"
      },
      {
        "category": "external",
        "summary": "2135435",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
      },
      {
        "category": "external",
        "summary": "2137645",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137645"
      },
      {
        "category": "external",
        "summary": "2142707",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142707"
      },
      {
        "category": "external",
        "summary": "2179864",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179864"
      },
      {
        "category": "external",
        "summary": "2188542",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188542"
      },
      {
        "category": "external",
        "summary": "2215229",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
      },
      {
        "category": "external",
        "summary": "2215465",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215465"
      },
      {
        "category": "external",
        "summary": "2241722",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241722"
      },
      {
        "category": "external",
        "summary": "2251281",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251281"
      },
      {
        "category": "external",
        "summary": "2256063",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063"
      },
      {
        "category": "external",
        "summary": "2260840",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260840"
      },
      {
        "category": "external",
        "summary": "2263139",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263139"
      },
      {
        "category": "external",
        "summary": "2264988",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264988"
      },
      {
        "category": "external",
        "summary": "2272907",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907"
      },
      {
        "category": "external",
        "summary": "2273281",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273281"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5619",
        "url": "https://issues.redhat.com/browse/ENTMQST-5619"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5881",
        "url": "https://issues.redhat.com/browse/ENTMQST-5881"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5882",
        "url": "https://issues.redhat.com/browse/ENTMQST-5882"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5883",
        "url": "https://issues.redhat.com/browse/ENTMQST-5883"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5884",
        "url": "https://issues.redhat.com/browse/ENTMQST-5884"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5885",
        "url": "https://issues.redhat.com/browse/ENTMQST-5885"
      },
      {
        "category": "external",
        "summary": "ENTMQST-5886",
        "url": "https://issues.redhat.com/browse/ENTMQST-5886"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_3527.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat AMQ Streams 2.7.0 release and security update",
    "tracking": {
      "current_release_date": "2025-10-23T22:36:14+00:00",
      "generator": {
        "date": "2025-10-23T22:36:14+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.9"
        }
      },
      "id": "RHSA-2024:3527",
      "initial_release_date": "2024-05-30T20:24:46+00:00",
      "revision_history": [
        {
          "date": "2024-05-30T20:24:46+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-06-25T17:26:45+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-10-23T22:36:14+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat AMQ Streams 2.7.0",
                "product": {
                  "name": "Red Hat AMQ Streams 2.7.0",
                  "product_id": "Red Hat AMQ Streams 2.7.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:amq_streams:2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Streams for Apache Kafka"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-3520",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "discovery_date": "2021-03-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1954559"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "There\u0027s a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "lz4: memory corruption due to an integer overflow bug caused by memmove argument",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw is out of support scope for Red Hat Enterprise Linux 7. To learn more about Red Hat Enterprise Linux support life cycles, please see https://access.redhat.com/support/policy/updates/errata .",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-3520"
        },
        {
          "category": "external",
          "summary": "RHBZ#1954559",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954559"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3520",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3520",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3520"
        }
      ],
      "release_date": "2021-04-28T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "lz4: memory corruption due to an integer overflow bug caused by memmove argument"
    },
    {
      "cve": "CVE-2021-24032",
      "cwe": {
        "id": "CWE-281",
        "name": "Improper Preservation of Permissions"
      },
      "discovery_date": "2021-02-12T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1928090"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in zstd. While the final file mode is reflective of the input file, when compressing or uncompressing, the file can temporarily gain greater permissions than the input and potentially leading to security issues (especially if large files are being handled).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "zstd: Race condition allows attacker to access world-readable destination file",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In OpenShift Container Platform (OCP) the zstd package was delivered in OCP 4.3 which is already end of life.\n\nThis vulnerability can be considered low severity rather than moderate due to the fact that the elevated file permissions are only temporary and only exist during the compression or decompression process. Once the operation completes, the file permissions revert to their intended state, mirroring those of the input file. The risk is further minimized by the fact that the exposure window is brief, and the elevated permissions are not persistent. Additionally, the issue only arises during the processing of files, and only those with larger sizes or more involved operations would be at risk.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-24032"
        },
        {
          "category": "external",
          "summary": "RHBZ#1928090",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928090"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-24032",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-24032"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-24032",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-24032"
        }
      ],
      "release_date": "2021-02-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "zstd: Race condition allows attacker to access world-readable destination file"
    },
    {
      "cve": "CVE-2022-3171",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2022-10-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2137645"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "protobuf-java: timeout in parser leads to DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-3171"
        },
        {
          "category": "external",
          "summary": "RHBZ#2137645",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137645"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3171",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3171",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3171"
        },
        {
          "category": "external",
          "summary": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2",
          "url": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2"
        }
      ],
      "release_date": "2022-10-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "protobuf-java: timeout in parser leads to DoS"
    },
    {
      "cve": "CVE-2022-4899",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-01-31T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2179864"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in zstd. This flaw allows an attacker to supply an empty string as an argument to the command line tool to cause a buffer overrun.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "zstd: mysql: buffer overrun in util.c",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as Moderate because a buffer overrun in Zstd can be triggered by supplying an empty string as an argument to the command-line tool. On exploitation, it could lead to application crashes or unpredictable behavior.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-4899"
        },
        {
          "category": "external",
          "summary": "RHBZ#2179864",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179864"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-4899",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4899",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4899"
        }
      ],
      "release_date": "2022-07-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "zstd: mysql: buffer overrun in util.c"
    },
    {
      "cve": "CVE-2022-42889",
      "cwe": {
        "id": "CWE-1188",
        "name": "Initialization of a Resource with an Insecure Default"
      },
      "discovery_date": "2022-10-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2135435"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9.  The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "apache-commons-text: variable interpolation RCE",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n  - Usage of specific methods that interpolate the variables as described in the flaw\n  - Usage of external input for those methods\n  - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-42889"
        },
        {
          "category": "external",
          "summary": "RHBZ#2135435",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
        },
        {
          "category": "external",
          "summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
          "url": "https://blogs.apache.org/security/entry/cve-2022-42889"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
          "url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
        },
        {
          "category": "external",
          "summary": "https://seclists.org/oss-sec/2022/q4/22",
          "url": "https://seclists.org/oss-sec/2022/q4/22"
        }
      ],
      "release_date": "2022-10-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        },
        {
          "category": "workaround",
          "details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "apache-commons-text: variable interpolation RCE"
    },
    {
      "cve": "CVE-2022-42920",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "discovery_date": "2022-11-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2142707"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An out-of-bounds (OOB) write flaw was found in Apache Commons BCEL API. This flaw can be used to produce arbitrary bytecode and may abuse applications that pass attacker-controlled data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Fuse 7 ships the code in question but does not utilize it in the product, so it is affected at a reduced impact of Moderate.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-42920"
        },
        {
          "category": "external",
          "summary": "RHBZ#2142707",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142707"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42920",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-42920"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42920",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42920"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4",
          "url": "https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4"
        }
      ],
      "release_date": "2022-11-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing"
    },
    {
      "cve": "CVE-2023-1370",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "discovery_date": "2023-04-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2188542"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the json-smart package. This security flaw occurs when reaching a \u2018[\u2018 or \u2018{\u2018 character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed recursively, nesting too many of them can cause stack exhaustion (stack overflow) and crash the software.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-1370"
        },
        {
          "category": "external",
          "summary": "RHBZ#2188542",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188542"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-1370",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1370",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1370"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-493p-pfq6-5258",
          "url": "https://github.com/advisories/GHSA-493p-pfq6-5258"
        },
        {
          "category": "external",
          "summary": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/",
          "url": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/"
        }
      ],
      "release_date": "2023-03-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)"
    },
    {
      "cve": "CVE-2023-2976",
      "cwe": {
        "id": "CWE-552",
        "name": "Files or Directories Accessible to External Parties"
      },
      "discovery_date": "2023-06-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2215229"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "guava: insecure temporary directory creation",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Single Sign-On 7 ships the affected component as a layered product of Red Hat JBoss Enterprise Application 7, and as such is affected by this flaw. However, Single Sign-On 7 does not use the affected code and is not vulnerable to exploit.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-2976"
        },
        {
          "category": "external",
          "summary": "RHBZ#2215229",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-2976",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976"
        }
      ],
      "release_date": "2023-06-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        },
        {
          "category": "workaround",
          "details": "Temp files should be created with sufficiently non-predictable names and in a secure-permissioned, dedicated temp folder.",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "guava: insecure temporary directory creation"
    },
    {
      "cve": "CVE-2023-33201",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2023-06-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2215465"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Bouncy Castle 1.73. This issue targets the fix of LDAP wild cards. Before the fix there was no validation for the X.500 name of any certificate, subject, or issuer, so the presence of a wild card may lead to information disclosure. This could allow a malicious user to obtain unauthorized information via blind LDAP Injection, exploring the environment and enumerating data. The exploit depends on the structure of the target LDAP directory as well as what kind of errors are exposed to the user.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "bouncycastle: potential  blind LDAP injection attack using a self-signed certificate",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-33201"
