Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-47554 (GCVE-0-2024-47554)
Vulnerability from cvelistv5
Published
2024-10-03 11:32
Modified
2025-01-31 15:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-400 - Uncontrolled Resource Consumption
Summary
Uncontrolled Resource Consumption vulnerability in Apache Commons IO.
The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input.
This issue affects Apache Commons IO: from 2.0 before 2.14.0.
Users are recommended to upgrade to version 2.14.0 or later, which fixes the issue.
References
| URL | Tags | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Commons IO |
Version: 2.0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-47554",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T13:00:56.326970Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T15:03:37.949Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-01-31T15:02:47.229Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/10/03/2"
},
{
"url": "https://security.netapp.com/advisory/ntap-20250131-0010/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://repo.maven.apache.org/maven2",
"defaultStatus": "unaffected",
"packageName": "commons-io:commons-io",
"product": "Apache Commons IO",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "2.14.0",
"status": "affected",
"version": "2.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "tool",
"value": "CodeQL"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eUncontrolled Resource Consumption vulnerability in Apache Commons IO.\u003c/p\u003e\u003cp\u003eThe org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eThis issue affects Apache Commons IO: from 2.0 before 2.14.0.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 2.14.0 or later, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Uncontrolled Resource Consumption vulnerability in Apache Commons IO.\n\nThe org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input.\n\n\nThis issue affects Apache Commons IO: from 2.0 before 2.14.0.\n\nUsers are recommended to upgrade to version 2.14.0 or later, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "low"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T11:32:48.936Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-47554",
"datePublished": "2024-10-03T11:32:48.936Z",
"dateReserved": "2024-09-26T16:12:46.116Z",
"dateUpdated": "2025-01-31T15:02:47.229Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-47554\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2024-10-03T12:15:02.613\",\"lastModified\":\"2025-07-10T21:10:32.113\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Uncontrolled Resource Consumption vulnerability in Apache Commons IO.\\n\\nThe org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input.\\n\\n\\nThis issue affects Apache Commons IO: from 2.0 before 2.14.0.\\n\\nUsers are recommended to upgrade to version 2.14.0 or later, which fixes the issue.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de consumo descontrolado de recursos en Apache Commons IO. La clase org.apache.commons.io.input.XmlStreamReader puede consumir recursos de CPU en exceso al procesar una entrada manipulada con fines malintencionados. Este problema afecta a Apache Commons IO: desde la versi\u00f3n 2.0 hasta la 2.14.0. Se recomienda a los usuarios que actualicen a la versi\u00f3n 2.14.0 o posterior, que soluciona el problema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:commons_io:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0\",\"versionEndExcluding\":\"2.14.0\",\"matchCriteriaId\":\"133FC9D6-82C4-40E3-AB39-FE04E5A0BF4D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*\",\"matchCriteriaId\":\"F3E0B672-3E06-4422-B2A4-0BD073AEC2A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"B55E8D50-99B4-47EC-86F9-699B67D473CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:bluexp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC1AE8BD-EE3F-494C-9F03-D4B2B7233106\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:e-series_santricity_unified_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB695329-036B-447D-BEB0-AA4D89D1D99C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:e-series_santricity_web_services_proxy:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23F148EC-6D6D-4C4F-B57C-CFBCD3D32B41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:ontap_tools:9:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"C2D814BE-93EC-42EF-88C5-EA7E7DF07BE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:ontap_tools:10:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"5333B745-F7A3-46CB-8437-8668DB08CD6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:santricity_storage_plugin:-:*:*:*:*:vcenter:*:*\",\"matchCriteriaId\":\"82E94B87-065E-475F-815C-F49978CE22FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDFB1169-41A0-4A86-8E4F-FDA9730B1E94\"}]}]}],\"references\":[{\"url\":\"https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/10/03/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20250131-0010/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2024/10/03/2\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20250131-0010/\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-01-31T15:02:47.229Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-47554\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-03T13:00:56.326970Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-03T13:00:59.433Z\"}}], \"cna\": {\"title\": \"Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"tool\", \"value\": \"CodeQL\"}], \"metrics\": [{\"other\": {\"type\": \"Textual description of severity\", \"content\": {\"text\": \"low\"}}}], \"affected\": [{\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache Commons IO\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.0\", \"lessThan\": \"2.14.0\", \"versionType\": \"semver\"}], \"packageName\": \"commons-io:commons-io\", \"collectionURL\": \"https://repo.maven.apache.org/maven2\", \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Uncontrolled Resource Consumption vulnerability in Apache Commons IO.\\n\\nThe org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input.\\n\\n\\nThis issue affects Apache Commons IO: from 2.0 before 2.14.0.\\n\\nUsers are recommended to upgrade to version 2.14.0 or later, which fixes the issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eUncontrolled Resource Consumption vulnerability in Apache Commons IO.\u003c/p\u003e\u003cp\u003eThe org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eThis issue affects Apache Commons IO: from 2.0 before 2.14.0.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 2.14.0 or later, which fixes the issue.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400 Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"shortName\": \"apache\", \"dateUpdated\": \"2024-10-03T11:32:48.936Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-47554\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-31T15:02:47.229Z\", \"dateReserved\": \"2024-09-26T16:12:46.116Z\", \"assignerOrgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"datePublished\": \"2024-10-03T11:32:48.936Z\", \"assignerShortName\": \"apache\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2025-AVI-0756