        },
        {
          "category": "external",
          "summary": "RHBZ#2215465",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215465"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-33201",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-33201"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-33201",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33201"
        },
        {
          "category": "external",
          "summary": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201",
          "url": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201"
        }
      ],
      "release_date": "2023-06-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "bouncycastle: potential  blind LDAP injection attack using a self-signed certificate"
    },
    {
      "cve": "CVE-2023-33202",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-11-23T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2251281"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Bouncy Castle for the Java pkix module, which is vulnerable to a potential Denial of Service (DoS) issue within the org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "bc-java: Out of memory while parsing ASN.1 crafted data in org.bouncycastle.openssl.PEMParser class",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-33202"
        },
        {
          "category": "external",
          "summary": "RHBZ#2251281",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251281"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-33202",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-33202"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-33202",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33202"
        },
        {
          "category": "external",
          "summary": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33202",
          "url": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33202"
        }
      ],
      "release_date": "2023-11-23T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "bc-java: Out of memory while parsing ASN.1 crafted data in org.bouncycastle.openssl.PEMParser class"
    },
    {
      "cve": "CVE-2023-43642",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2023-09-26T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2241722"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in SnappyInputStream in snappy-java, a data compression library in Java. This issue occurs when decompressing data with a too-large chunk size due to a missing upper bound check on chunk length. An unrecoverable fatal error can occur, resulting in a Denial of Service (DoS).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-43642"
        },
        {
          "category": "external",
          "summary": "RHBZ#2241722",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241722"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-43642",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-43642"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-43642",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43642"
        },
        {
          "category": "external",
          "summary": "https://github.com/xerial/snappy-java/security/advisories/GHSA-55g7-9cwv-5qfv",
          "url": "https://github.com/xerial/snappy-java/security/advisories/GHSA-55g7-9cwv-5qfv"
        }
      ],
      "release_date": "2023-09-26T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact"
    },
    {
      "cve": "CVE-2023-51074",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "discovery_date": "2023-12-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2256063"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A stack overflow vulnerability was found in the Criteria.parse() method in json-path. This issue occurs due to an uncontrolled recursion caused by specially crafted input, leading to a stack overflow. This vulnerability has the potential to trigger a crash, resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "json-path: stack-based buffer overflow in Criteria.parse method",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates this at maximum of a Moderate impact. When interacting with a server to explore this possible vulnerability, the attacker would be the only one seeing a HTTP 500 error and no other user (or the server entirely) would be vulnerable in a real application scenario with multi-threads.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "RHBZ#2256063",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-51074",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "https://github.com/json-path/JsonPath/issues/973",
          "url": "https://github.com/json-path/JsonPath/issues/973"
        }
      ],
      "release_date": "2023-12-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "json-path: stack-based buffer overflow in Criteria.parse method"
    },
    {
      "cve": "CVE-2024-1023",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "discovery_date": "2024-01-29T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2260840"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in the Eclipse Vert.x toolkit results in a memory leak due to using Netty FastThreadLocal data structures. Specifically, when the Vert.x HTTP client establishes connections to different hosts, triggering the memory leak. The leak can be accelerated with intimate runtime knowledge, allowing an attacker to exploit this vulnerability. For instance, a server accepting arbitrary internet addresses could serve as an attack vector by connecting to these addresses, thereby accelerating the memory leak.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "io.vertx/vertx-core: memory leak due to the use of Netty FastThreadLocal data structures in Vertx",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-1023"
        },
        {
          "category": "external",
          "summary": "RHBZ#2260840",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260840"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-1023",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-1023"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1023",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1023"
        },
        {
          "category": "external",
          "summary": "https://github.com/eclipse-vertx/vert.x/issues/5078",
          "url": "https://github.com/eclipse-vertx/vert.x/issues/5078"
        },
        {
          "category": "external",
          "summary": "https://github.com/eclipse-vertx/vert.x/pull/5080",
          "url": "https://github.com/eclipse-vertx/vert.x/pull/5080"
        },
        {
          "category": "external",
          "summary": "https://github.com/eclipse-vertx/vert.x/pull/5082",
          "url": "https://github.com/eclipse-vertx/vert.x/pull/5082"
        }
      ],
      "release_date": "2024-01-26T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "io.vertx/vertx-core: memory leak due to the use of Netty FastThreadLocal data structures in Vertx"
    },
    {
      "cve": "CVE-2024-1300",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "discovery_date": "2024-02-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2263139"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server name map, leading to memory exhaustion. This flaw allows attackers to send TLS client hello messages with fake server names, triggering a JVM out-of-memory error.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This affects only TLS servers with SNI enabled.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-1300"
        },
        {
          "category": "external",
          "summary": "RHBZ#2263139",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263139"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-1300",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-1300"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1300",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1300"
        },
        {
          "category": "external",
          "summary": "https://vertx.io/docs/vertx-core/java/#_server_name_indication_sni.",
          "url": "https://vertx.io/docs/vertx-core/java/#_server_name_indication_sni."
        }
      ],
      "release_date": "2024-02-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support"
    },
    {
      "cve": "CVE-2024-2700",
      "cwe": {
        "id": "CWE-526",
        "name": "Cleartext Storage of Sensitive Information in an Environment Variable"
      },
      "discovery_date": "2024-04-03T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2273281"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the quarkus-core component. Quarkus captures local environment variables from the Quarkus namespace during the application\u0027s build, therefore, running the resulting application inherits the values captured at build time. Some local environment variables may have been set by the developer or CI environment for testing purposes, such as dropping the database during application startup or trusting all TLS certificates to accept self-signed certificates. If these properties are configured using environment variables or the .env facility, they are captured into the built application, which can lead to dangerous behavior if the application does not override these values. This behavior only happens for configuration properties from the `quarkus.*` namespace. Application-specific properties are not captured.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "quarkus-core: Leak of local configuration properties into Quarkus applications",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates this as a Moderate impact vulnerability since this requires an attacker to have direct access to the environment variables to override, and the application must use that environment variable to be jeopardized.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-2700"
        },
        {
          "category": "external",
          "summary": "RHBZ#2273281",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273281"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-2700",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-2700"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-2700",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2700"
        }
      ],
      "release_date": "2024-04-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        },
        {
          "category": "workaround",
          "details": "Currently, no mitigation is available for this vulnerability. Please update as the patches become available.",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "quarkus-core: Leak of local configuration properties into Quarkus applications"
    },
    {
      "cve": "CVE-2024-25710",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "discovery_date": "2024-02-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2264988"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A loop with an unreachable exit condition (Infinite Loop) vulnerability was found in Apache Common Compress. This issue can lead to a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-25710"
        },
        {
          "category": "external",
          "summary": "RHBZ#2264988",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264988"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-25710",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25710",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25710"
        },
        {
          "category": "external",
          "summary": "http://www.openwall.com/lists/oss-security/2024/02/19/1",
          "url": "http://www.openwall.com/lists/oss-security/2024/02/19/1"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/cz8qkcwphy4cx8gltn932ln51cbtq6kf",
          "url": "https://lists.apache.org/thread/cz8qkcwphy4cx8gltn932ln51cbtq6kf"
        }
      ],
      "release_date": "2024-02-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        },
        {
          "category": "workaround",
          "details": "No mitigation is currently available for this vulnerability.",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file"
    },
    {
      "cve": "CVE-2024-29025",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2024-04-03T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2272907"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the io.netty:netty-codec-http package. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling issues due to the accumulation of data in the HttpPostRequestDecoder. The decoder cumulates bytes in the undecodedChunk buffer until it can decode a field, allowing data to accumulate without limits. This flaw allows an attacker to cause a denial of service by sending a chunked post consisting of many small fields that will be accumulated in the bodyListHttpData list.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "netty-codec-http: Allocation of Resources Without Limits or Throttling",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The vulnerability in io.netty:netty-codec-http, allowing for Allocation of Resources Without Limits or Throttling issues, is assessed as moderate severity due to its potential impact on system availability and performance. By exploiting the flaw in HttpPostRequestDecoder, an attacker can craft chunked POST requests with numerous small fields, causing excessive accumulation of data in memory buffers. This unrestricted accumulation can lead to significant memory consumption on the server, potentially exhausting available resources and resulting in denial of service (DoS) conditions.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat AMQ Streams 2.7.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-29025"
        },
        {
          "category": "external",
          "summary": "RHBZ#2272907",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-29025",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025"
        },
        {
          "category": "external",
          "summary": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3",
          "url": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3"
        },
        {
          "category": "external",
          "summary": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c",
          "url": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c"
        },
        {
          "category": "external",
          "summary": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v",
          "url": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v"
        },
        {
          "category": "external",
          "summary": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812",
          "url": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812"
        }
      ],
      "release_date": "2024-03-25T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-30T20:24:46+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3527"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat AMQ Streams 2.7.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "netty-codec-http: Allocation of Resources Without Limits or Throttling"
    }
  ]
}