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry isolation segment 10.2.2+LTS-T | ||
| VMware | Tanzu | Tanzu for MySQL on Cloud Foundry versions antérieures à 10.0.2 | ||
| VMware | Tanzu | Java Buildpack versions antérieures à 4.84.0 | ||
| VMware | Tanzu | Stemcells pour Ubuntu Jammy Azure Light versions antérieures à 1.894 | ||
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry isolation segment versions antérieures à 10.0.9 | ||
| VMware | Tanzu | Tanzu Scheduler versions antérieures à 2.0.20 | ||
| VMware | Tanzu | Spring Cloud Services for VMware Tanzu versions antérieures à 3.3.9 | ||
| VMware | Tanzu | Tanzu GemFire versions antérieures à 10.1.4 | ||
| VMware | Tanzu Operations Manager | Tanzu Operations Manager versions antérieures à 3.1.2 | ||
| VMware | Tanzu Platform | Tanzu Platform for Cloud Foundry isolation segment versions antérieures à 6.0.19+LTS-T | ||
| VMware | Tanzu | Single Sign-On for VMware Tanzu Application Service versions antérieures à 1.16.12 | ||
| VMware | Tanzu | Tanzu Hub versions antérieures à 10.2.1 | ||
| VMware | Tanzu | Stemcells pour Ubuntu Jammy versions antérieures à 1.894 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu Platform for Cloud Foundry isolation segment 10.2.2+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu for MySQL on Cloud Foundry versions ant\u00e9rieures \u00e0 10.0.2",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Java Buildpack versions ant\u00e9rieures \u00e0 4.84.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells pour Ubuntu Jammy Azure Light versions ant\u00e9rieures \u00e0 1.894",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform for Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 10.0.9",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Scheduler versions ant\u00e9rieures \u00e0 2.0.20",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services for VMware Tanzu versions ant\u00e9rieures \u00e0 3.3.9",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu GemFire versions ant\u00e9rieures \u00e0 10.1.4",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Operations Manager versions ant\u00e9rieures \u00e0 3.1.2",
"product": {
"name": "Tanzu Operations Manager",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform for Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 6.0.19+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On for VMware Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.12",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.2.1",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells pour Ubuntu Jammy versions ant\u00e9rieures \u00e0 1.894",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2013-1548",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1548"
},
{
"name": "CVE-2015-4779",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4779"
},
{
"name": "CVE-2015-4780",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4780"
},
{
"name": "CVE-2015-4787",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4787"
},
{
"name": "CVE-2015-4790",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4790"
},
{
"name": "CVE-2015-4778",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4778"
},
{
"name": "CVE-2015-4782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4782"
},
{
"name": "CVE-2015-4789",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4789"
},
{
"name": "CVE-2015-4764",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4764"
},
{
"name": "CVE-2015-4783",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4783"
},
{
"name": "CVE-2015-2583",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2583"
},
{
"name": "CVE-2015-4781",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4781"
},
{
"name": "CVE-2015-4776",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4776"
},
{
"name": "CVE-2015-4786",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4786"
},
{
"name": "CVE-2015-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2656"
},
{
"name": "CVE-2015-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4788"
},
{
"name": "CVE-2015-4785",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4785"
},
{
"name": "CVE-2015-4754",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4754"
},
{
"name": "CVE-2015-4775",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4775"
},
{
"name": "CVE-2015-4777",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4777"
},
{
"name": "CVE-2015-2640",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2640"
},
{
"name": "CVE-2015-4774",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4774"
},
{
"name": "CVE-2015-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2626"
},
{
"name": "CVE-2015-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2624"
},
{
"name": "CVE-2015-4784",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4784"
},
{
"name": "CVE-2015-2654",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2654"
},
{
"name": "CVE-2017-8046",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8046"
},
{
"name": "CVE-2018-3280",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3280"
},
{
"name": "CVE-2018-3137",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3137"
},
{
"name": "CVE-2018-3285",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3285"
},
{
"name": "CVE-2018-3182",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3182"