rhsa-2024_0792

Vulnerability from csaf_redhat

Published

2024-02-12 17:37

Modified

2024-11-15 17:41

Summary

Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.20.5 release and security update

Notes

Topic

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat Integration Camel for Spring Boot 3.20.5 release and security update is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "A security update for 3.20.5 is now available.\n\nThe purpose of this text-only errata is to inform you about the security issues fixed.\n\nSecurity Fix(es):\n\n* json-path: stack-based buffer overflow in Criteria.parse method (CVE-2023-51074)\n\nA Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:0792",
        "url": "https://access.redhat.com/errata/RHSA-2024:0792"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "2256063",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0792.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.20.5 release and security update",
    "tracking": {
      "current_release_date": "2024-11-15T17:41:42+00:00",
      "generator": {
        "date": "2024-11-15T17:41:42+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2024:0792",
      "initial_release_date": "2024-02-12T17:37:59+00:00",
      "revision_history": [
        {
          "date": "2024-02-12T17:37:59+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-02-12T17:37:59+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-15T17:41:42+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "RHINT Camel-Springboot 3.20.5",
                "product": {
                  "name": "RHINT Camel-Springboot 3.20.5",
                  "product_id": "RHINT Camel-Springboot 3.20.5",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:camel_spring_boot:3.20.5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Integration"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-51074",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "discovery_date": "2023-12-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2256063"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A stack overflow vulnerability was found in the Criteria.parse() method in json-path. This issue occurs due to an uncontrolled recursion caused by specially crafted input, leading to a stack overflow. This vulnerability has the potential to trigger a crash, resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "json-path: stack-based buffer overflow in Criteria.parse method",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates this at maximum of a Moderate impact. When interacting with a server to explore this possible vulnerability, the attacker would be the only one seeing a HTTP 500 error and no other user (or the server entirely) would be vulnerable in a real application scenario with multi-threads.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "RHINT Camel-Springboot 3.20.5"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "RHBZ#2256063",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-51074",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "https://github.com/json-path/JsonPath/issues/973",
          "url": "https://github.com/json-path/JsonPath/issues/973"
        }
      ],
      "release_date": "2023-12-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-02-12T17:37:59+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "RHINT Camel-Springboot 3.20.5"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0792"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "RHINT Camel-Springboot 3.20.5"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "json-path: stack-based buffer overflow in Criteria.parse method"
    }
  ]
}

RHSA-2024:0792

Vulnerability from csaf_redhat

Published

2024-02-12 17:37

Modified

2025-09-25 22:01

Summary

Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.20.5 release and security update

Notes

Topic

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat Integration Camel for Spring Boot 3.20.5 release and security update is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "A security update for 3.20.5 is now available.\n\nThe purpose of this text-only errata is to inform you about the security issues fixed.\n\nSecurity Fix(es):\n\n* json-path: stack-based buffer overflow in Criteria.parse method (CVE-2023-51074)\n\nA Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:0792",
        "url": "https://access.redhat.com/errata/RHSA-2024:0792"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "2256063",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0792.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.20.5 release and security update",
    "tracking": {
      "current_release_date": "2025-09-25T22:01:46+00:00",
      "generator": {
        "date": "2025-09-25T22:01:46+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.8"
        }
      },
      "id": "RHSA-2024:0792",
      "initial_release_date": "2024-02-12T17:37:59+00:00",
      "revision_history": [
        {
          "date": "2024-02-12T17:37:59+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-02-12T17:37:59+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-09-25T22:01:46+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "RHINT Camel-Springboot 3.20.5",
                "product": {
                  "name": "RHINT Camel-Springboot 3.20.5",
                  "product_id": "RHINT Camel-Springboot 3.20.5",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:camel_spring_boot:3.20.5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Integration"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-51074",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "discovery_date": "2023-12-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2256063"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A stack overflow vulnerability was found in the Criteria.parse() method in json-path. This issue occurs due to an uncontrolled recursion caused by specially crafted input, leading to a stack overflow. This vulnerability has the potential to trigger a crash, resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "json-path: stack-based buffer overflow in Criteria.parse method",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates this at maximum of a Moderate impact. When interacting with a server to explore this possible vulnerability, the attacker would be the only one seeing a HTTP 500 error and no other user (or the server entirely) would be vulnerable in a real application scenario with multi-threads.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "RHINT Camel-Springboot 3.20.5"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "RHBZ#2256063",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-51074",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "https://github.com/json-path/JsonPath/issues/973",
          "url": "https://github.com/json-path/JsonPath/issues/973"
        }
      ],
      "release_date": "2023-12-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-02-12T17:37:59+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "RHINT Camel-Springboot 3.20.5"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0792"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "RHINT Camel-Springboot 3.20.5"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "json-path: stack-based buffer overflow in Criteria.parse method"
    }
  ]
}

rhsa-2024_0789

Vulnerability from csaf_redhat

Published

2024-02-12 16:02

Modified

2025-01-06 19:37

Summary

Red Hat Security Advisory: Red Hat Build of Apache Camel 4.0 for Quarkus 3.2 release (RHBQ 3.2.10.Final)