},
{
"name": "CVE-2018-3186",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3186"
},
{
"name": "CVE-2018-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3195"
},
{
"name": "CVE-2018-3286",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3286"
},
{
"name": "CVE-2018-3170",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3170"
},
{
"name": "CVE-2018-3279",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3279"
},
{
"name": "CVE-2018-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3212"
},
{
"name": "CVE-2018-3203",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3203"
},
{
"name": "CVE-2018-3145",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3145"
},
{
"name": "CVE-2019-2530",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2530"
},
{
"name": "CVE-2019-2436",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2436"
},
{
"name": "CVE-2019-2539",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2539"
},
{
"name": "CVE-2019-2494",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2494"
},
{
"name": "CVE-2019-2535",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2535"
},
{
"name": "CVE-2019-2533",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2533"
},
{
"name": "CVE-2019-2495",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2495"
},
{
"name": "CVE-2019-2513",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2513"
},
{
"name": "CVE-2019-2536",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2536"
},
{
"name": "CVE-2019-2502",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2502"
},
{
"name": "CVE-2019-2634",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2634"
},
{
"name": "CVE-2019-2587",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2587"
},
{
"name": "CVE-2019-2584",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2584"
},
{
"name": "CVE-2019-2691",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2691"
},
{
"name": "CVE-2019-2606",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2606"
},
{
"name": "CVE-2019-2630",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2630"
},
{
"name": "CVE-2019-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2624"
},
{
"name": "CVE-2019-2623",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2623"
},
{
"name": "CVE-2019-2695",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2695"
},
{
"name": "CVE-2019-2596",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2596"
},
{
"name": "CVE-2019-2580",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2580"
},
{
"name": "CVE-2019-2644",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2644"
},
{
"name": "CVE-2019-2681",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2681"
},
{
"name": "CVE-2019-2617",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2617"
},
{
"name": "CVE-2019-2636",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2636"
},
{
"name": "CVE-2019-2689",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2689"
},
{
"name": "CVE-2019-2693",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2693"
},
{
"name": "CVE-2019-2593",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2593"
},
{
"name": "CVE-2019-2625",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2625"
},
{
"name": "CVE-2019-2585",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2585"
},
{
"name": "CVE-2019-2631",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2631"
},
{
"name": "CVE-2019-2694",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2694"
},
{
"name": "CVE-2019-2620",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2620"
},
{
"name": "CVE-2019-2688",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2688"
},
{
"name": "CVE-2019-2589",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2589"
},
{
"name": "CVE-2019-2635",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2635"
},
{
"name": "CVE-2019-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2626"
},
{
"name": "CVE-2019-2686",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2686"
},
{
"name": "CVE-2019-2685",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2685"
},
{
"name": "CVE-2019-2687",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2687"
},
{
"name": "CVE-2019-2607",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2607"
},
{
"name": "CVE-2019-7317",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7317"
},
{
"name": "CVE-2019-2811",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2811"
},
{
"name": "CVE-2019-2740",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2740"
},
{
"name": "CVE-2019-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2879"
},
{
"name": "CVE-2019-2808",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2808"
},
{
"name": "CVE-2019-2738",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2738"
},
{
"name": "CVE-2019-2819",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2819"
},
{
"name": "CVE-2019-2737",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2737"
},
{
"name": "CVE-2019-2814",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2814"
},
{
"name": "CVE-2019-2778",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2778"
},
{
"name": "CVE-2019-2822",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2822"
},
{
"name": "CVE-2019-2802",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2802"
},
{
"name": "CVE-2019-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2803"
},
{
"name": "CVE-2019-2752",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2752"
},
{
"name": "CVE-2019-2826",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2826"
},
{
"name": "CVE-2019-2784",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2784"
},
{
"name": "CVE-2019-2789",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2789"
},
{
"name": "CVE-2019-2801",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2801"
},
{
"name": "CVE-2019-2791",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2791"
},
{
"name": "CVE-2019-2798",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2798"
},
{
"name": "CVE-2019-2796",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2796"
},
{
"name": "CVE-2019-2815",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2815"
},
{
"name": "CVE-2019-2810",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2810"
},
{
"name": "CVE-2019-2780",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2780"
},
{
"name": "CVE-2019-2758",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2758"
},
{
"name": "CVE-2019-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2757"
},
{
"name": "CVE-2019-2785",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2785"
},
{
"name": "CVE-2019-2747",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2747"
},
{
"name": "CVE-2019-2741",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2741"
},
{
"name": "CVE-2019-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2830"
},
{
"name": "CVE-2019-2834",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2834"
},
{
"name": "CVE-2019-2743",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2743"
},
{
"name": "CVE-2019-2739",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2739"
},
{
"name": "CVE-2019-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2805"
},
{
"name": "CVE-2019-2797",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2797"
},
{
"name": "CVE-2019-2774",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2774"
},
{
"name": "CVE-2019-2795",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2795"
},
{
"name": "CVE-2019-2746",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2746"
},
{
"name": "CVE-2019-2812",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2812"
},
{
"name": "CVE-2019-2924",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2924"
},
{
"name": "CVE-2019-2914",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2914"
},
{
"name": "CVE-2019-2960",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2960"
},
{
"name": "CVE-2019-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2923"
},
{
"name": "CVE-2019-2968",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2968"
},
{
"name": "CVE-2019-2993",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2993"
},
{
"name": "CVE-2019-3009",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3009"
},
{
"name": "CVE-2019-2969",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2969"
},
{
"name": "CVE-2019-3011",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3011"
},
{
"name": "CVE-2019-2967",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2967"
},
{
"name": "CVE-2019-2946",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2946"
},
{
"name": "CVE-2019-2966",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2966"
},
{
"name": "CVE-2019-2957",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2957"
},
{
"name": "CVE-2019-2948",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2948"
},
{
"name": "CVE-2019-2922",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2922"
},
{
"name": "CVE-2019-3004",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3004"
},
{
"name": "CVE-2019-2998",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2998"
},
{
"name": "CVE-2019-2911",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2911"
},
{
"name": "CVE-2019-2950",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2950"
},
{
"name": "CVE-2019-2910",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2910"
},
{
"name": "CVE-2019-3018",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3018"
},
{
"name": "CVE-2019-2974",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2974"
},
{
"name": "CVE-2019-2991",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2991"
},
{
"name": "CVE-2019-2997",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2997"
},
{
"name": "CVE-2019-2938",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2938"
},
{
"name": "CVE-2019-3003",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3003"
},
{
"name": "CVE-2019-2982",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2982"
},
{
"name": "CVE-2019-2963",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2963"
},
{
"name": "CVE-2020-2579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2579"
},
{
"name": "CVE-2020-2584",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2584"
},
{
"name": "CVE-2020-2577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2577"
},
{
"name": "CVE-2020-2679",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2679"
},
{
"name": "CVE-2020-2570",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2570"
},
{
"name": "CVE-2020-2572",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2572"
},
{
"name": "CVE-2020-2627",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2627"
},
{
"name": "CVE-2020-2660",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2660"
},
{
"name": "CVE-2020-2589",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2589"
},
{
"name": "CVE-2020-2573",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2573"
},
{
"name": "CVE-2020-2686",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2686"
},
{
"name": "CVE-2020-2694",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2694"
},
{
"name": "CVE-2020-2574",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2574"
},
{
"name": "CVE-2020-2770",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2770"
},
{
"name": "CVE-2020-2925",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2925"
},
{
"name": "CVE-2020-2853",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2853"
},
{
"name": "CVE-2020-2774",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2774"
},
{
"name": "CVE-2020-2928",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2928"
},
{
"name": "CVE-2020-2897",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2897"
},
{
"name": "CVE-2020-2812",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2812"
},
{
"name": "CVE-2020-2765",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2765"
},
{
"name": "CVE-2020-2761",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2761"
},
{
"name": "CVE-2020-2790",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2790"
},
{
"name": "CVE-2020-2752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2752"
},
{
"name": "CVE-2020-2904",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2904"
},
{
"name": "CVE-2020-2893",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2893"
},
{
"name": "CVE-2020-2760",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2760"
},
{
"name": "CVE-2020-2780",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2780"
},
{