Notes

Topic

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for Red Hat Build of Apache Camel 4.0 for Quarkus 3.2 is now available (updates to RHBQ 3.2.10.Final).\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "An update for Red Hat Build of Apache Camel 4.0 for Quarkus 3.2 is now available (updates to RHBQ 3.2.10.Final). The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products.\n\nSecurity Fix(es):\n\n* parsson: Denial of Service due to large number parsing (CVE-2023-4043)\n\n* santuario: Private Key disclosure in debug-log output (CVE-2023-44483)\n\n* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)\n\n* json-path: stack-based buffer overflow in Criteria.parse method (CVE-2023-51074)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:0789",
        "url": "https://access.redhat.com/errata/RHSA-2024:0789"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=rhboac\u0026downloadType=distributions\u0026version=4.0.x",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=rhboac\u0026downloadType=distributions\u0026version=4.0.x"
      },
      {
        "category": "external",
        "summary": "2246070",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246070"
      },
      {
        "category": "external",
        "summary": "2254210",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
      },
      {
        "category": "external",
        "summary": "2254594",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254594"
      },
      {
        "category": "external",
        "summary": "2256063",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0789.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Build of Apache Camel 4.0 for Quarkus 3.2 release (RHBQ 3.2.10.Final)",
    "tracking": {
      "current_release_date": "2025-01-06T19:37:53+00:00",
      "generator": {
        "date": "2025-01-06T19:37:53+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.5"
        }
      },
      "id": "RHSA-2024:0789",
      "initial_release_date": "2024-02-12T16:02:02+00:00",
      "revision_history": [
        {
          "date": "2024-02-12T16:02:02+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-02-12T16:02:02+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-01-06T19:37:53+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)",
                "product": {
                  "name": "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)",
                  "product_id": "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:camel_quarkus:3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Integration"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-4043",
      "cwe": {
        "id": "CWE-834",
        "name": "Excessive Iteration"
      },
      "discovery_date": "2023-12-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2254594"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Eclipse Parsson library when processing untrusted source content. This issue may cause a Denial of Service (DoS) due to built-in support for parsing numbers with a large scale, and some cases where processing a large number may take much more time than expected.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "parsson: Denial of Service due to large number parsing",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates this as an important impact since one needs to process untrusted and if there is no sanitization a Denial of Service (DoS) may happen.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-4043"
        },
        {
          "category": "external",
          "summary": "RHBZ#2254594",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254594"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-4043",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-4043"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4043",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4043"
        }
      ],
      "release_date": "2023-11-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-02-12T16:02:02+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0789"
        },
        {
          "category": "workaround",
          "details": "Avoid processing untrusted sources content in order to minimize the chance for Denial of Service attack.",
          "product_ids": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "parsson: Denial of Service due to large number parsing"
    },
    {
      "cve": "CVE-2023-44483",
      "cwe": {
        "id": "CWE-532",
        "name": "Insertion of Sensitive Information into Log File"
      },
      "discovery_date": "2023-10-25T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2246070"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "All versions of Apache Santuario - XML Security for Java prior to 2.2.6, 2.3.4, and 3.0.3, when using the JSR 105 API, are vulnerable to an issue where a private key may be disclosed in log files when generating an XML Signature and logging with debug level is enabled.\u00a0Users are recommended to upgrade to version 2.2.6, 2.3.4, or 3.0.3, which fixes this issue.\n",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "santuario: Private Key disclosure in debug-log output",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-44483"
        },
        {
          "category": "external",
          "summary": "RHBZ#2246070",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246070"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-44483",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-44483"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44483",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44483"
        },
        {
          "category": "external",
          "summary": "http://www.openwall.com/lists/oss-security/2023/10/20/5",
          "url": "http://www.openwall.com/lists/oss-security/2023/10/20/5"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/vmqbp9mfxtrf0kmbnnmbn3h9j6dr9q55",
          "url": "https://lists.apache.org/thread/vmqbp9mfxtrf0kmbnnmbn3h9j6dr9q55"
        }
      ],
      "release_date": "2023-10-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-02-12T16:02:02+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0789"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "santuario: Private Key disclosure in debug-log output"
    },
    {
      "cve": "CVE-2023-48795",
      "cwe": {
        "id": "CWE-222",
        "name": "Truncation of Security-relevant Information"
      },
      "discovery_date": "2023-12-12T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2254210"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-48795"
        },
        {
          "category": "external",
          "summary": "RHBZ#2254210",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/solutions/7071748",
          "url": "https://access.redhat.com/solutions/7071748"
        },
        {
          "category": "external",
          "summary": "https://terrapin-attack.com/",
          "url": "https://terrapin-attack.com/"
        }
      ],
      "release_date": "2023-12-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-02-12T16:02:02+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0789"
        },
        {
          "category": "workaround",
          "details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748",
          "product_ids": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)"
    },
    {
      "cve": "CVE-2023-51074",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "discovery_date": "2023-12-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2256063"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A stack overflow vulnerability was found in the Criteria.parse() method in json-path. This issue occurs due to an uncontrolled recursion caused by specially crafted input, leading to a stack overflow. This vulnerability has the potential to trigger a crash, resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "json-path: stack-based buffer overflow in Criteria.parse method",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates this at maximum of a Moderate impact. When interacting with a server to explore this possible vulnerability, the attacker would be the only one seeing a HTTP 500 error and no other user (or the server entirely) would be vulnerable in a real application scenario with multi-threads.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "RHBZ#2256063",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-51074",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "https://github.com/json-path/JsonPath/issues/973",
          "url": "https://github.com/json-path/JsonPath/issues/973"
        }
      ],
      "release_date": "2023-12-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-02-12T16:02:02+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0789"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "json-path: stack-based buffer overflow in Criteria.parse method"
    }
  ]
}

rhsa-2024_2707

Vulnerability from csaf_redhat

Published

2024-05-06 14:10

Modified

2025-01-06 17:15

Summary

Red Hat Security Advisory: Red Hat Build of Apache Camel security update

Notes

Topic

Red Hat build of Apache Camel 4.4.0 for Spring Boot release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

Red Hat build of Apache Camel 4.4.0 for Spring Boot release and security update is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Security Fix(es): * xnio: StackOverflowException when the chain of notifier states becomes problematically big (CVE-2023-5685) * tomcat: Leaking of unrelated request bodies in default error page (CVE-2024-21733) * guava: insecure temporary directory creation (CVE-2023-2976) * jackson-databind: denial of service via cylic dependencies (CVE-2023-35116) * json-path: stack-based buffer overflow in Criteria.parse method (CVE-2023-51074) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat build of Apache Camel 4.4.0 for Spring Boot release and security update is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat build of Apache Camel 4.4.0 for Spring Boot release and security update is now available.\n\nThe purpose of this text-only errata is to inform you about the security issues fixed.\n\nSecurity Fix(es):\n\n* xnio: StackOverflowException when the chain of notifier states becomes problematically big (CVE-2023-5685)\n\n* tomcat: Leaking of unrelated request bodies in default error page (CVE-2024-21733)\n\n* guava: insecure temporary directory creation (CVE-2023-2976)\n\n* jackson-databind: denial of service via cylic dependencies (CVE-2023-35116)\n\n* json-path: stack-based buffer overflow in Criteria.parse method (CVE-2023-51074)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:2707",
        "url": "https://access.redhat.com/errata/RHSA-2024:2707"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2215214",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215214"
      },
      {
        "category": "external",
        "summary": "2215229",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
      },
      {
        "category": "external",
        "summary": "2241822",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241822"
      },
      {
        "category": "external",
        "summary": "2256063",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063"
      },
      {
        "category": "external",
        "summary": "2259204",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259204"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_2707.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Build of Apache Camel security update",
    "tracking": {
      "current_release_date": "2025-01-06T17:15:53+00:00",
      "generator": {
        "date": "2025-01-06T17:15:53+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.5"
        }
      },
      "id": "RHSA-2024:2707",
      "initial_release_date": "2024-05-06T14:10:14+00:00",
      "revision_history": [
        {
          "date": "2024-05-06T14:10:14+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-05-06T14:10:14+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-01-06T17:15:53+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat build of Apache Camel 4.4.0 for Spring Boot",
                "product": {
                  "name": "Red Hat build of Apache Camel 4.4.0 for Spring Boot",
                  "product_id": "Red Hat build of Apache Camel 4.4.0 for Spring Boot",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:apache-camel-spring-boot:4.4.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Build of Apache Camel"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-2976",
      "cwe": {
        "id": "CWE-552",
        "name": "Files or Directories Accessible to External Parties"
      },
      "discovery_date": "2023-06-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2215229"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "guava: insecure temporary directory creation",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Single Sign-On 7 ships the affected component as a layered product of Red Hat JBoss Enterprise Application 7, and as such is affected by this flaw. However, Single Sign-On 7 does not use the affected code and is not vulnerable to exploit.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-2976"
        },
        {
          "category": "external",
          "summary": "RHBZ#2215229",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-2976",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976"
        }
      ],
      "release_date": "2023-06-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-06T14:10:14+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2707"
        },
        {
          "category": "workaround",
          "details": "Temp files should be created with sufficiently non-predictable names and in a secure-permissioned, dedicated temp folder.",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "guava: insecure temporary directory creation"
    },
    {
      "cve": "CVE-2023-5685",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-10-02T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2241822"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "xnio: StackOverflowException when the chain of notifier states becomes problematically big",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates this vulnerability as an Important impact as the uncontrolled resource consumption may lead to Denial of Service (DoS). This might be intentioned by an attacker who is looking to jeopardize an environment.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-5685"
        },
        {
          "category": "external",
          "summary": "RHBZ#2241822",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241822"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-5685",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-5685"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5685",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5685"
        }
      ],
      "release_date": "2024-03-05T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-06T14:10:14+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2707"
        },
        {
          "category": "workaround",
          "details": "There is currently no mitigation available for this vulnerability. Please keep the packages up-to-date as the updates become available.",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "xnio: StackOverflowException when the chain of notifier states becomes problematically big"
    },
    {
      "cve": "CVE-2023-35116",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2023-06-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2215214"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies. NOTE: the vendor\u0027s perspective is that this is not a valid vulnerability report, because the steps of constructing a cyclic data structure and trying to serialize it cannot be achieved by an external attacker.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: denial of service via cylic dependencies",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This CVE is disputed by the component developers and is under reconsideration by NIST. As such, it should be excluded from scanning utilities or other compliance systems until the dispute is finalized.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-35116"
        },
        {
          "category": "external",
          "summary": "RHBZ#2215214",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215214"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-35116",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-35116",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35116"
        }
      ],
      "release_date": "2023-06-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-06T14:10:14+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2707"
        },
        {
          "category": "workaround",
          "details": "jackson-databind should not be used to deserialize untrusted inputs. User inputs should be validated and sanitized before processing.",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jackson-databind: denial of service via cylic dependencies"
    },
    {
      "cve": "CVE-2023-51074",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "discovery_date": "2023-12-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2256063"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A stack overflow vulnerability was found in the Criteria.parse() method in json-path. This issue occurs due to an uncontrolled recursion caused by specially crafted input, leading to a stack overflow. This vulnerability has the potential to trigger a crash, resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "json-path: stack-based buffer overflow in Criteria.parse method",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates this at maximum of a Moderate impact. When interacting with a server to explore this possible vulnerability, the attacker would be the only one seeing a HTTP 500 error and no other user (or the server entirely) would be vulnerable in a real application scenario with multi-threads.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "RHBZ#2256063",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-51074",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "https://github.com/json-path/JsonPath/issues/973",
          "url": "https://github.com/json-path/JsonPath/issues/973"
        }
      ],
      "release_date": "2023-12-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-06T14:10:14+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2707"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "json-path: stack-based buffer overflow in Criteria.parse method"
    },
    {
      "cve": "CVE-2024-21733",
      "cwe": {
        "id": "CWE-209",
        "name": "Generation of Error Message Containing Sensitive Information"
      },
      "discovery_date": "2024-01-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2259204"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An information disclosure vulnerability was found in Apache Tomcat. Incomplete POST requests triggered an error response that could contain data from a previous HTTP request. This flaw allows a remote attacker to access files from another user that should be otherwise prevented by limits or authentication.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Leaking of unrelated request bodies in default error page",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Enterprise Linux remains unaffected as the vulnerable version of Tomcat (e.g., versions 8.5.7 through 8.5.63 and 9.0.0 through 9.0.43) has not been shipped or included.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-21733"
        },
        {
          "category": "external",
          "summary": "RHBZ#2259204",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259204"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-21733",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-21733"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-21733",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21733"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/h9bjqdd0odj6lhs2o96qgowcc6hb0cfz",
          "url": "https://lists.apache.org/thread/h9bjqdd0odj6lhs2o96qgowcc6hb0cfz"
        },
        {
          "category": "external",
          "summary": "https://www.openwall.com/lists/oss-security/2024/01/19/2",
          "url": "https://www.openwall.com/lists/oss-security/2024/01/19/2"
        }
      ],
      "release_date": "2024-01-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-06T14:10:14+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2707"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Leaking of unrelated request bodies in default error page"
    }
  ]
}