"name": "CVE-2020-2903",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2903"
},
{
"name": "CVE-2020-2924",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2924"
},
{
"name": "CVE-2020-2806",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2806"
},
{
"name": "CVE-2020-2922",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2922"
},
{
"name": "CVE-2020-2901",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2901"
},
{
"name": "CVE-2020-2926",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2926"
},
{
"name": "CVE-2020-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2923"
},
{
"name": "CVE-2020-2921",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2921"
},
{
"name": "CVE-2020-2779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2779"
},
{
"name": "CVE-2020-2892",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2892"
},
{
"name": "CVE-2020-2896",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2896"
},
{
"name": "CVE-2020-2804",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2804"
},
{
"name": "CVE-2020-2895",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2895"
},
{
"name": "CVE-2020-2930",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2930"
},
{
"name": "CVE-2020-2814",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2814"
},
{
"name": "CVE-2020-2759",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2759"
},
{
"name": "CVE-2020-2763",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2763"
},
{
"name": "CVE-2020-14550",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14550"
},
{
"name": "CVE-2020-14567",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14567"
},
{
"name": "CVE-2020-14559",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14559"
},
{
"name": "CVE-2020-14576",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14576"
},
{
"name": "CVE-2020-14540",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14540"
},
{
"name": "CVE-2020-14547",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14547"
},
{
"name": "CVE-2020-14553",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14553"
},
{
"name": "CVE-2020-14539",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14539"
},
{
"name": "CVE-2020-14845",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14845"
},
{
"name": "CVE-2020-14799",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14799"
},
{
"name": "CVE-2020-14793",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14793"
},
{
"name": "CVE-2020-14888",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14888"
},
{
"name": "CVE-2020-14790",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14790"
},
{
"name": "CVE-2020-14789",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14789"
},
{
"name": "CVE-2020-14672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14672"
},
{
"name": "CVE-2020-14846",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14846"
},
{
"name": "CVE-2020-14771",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14771"
},
{
"name": "CVE-2020-14873",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14873"
},
{
"name": "CVE-2020-14791",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14791"
},
{
"name": "CVE-2020-14769",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14769"
},
{
"name": "CVE-2020-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14844"
},
{
"name": "CVE-2020-14809",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14809"
},
{
"name": "CVE-2020-14860",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14860"
},
{
"name": "CVE-2020-14866",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14866"
},
{
"name": "CVE-2020-14861",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14861"
},
{
"name": "CVE-2020-14773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14773"
},
{
"name": "CVE-2020-14776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14776"
},
{
"name": "CVE-2020-14852",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14852"
},
{
"name": "CVE-2020-14760",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14760"
},
{
"name": "CVE-2020-14870",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14870"
},
{
"name": "CVE-2020-14837",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14837"
},
{
"name": "CVE-2020-14893",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14893"
},
{
"name": "CVE-2020-14836",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14836"
},
{
"name": "CVE-2020-14829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14829"
},
{
"name": "CVE-2020-14868",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14868"
},
{
"name": "CVE-2020-14827",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14827"
},
{
"name": "CVE-2020-14839",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14839"
},
{
"name": "CVE-2020-14777",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14777"
},
{
"name": "CVE-2020-14812",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14812"
},
{
"name": "CVE-2020-14775",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14775"
},
{
"name": "CVE-2020-14838",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14838"
},
{
"name": "CVE-2020-14869",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14869"
},
{
"name": "CVE-2020-14765",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14765"
},
{
"name": "CVE-2020-14814",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14814"
},
{
"name": "CVE-2020-14821",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14821"
},
{
"name": "CVE-2020-14830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14830"
},
{
"name": "CVE-2020-14828",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14828"
},
{
"name": "CVE-2020-14804",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14804"
},
{
"name": "CVE-2020-14800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14800"
},
{
"name": "CVE-2020-14891",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14891"
},
{
"name": "CVE-2020-14848",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14848"
},
{
"name": "CVE-2020-14867",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14867"
},
{
"name": "CVE-2020-14785",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14785"
},
{
"name": "CVE-2020-14794",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14794"
},
{