RHSA-2024:2707

Vulnerability from csaf_redhat

Published

2024-05-06 14:10

Modified

2025-10-29 04:17

Summary

Red Hat Security Advisory: Red Hat Build of Apache Camel security update

Notes

Topic

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat build of Apache Camel 4.4.0 for Spring Boot release and security update is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat build of Apache Camel 4.4.0 for Spring Boot release and security update is now available.\n\nThe purpose of this text-only errata is to inform you about the security issues fixed.\n\nSecurity Fix(es):\n\n* xnio: StackOverflowException when the chain of notifier states becomes problematically big (CVE-2023-5685)\n\n* tomcat: Leaking of unrelated request bodies in default error page (CVE-2024-21733)\n\n* guava: insecure temporary directory creation (CVE-2023-2976)\n\n* jackson-databind: denial of service via cylic dependencies (CVE-2023-35116)\n\n* json-path: stack-based buffer overflow in Criteria.parse method (CVE-2023-51074)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:2707",
        "url": "https://access.redhat.com/errata/RHSA-2024:2707"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2215214",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215214"
      },
      {
        "category": "external",
        "summary": "2215229",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
      },
      {
        "category": "external",
        "summary": "2241822",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241822"
      },
      {
        "category": "external",
        "summary": "2256063",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063"
      },
      {
        "category": "external",
        "summary": "2259204",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259204"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_2707.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Build of Apache Camel security update",
    "tracking": {
      "current_release_date": "2025-10-29T04:17:51+00:00",
      "generator": {
        "date": "2025-10-29T04:17:51+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.10"
        }
      },
      "id": "RHSA-2024:2707",
      "initial_release_date": "2024-05-06T14:10:14+00:00",
      "revision_history": [
        {
          "date": "2024-05-06T14:10:14+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-05-06T14:10:14+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-10-29T04:17:51+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat build of Apache Camel 4.4.0 for Spring Boot",
                "product": {
                  "name": "Red Hat build of Apache Camel 4.4.0 for Spring Boot",
                  "product_id": "Red Hat build of Apache Camel 4.4.0 for Spring Boot",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:apache-camel-spring-boot:4.4.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Build of Apache Camel"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-2976",
      "cwe": {
        "id": "CWE-552",
        "name": "Files or Directories Accessible to External Parties"
      },
      "discovery_date": "2023-06-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2215229"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "guava: insecure temporary directory creation",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Single Sign-On 7 ships the affected component as a layered product of Red Hat JBoss Enterprise Application 7, and as such is affected by this flaw. However, Single Sign-On 7 does not use the affected code and is not vulnerable to exploit.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-2976"
        },
        {
          "category": "external",
          "summary": "RHBZ#2215229",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-2976",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976"
        }
      ],
      "release_date": "2023-06-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-06T14:10:14+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2707"
        },
        {
          "category": "workaround",
          "details": "Temp files should be created with sufficiently non-predictable names and in a secure-permissioned, dedicated temp folder.",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "guava: insecure temporary directory creation"
    },
    {
      "cve": "CVE-2023-5685",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-10-02T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2241822"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "xnio: StackOverflowException when the chain of notifier states becomes problematically big",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates this vulnerability as an Important impact as the uncontrolled resource consumption may lead to Denial of Service (DoS). This might be intentioned by an attacker who is looking to jeopardize an environment.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-5685"
        },
        {
          "category": "external",
          "summary": "RHBZ#2241822",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241822"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-5685",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-5685"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5685",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5685"
        }
      ],
      "release_date": "2024-03-05T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-06T14:10:14+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2707"
        },
        {
          "category": "workaround",
          "details": "There is currently no mitigation available for this vulnerability. Please keep the packages up-to-date as the updates become available.",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "xnio: StackOverflowException when the chain of notifier states becomes problematically big"
    },
    {
      "cve": "CVE-2023-35116",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2023-06-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2215214"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies. NOTE: the vendor\u0027s perspective is that this is not a valid vulnerability report, because the steps of constructing a cyclic data structure and trying to serialize it cannot be achieved by an external attacker.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: denial of service via cylic dependencies",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This CVE is disputed by the component developers and is under reconsideration by NIST. As such, it should be excluded from scanning utilities or other compliance systems until the dispute is finalized.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-35116"
        },
        {
          "category": "external",
          "summary": "RHBZ#2215214",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215214"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-35116",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-35116",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35116"
        }
      ],
      "release_date": "2023-06-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-06T14:10:14+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2707"
        },
        {
          "category": "workaround",
          "details": "jackson-databind should not be used to deserialize untrusted inputs. User inputs should be validated and sanitized before processing.",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jackson-databind: denial of service via cylic dependencies"
    },
    {
      "cve": "CVE-2023-51074",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "discovery_date": "2023-12-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2256063"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A stack overflow vulnerability was found in the Criteria.parse() method in json-path. This issue occurs due to an uncontrolled recursion caused by specially crafted input, leading to a stack overflow. This vulnerability has the potential to trigger a crash, resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "json-path: stack-based buffer overflow in Criteria.parse method",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates this at maximum of a Moderate impact. When interacting with a server to explore this possible vulnerability, the attacker would be the only one seeing a HTTP 500 error and no other user (or the server entirely) would be vulnerable in a real application scenario with multi-threads.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "RHBZ#2256063",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-51074",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "https://github.com/json-path/JsonPath/issues/973",
          "url": "https://github.com/json-path/JsonPath/issues/973"
        }
      ],
      "release_date": "2023-12-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-06T14:10:14+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2707"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "json-path: stack-based buffer overflow in Criteria.parse method"
    },
    {
      "cve": "CVE-2024-21733",
      "cwe": {
        "id": "CWE-209",
        "name": "Generation of Error Message Containing Sensitive Information"
      },
      "discovery_date": "2024-01-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2259204"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An information disclosure vulnerability was found in Apache Tomcat. Incomplete POST requests triggered an error response that could contain data from a previous HTTP request. This flaw allows a remote attacker to access files from another user that should be otherwise prevented by limits or authentication.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Leaking of unrelated request bodies in default error page",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Enterprise Linux remains unaffected as the vulnerable version of Tomcat (e.g., versions 8.5.7 through 8.5.63 and 9.0.0 through 9.0.43) has not been shipped or included.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-21733"
        },
        {
          "category": "external",
          "summary": "RHBZ#2259204",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259204"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-21733",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-21733"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-21733",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21733"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/h9bjqdd0odj6lhs2o96qgowcc6hb0cfz",
          "url": "https://lists.apache.org/thread/h9bjqdd0odj6lhs2o96qgowcc6hb0cfz"
        },
        {
          "category": "external",
          "summary": "https://www.openwall.com/lists/oss-security/2024/01/19/2",
          "url": "https://www.openwall.com/lists/oss-security/2024/01/19/2"
        }
      ],
      "release_date": "2024-01-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-06T14:10:14+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2707"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Leaking of unrelated request bodies in default error page"
    },
    {
      "cve": "CVE-2024-29736",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "discovery_date": "2024-07-19T09:20:09+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2298827"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A Server-side request forgery (SSRF) vulnerability has been identified in Apache CXF in the WADL service description. The flaw allows an attacker to perform SSRF-style attacks on REST web services. The attack only applies if a custom stylesheet parameter is configured.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "apache: cxf: org.apache.cxf:cxf-rt-rs-service-description: SSRF via WADL stylesheet parameter",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This SSRF vulnerability in Apache CXF\u0027s WADL service description is of significant severity because it allows an attacker to manipulate server-side requests, potentially leading to unauthorized access to internal resources. By exploiting this flaw, an attacker can craft malicious requests that bypass traditional security controls, enabling the server to communicate with internal systems, which may include databases, cloud services, or other sensitive infrastructure.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-29736"
        },
        {
          "category": "external",
          "summary": "RHBZ#2298827",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298827"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-29736",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-29736"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29736",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29736"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-5m3j-pxh7-455p",
          "url": "https://github.com/advisories/GHSA-5m3j-pxh7-455p"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/4jtpsswn2r6xommol54p5mg263ysgdw2",
          "url": "https://lists.apache.org/thread/4jtpsswn2r6xommol54p5mg263ysgdw2"
        },
        {
          "category": "external",
          "summary": "https://osv.dev/vulnerability/GHSA-5m3j-pxh7-455p",
          "url": "https://osv.dev/vulnerability/GHSA-5m3j-pxh7-455p"
        }
      ],
      "release_date": "2024-07-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-06T14:10:14+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2707"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "apache: cxf: org.apache.cxf:cxf-rt-rs-service-description: SSRF via WADL stylesheet parameter"
    },
    {
      "cve": "CVE-2024-32007",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2024-07-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2298828"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An improper input validation vulnerability was found in the p2c parameter in the Apache CXF JOSE. This flaw allows an attacker to perform a denial of service attack by specifying a large value for this parameter in a token.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The improper input validation vulnerability in the p2c parameter of Apache CXF JOSE is considered a moderate severity issue rather than a important one due to its limited scope and impact. While the flaw allows an attacker to specify a large value for the p2c parameter, leading to potential denial of service (DoS) attacks by causing excessive computational overhead, it does not compromise data integrity, confidentiality, or authentication mechanisms directly. The attack vector primarily affects system availability and exploiting this vulnerability requires the ability to send crafted tokens.\n\nBase EAP (7.4 and 8) and EAP XP (4 and 5) do not ship this affected CXF jaxrs artifact. cxf-rt-rs-security-jose is part of CXF\u0027s JAX-RS, and EAP uses RESTEasy, hence it\u0027s not-affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-32007"
        },
        {
          "category": "external",
          "summary": "RHBZ#2298828",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298828"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-32007",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-32007"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-32007",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32007"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-6pff-fmh2-4mmf",
          "url": "https://github.com/advisories/GHSA-6pff-fmh2-4mmf"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/stwrgsr1llb73nkl16klv9vjqgmmx633",
          "url": "https://lists.apache.org/thread/stwrgsr1llb73nkl16klv9vjqgmmx633"
        }
      ],
      "release_date": "2024-07-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-06T14:10:14+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2707"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE"
    }
  ]
}

rhsa-2024:0789

Vulnerability from csaf_redhat

Published

2024-02-12 16:02

Modified

2025-10-28 19:51

Summary

Red Hat Security Advisory: Red Hat Build of Apache Camel 4.0 for Quarkus 3.2 release (RHBQ 3.2.10.Final)

Notes

Topic

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for Red Hat Build of Apache Camel 4.0 for Quarkus 3.2 is now available (updates to RHBQ 3.2.10.Final).\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "An update for Red Hat Build of Apache Camel 4.0 for Quarkus 3.2 is now available (updates to RHBQ 3.2.10.Final). The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products.\n\nSecurity Fix(es):\n\n* parsson: Denial of Service due to large number parsing (CVE-2023-4043)\n\n* santuario: Private Key disclosure in debug-log output (CVE-2023-44483)\n\n* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)\n\n* json-path: stack-based buffer overflow in Criteria.parse method (CVE-2023-51074)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:0789",
        "url": "https://access.redhat.com/errata/RHSA-2024:0789"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=rhboac\u0026downloadType=distributions\u0026version=4.0.x",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=rhboac\u0026downloadType=distributions\u0026version=4.0.x"
      },
      {
        "category": "external",
        "summary": "2246070",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246070"
      },
      {
        "category": "external",
        "summary": "2254210",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
      },
      {
        "category": "external",
        "summary": "2254594",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254594"
      },
      {
        "category": "external",
        "summary": "2256063",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0789.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Build of Apache Camel 4.0 for Quarkus 3.2 release (RHBQ 3.2.10.Final)",
    "tracking": {
      "current_release_date": "2025-10-28T19:51:29+00:00",
      "generator": {
        "date": "2025-10-28T19:51:29+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.10"
        }
      },
      "id": "RHSA-2024:0789",
      "initial_release_date": "2024-02-12T16:02:02+00:00",
      "revision_history": [
        {
          "date": "2024-02-12T16:02:02+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-02-12T16:02:02+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-10-28T19:51:29+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)",
                "product": {
                  "name": "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)",
                  "product_id": "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:camel_quarkus:3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Integration"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-4043",
      "cwe": {
        "id": "CWE-834",
        "name": "Excessive Iteration"
      },
      "discovery_date": "2023-12-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2254594"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Eclipse Parsson library when processing untrusted source content. This issue may cause a Denial of Service (DoS) due to built-in support for parsing numbers with a large scale, and some cases where processing a large number may take much more time than expected.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "parsson: Denial of Service due to large number parsing",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates this as an important impact since one needs to process untrusted and if there is no sanitization a Denial of Service (DoS) may happen.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-4043"
        },
        {
          "category": "external",
          "summary": "RHBZ#2254594",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254594"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-4043",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-4043"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4043",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4043"
        }
      ],
      "release_date": "2023-11-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-02-12T16:02:02+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0789"
        },
        {
          "category": "workaround",
          "details": "Avoid processing untrusted sources content in order to minimize the chance for Denial of Service attack.",
          "product_ids": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "parsson: Denial of Service due to large number parsing"
    },
    {
      "cve": "CVE-2023-44483",
      "cwe": {
        "id": "CWE-532",
        "name": "Insertion of Sensitive Information into Log File"
      },
      "discovery_date": "2023-10-25T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2246070"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "All versions of Apache Santuario - XML Security for Java prior to 2.2.6, 2.3.4, and 3.0.3, when using the JSR 105 API, are vulnerable to an issue where a private key may be disclosed in log files when generating an XML Signature and logging with debug level is enabled.\u00a0Users are recommended to upgrade to version 2.2.6, 2.3.4, or 3.0.3, which fixes this issue.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "santuario: Private Key disclosure in debug-log output",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-44483"
        },
        {
          "category": "external",
          "summary": "RHBZ#2246070",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246070"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-44483",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-44483"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44483",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44483"
        },
        {
          "category": "external",
          "summary": "http://www.openwall.com/lists/oss-security/2023/10/20/5",
          "url": "http://www.openwall.com/lists/oss-security/2023/10/20/5"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/vmqbp9mfxtrf0kmbnnmbn3h9j6dr9q55",
          "url": "https://lists.apache.org/thread/vmqbp9mfxtrf0kmbnnmbn3h9j6dr9q55"
        }
      ],
      "release_date": "2023-10-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-02-12T16:02:02+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0789"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "santuario: Private Key disclosure in debug-log output"
    },
    {
      "cve": "CVE-2023-48795",
      "cwe": {
        "id": "CWE-222",
        "name": "Truncation of Security-relevant Information"
      },
      "discovery_date": "2023-12-12T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2254210"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-48795"
        },
        {
          "category": "external",
          "summary": "RHBZ#2254210",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/solutions/7071748",
          "url": "https://access.redhat.com/solutions/7071748"
        },
        {
          "category": "external",
          "summary": "https://terrapin-attack.com/",
          "url": "https://terrapin-attack.com/"
        }
      ],
      "release_date": "2023-12-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-02-12T16:02:02+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0789"
        },
        {
          "category": "workaround",
          "details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748",
          "product_ids": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)"
    },
    {
      "cve": "CVE-2023-51074",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "discovery_date": "2023-12-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2256063"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A stack overflow vulnerability was found in the Criteria.parse() method in json-path. This issue occurs due to an uncontrolled recursion caused by specially crafted input, leading to a stack overflow. This vulnerability has the potential to trigger a crash, resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "json-path: stack-based buffer overflow in Criteria.parse method",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates this at maximum of a Moderate impact. When interacting with a server to explore this possible vulnerability, the attacker would be the only one seeing a HTTP 500 error and no other user (or the server entirely) would be vulnerable in a real application scenario with multi-threads.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "RHBZ#2256063",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-51074",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "https://github.com/json-path/JsonPath/issues/973",
          "url": "https://github.com/json-path/JsonPath/issues/973"
        }
      ],
      "release_date": "2023-12-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-02-12T16:02:02+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0789"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "RHBOAC camel-quarkus 3 (camel-4.0/quarkus-3.2)"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "json-path: stack-based buffer overflow in Criteria.parse method"
    }
  ]
}

rhsa-2024:2707

Vulnerability from csaf_redhat

Published

2024-05-06 14:10

Modified

2025-10-29 04:17

Summary

Red Hat Security Advisory: Red Hat Build of Apache Camel security update

Notes

Topic

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat build of Apache Camel 4.4.0 for Spring Boot release and security update is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat build of Apache Camel 4.4.0 for Spring Boot release and security update is now available.\n\nThe purpose of this text-only errata is to inform you about the security issues fixed.\n\nSecurity Fix(es):\n\n* xnio: StackOverflowException when the chain of notifier states becomes problematically big (CVE-2023-5685)\n\n* tomcat: Leaking of unrelated request bodies in default error page (CVE-2024-21733)\n\n* guava: insecure temporary directory creation (CVE-2023-2976)\n\n* jackson-databind: denial of service via cylic dependencies (CVE-2023-35116)\n\n* json-path: stack-based buffer overflow in Criteria.parse method (CVE-2023-51074)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:2707",
        "url": "https://access.redhat.com/errata/RHSA-2024:2707"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2215214",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215214"
      },
      {
        "category": "external",
        "summary": "2215229",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
      },
      {
        "category": "external",
        "summary": "2241822",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241822"
      },
      {
        "category": "external",
        "summary": "2256063",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063"
      },
      {
        "category": "external",
        "summary": "2259204",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259204"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_2707.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Build of Apache Camel security update",
    "tracking": {
      "current_release_date": "2025-10-29T04:17:51+00:00",
      "generator": {
        "date": "2025-10-29T04:17:51+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.10"
        }
      },
      "id": "RHSA-2024:2707",
      "initial_release_date": "2024-05-06T14:10:14+00:00",
      "revision_history": [
        {
          "date": "2024-05-06T14:10:14+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-05-06T14:10:14+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-10-29T04:17:51+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat build of Apache Camel 4.4.0 for Spring Boot",
                "product": {
                  "name": "Red Hat build of Apache Camel 4.4.0 for Spring Boot",
                  "product_id": "Red Hat build of Apache Camel 4.4.0 for Spring Boot",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:apache-camel-spring-boot:4.4.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Build of Apache Camel"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-2976",
      "cwe": {
        "id": "CWE-552",
        "name": "Files or Directories Accessible to External Parties"
      },
      "discovery_date": "2023-06-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2215229"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "guava: insecure temporary directory creation",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Single Sign-On 7 ships the affected component as a layered product of Red Hat JBoss Enterprise Application 7, and as such is affected by this flaw. However, Single Sign-On 7 does not use the affected code and is not vulnerable to exploit.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-2976"
        },
        {
          "category": "external",
          "summary": "RHBZ#2215229",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-2976",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976"
        }
      ],
      "release_date": "2023-06-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-06T14:10:14+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2707"
        },
        {
          "category": "workaround",
          "details": "Temp files should be created with sufficiently non-predictable names and in a secure-permissioned, dedicated temp folder.",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "guava: insecure temporary directory creation"
    },
    {
      "cve": "CVE-2023-5685",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-10-02T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2241822"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "xnio: StackOverflowException when the chain of notifier states becomes problematically big",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates this vulnerability as an Important impact as the uncontrolled resource consumption may lead to Denial of Service (DoS). This might be intentioned by an attacker who is looking to jeopardize an environment.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-5685"
        },
        {
          "category": "external",
          "summary": "RHBZ#2241822",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241822"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-5685",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-5685"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5685",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5685"
        }
      ],
      "release_date": "2024-03-05T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-06T14:10:14+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2707"
        },
        {
          "category": "workaround",
          "details": "There is currently no mitigation available for this vulnerability. Please keep the packages up-to-date as the updates become available.",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "xnio: StackOverflowException when the chain of notifier states becomes problematically big"
    },
    {
      "cve": "CVE-2023-35116",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2023-06-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2215214"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies. NOTE: the vendor\u0027s perspective is that this is not a valid vulnerability report, because the steps of constructing a cyclic data structure and trying to serialize it cannot be achieved by an external attacker.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: denial of service via cylic dependencies",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This CVE is disputed by the component developers and is under reconsideration by NIST. As such, it should be excluded from scanning utilities or other compliance systems until the dispute is finalized.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-35116"
        },
        {
          "category": "external",
          "summary": "RHBZ#2215214",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215214"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-35116",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-35116",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35116"
        }
      ],
      "release_date": "2023-06-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-06T14:10:14+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2707"
        },
        {
          "category": "workaround",
          "details": "jackson-databind should not be used to deserialize untrusted inputs. User inputs should be validated and sanitized before processing.",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jackson-databind: denial of service via cylic dependencies"
    },
    {
      "cve": "CVE-2023-51074",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "discovery_date": "2023-12-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2256063"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A stack overflow vulnerability was found in the Criteria.parse() method in json-path. This issue occurs due to an uncontrolled recursion caused by specially crafted input, leading to a stack overflow. This vulnerability has the potential to trigger a crash, resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "json-path: stack-based buffer overflow in Criteria.parse method",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates this at maximum of a Moderate impact. When interacting with a server to explore this possible vulnerability, the attacker would be the only one seeing a HTTP 500 error and no other user (or the server entirely) would be vulnerable in a real application scenario with multi-threads.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "RHBZ#2256063",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256063"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-51074",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074"
        },
        {
          "category": "external",
          "summary": "https://github.com/json-path/JsonPath/issues/973",
          "url": "https://github.com/json-path/JsonPath/issues/973"
        }
      ],
      "release_date": "2023-12-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-06T14:10:14+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2707"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "json-path: stack-based buffer overflow in Criteria.parse method"
    },
    {
      "cve": "CVE-2024-21733",
      "cwe": {
        "id": "CWE-209",
        "name": "Generation of Error Message Containing Sensitive Information"
      },
      "discovery_date": "2024-01-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2259204"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An information disclosure vulnerability was found in Apache Tomcat. Incomplete POST requests triggered an error response that could contain data from a previous HTTP request. This flaw allows a remote attacker to access files from another user that should be otherwise prevented by limits or authentication.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Leaking of unrelated request bodies in default error page",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Enterprise Linux remains unaffected as the vulnerable version of Tomcat (e.g., versions 8.5.7 through 8.5.63 and 9.0.0 through 9.0.43) has not been shipped or included.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-21733"
        },
        {
          "category": "external",
          "summary": "RHBZ#2259204",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259204"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-21733",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-21733"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-21733",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21733"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/h9bjqdd0odj6lhs2o96qgowcc6hb0cfz",
          "url": "https://lists.apache.org/thread/h9bjqdd0odj6lhs2o96qgowcc6hb0cfz"
        },
        {
          "category": "external",
          "summary": "https://www.openwall.com/lists/oss-security/2024/01/19/2",
          "url": "https://www.openwall.com/lists/oss-security/2024/01/19/2"
        }
      ],
      "release_date": "2024-01-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-06T14:10:14+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2707"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Leaking of unrelated request bodies in default error page"
    },
    {
      "cve": "CVE-2024-29736",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "discovery_date": "2024-07-19T09:20:09+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2298827"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A Server-side request forgery (SSRF) vulnerability has been identified in Apache CXF in the WADL service description. The flaw allows an attacker to perform SSRF-style attacks on REST web services. The attack only applies if a custom stylesheet parameter is configured.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "apache: cxf: org.apache.cxf:cxf-rt-rs-service-description: SSRF via WADL stylesheet parameter",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This SSRF vulnerability in Apache CXF\u0027s WADL service description is of significant severity because it allows an attacker to manipulate server-side requests, potentially leading to unauthorized access to internal resources. By exploiting this flaw, an attacker can craft malicious requests that bypass traditional security controls, enabling the server to communicate with internal systems, which may include databases, cloud services, or other sensitive infrastructure.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-29736"
        },
        {
          "category": "external",
          "summary": "RHBZ#2298827",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298827"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-29736",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-29736"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29736",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29736"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-5m3j-pxh7-455p",
          "url": "https://github.com/advisories/GHSA-5m3j-pxh7-455p"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/4jtpsswn2r6xommol54p5mg263ysgdw2",
          "url": "https://lists.apache.org/thread/4jtpsswn2r6xommol54p5mg263ysgdw2"
        },
        {
          "category": "external",
          "summary": "https://osv.dev/vulnerability/GHSA-5m3j-pxh7-455p",
          "url": "https://osv.dev/vulnerability/GHSA-5m3j-pxh7-455p"
        }
      ],
      "release_date": "2024-07-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-06T14:10:14+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2707"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "apache: cxf: org.apache.cxf:cxf-rt-rs-service-description: SSRF via WADL stylesheet parameter"
    },
    {
      "cve": "CVE-2024-32007",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2024-07-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2298828"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An improper input validation vulnerability was found in the p2c parameter in the Apache CXF JOSE. This flaw allows an attacker to perform a denial of service attack by specifying a large value for this parameter in a token.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The improper input validation vulnerability in the p2c parameter of Apache CXF JOSE is considered a moderate severity issue rather than a important one due to its limited scope and impact. While the flaw allows an attacker to specify a large value for the p2c parameter, leading to potential denial of service (DoS) attacks by causing excessive computational overhead, it does not compromise data integrity, confidentiality, or authentication mechanisms directly. The attack vector primarily affects system availability and exploiting this vulnerability requires the ability to send crafted tokens.\n\nBase EAP (7.4 and 8) and EAP XP (4 and 5) do not ship this affected CXF jaxrs artifact. cxf-rt-rs-security-jose is part of CXF\u0027s JAX-RS, and EAP uses RESTEasy, hence it\u0027s not-affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-32007"
        },
        {
          "category": "external",
          "summary": "RHBZ#2298828",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298828"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-32007",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-32007"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-32007",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32007"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-6pff-fmh2-4mmf",
          "url": "https://github.com/advisories/GHSA-6pff-fmh2-4mmf"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/stwrgsr1llb73nkl16klv9vjqgmmx633",
          "url": "https://lists.apache.org/thread/stwrgsr1llb73nkl16klv9vjqgmmx633"
        }
      ],
      "release_date": "2024-07-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-06T14:10:14+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2707"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.4.0 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE"
    }
  ]
}

ghsa-pfh2-hfmq-phg5

Vulnerability from github

Published

2023-12-27 21:31

Modified

2024-05-15 06:51

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Summary

json-path Out-of-bounds Write vulnerability

Details

json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse() method.

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.jayway.jsonpath:json-path"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.2.0"
            },
            {
              "fixed": "2.9.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-51074"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-787"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-01-09T19:28:14Z",
    "nvd_published_at": "2023-12-27T21:15:08Z",
    "severity": "MODERATE"
  },
  "details": "json-path v2.8.0 was discovered to contain a stack overflow via the `Criteria.parse()` method.",
  "id": "GHSA-pfh2-hfmq-phg5",
  "modified": "2024-05-15T06:51:25Z",
  "published": "2023-12-27T21:31:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074"
    },
    {
      "type": "WEB",
      "url": "https://github.com/json-path/JsonPath/issues/973"
    },
    {
      "type": "WEB",
      "url": "https://github.com/json-path/JsonPath/commit/71a09c1193726c010917f1157ecbb069ad6c3e3b"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/json-path/JsonPath"
    },
    {
      "type": "WEB",
      "url": "https://github.com/json-path/JsonPath/releases/tag/json-path-2.9.0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "json-path Out-of-bounds Write vulnerability"
}

fkie_cve-2023-51074

Vulnerability from fkie_nvd

Published

2023-12-27 21:15

Modified

2025-09-12 18:45

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Summary

json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse() method.

References

	URL	Tags
	cve@mitre.org	https://github.com/json-path/JsonPath/issues/973	Exploit, Issue Tracking, Third Party Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://github.com/json-path/JsonPath/issues/973	Exploit, Issue Tracking, Third Party Advisory

Impacted products

	Vendor	Product	Version
	json-path	jayway_jsonpath	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:json-path:jayway_jsonpath:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4687EA2C-6DAA-4FC9-813B-68B1235AE77E",
              "versionEndExcluding": "2.9.0",
              "versionStartIncluding": "2.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse() method."
    },
    {
      "lang": "es",
      "value": "Se descubri\u00f3 que json-path v2.8.0 conten\u00eda un desbordamiento de pila mediante el m\u00e9todo Criteria.parse()."
    }
  ],
  "id": "CVE-2023-51074",
  "lastModified": "2025-09-12T18:45:08.097",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-12-27T21:15:08.253",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://github.com/json-path/JsonPath/issues/973"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://github.com/json-path/JsonPath/issues/973"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2023-51074

Vulnerability from gsd

Modified

2023-12-18 06:01

Details

json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse() method.

Aliases

CVE-2023-51074

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-51074"
      ],
      "details": "json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse() method.",
      "id": "GSD-2023-51074",
      "modified": "2023-12-18T06:01:25.416815Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2023-51074",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse() method."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/json-path/JsonPath/issues/973",
            "refsource": "MISC",
            "url": "https://github.com/json-path/JsonPath/issues/973"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:json-path:jayway_jsonpath:2.8.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "8D81ECFA-DBD4-4079-9481-327D08E8E5A0",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse() method."
          },
          {
            "lang": "es",
            "value": "Se descubri\u00f3 que json-path v2.8.0 conten\u00eda un desbordamiento de pila mediante el m\u00e9todo Criteria.parse()."
          }
        ],
        "id": "CVE-2023-51074",
        "lastModified": "2024-01-11T20:01:29.860",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "exploitabilityScore": 3.9,
              "impactScore": 1.4,
              "source": "nvd@nist.gov",
              "type": "Primary"
            }
          ]
        },
        "published": "2023-12-27T21:15:08.253",
        "references": [
          {
            "source": "cve@mitre.org",
            "tags": [
              "Exploit",
              "Issue Tracking",
              "Third Party Advisory"
            ],
            "url": "https://github.com/json-path/JsonPath/issues/973"
          }
        ],
        "sourceIdentifier": "cve@mitre.org",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "NVD-CWE-Other"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2023-51074 (GCVE-0-2023-51074)

Vulnerability from cvelistv5

Vulnerability from csaf_certbund

Vulnerability from csaf_certbund

Vulnerability from csaf_certbund

Vulnerability from csaf_certbund

Vulnerability from csaf_certbund

Vulnerability from csaf_certbund

Vulnerability from csaf_certbund

Vulnerability from csaf_certbund

Vulnerability from certfr_avis

Solutions

Vulnerability from certfr_avis

Solutions

Vulnerability from certfr_avis

Solutions

Vulnerability from csaf_ncscnl

Vulnerability from csaf_ncscnl

Vulnerability from csaf_ncscnl

Vulnerability from csaf_ncscnl

Vulnerability from csaf_ncscnl

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from github

Vulnerability from fkie_nvd

Vulnerability from gsd

Tags

Sightings

Nomenclature