"name": "CVE-2020-14786",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14786"
},
{
"name": "CVE-2020-15358",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
},
{
"name": "CVE-2020-1971",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
},
{
"name": "CVE-2021-2010",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2010"
},
{
"name": "CVE-2021-2001",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2001"
},
{
"name": "CVE-2021-2060",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2060"
},
{
"name": "CVE-2021-2014",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2014"
},
{
"name": "CVE-2021-2032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2032"
},
{
"name": "CVE-2021-2036",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2036"
},
{
"name": "CVE-2021-2007",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2007"
},
{
"name": "CVE-2021-2011",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2011"
},
{
"name": "CVE-2021-2022",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2022"
},
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2021-2308",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2308"
},
{
"name": "CVE-2021-2213",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2213"
},
{
"name": "CVE-2021-2172",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2172"
},
{
"name": "CVE-2021-2293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2293"
},
{
"name": "CVE-2021-2208",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2208"
},
{
"name": "CVE-2021-2196",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2196"
},
{
"name": "CVE-2021-2194",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2194"
},
{
"name": "CVE-2021-2298",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2298"
},
{
"name": "CVE-2021-2162",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2162"
},
{
"name": "CVE-2021-2179",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2179"
},
{
"name": "CVE-2021-2307",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2307"
},
{
"name": "CVE-2021-2217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2217"
},
{
"name": "CVE-2021-2180",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2180"
},
{
"name": "CVE-2021-2203",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2203"
},
{
"name": "CVE-2021-2144",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2144"
},
{
"name": "CVE-2021-2226",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2226"
},
{
"name": "CVE-2021-2232",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2232"
},
{
"name": "CVE-2021-2169",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2169"
},
{
"name": "CVE-2021-2301",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2301"
},
{
"name": "CVE-2021-2202",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2202"
},
{
"name": "CVE-2021-2166",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2166"
},
{
"name": "CVE-2021-2174",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2174"
},
{
"name": "CVE-2021-2154",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2154"
},
{
"name": "CVE-2021-2193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2193"
},
{
"name": "CVE-2021-2300",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2300"
},
{
"name": "CVE-2021-2299",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2299"
},
{
"name": "CVE-2021-2212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2212"
},
{
"name": "CVE-2021-2178",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2178"
},
{
"name": "CVE-2021-2146",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2146"
},
{
"name": "CVE-2021-2230",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2230"
},
{
"name": "CVE-2021-2278",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2278"
},
{
"name": "CVE-2021-2164",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2164"
},
{
"name": "CVE-2021-2201",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2201"
},
{
"name": "CVE-2021-2170",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2170"
},
{
"name": "CVE-2021-2304",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2304"
},
{
"name": "CVE-2021-2160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2160"
},
{
"name": "CVE-2021-2171",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2171"
},
{
"name": "CVE-2021-2305",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2305"
},
{
"name": "CVE-2021-2215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2215"
},
{
"name": "CVE-2021-25214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25214"
},
{
"name": "CVE-2012-6153",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6153"
},
{
"name": "CVE-2020-10878",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10878"
},
{
"name": "CVE-2021-2370",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2370"
},
{
"name": "CVE-2021-2389",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2389"
},
{
"name": "CVE-2021-2444",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2444"
},
{
"name": "CVE-2021-2429",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2429"
},
{
"name": "CVE-2021-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2426"
},
{
"name": "CVE-2021-2427",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2427"
},
{
"name": "CVE-2021-2339",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2339"
},
{
"name": "CVE-2021-2425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2425"
},
{
"name": "CVE-2021-2387",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2387"
},
{
"name": "CVE-2021-2383",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2383"
},
{
"name": "CVE-2021-2372",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2372"
},
{
"name": "CVE-2021-2399",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2399"
},
{
"name": "CVE-2021-2384",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2384"
},
{
"name": "CVE-2021-2412",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2412"
},
{
"name": "CVE-2021-2441",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2441"
},
{
"name": "CVE-2021-2410",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2410"
},
{
"name": "CVE-2021-2342",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2342"
},
{
"name": "CVE-2021-2437",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2437"
},
{
"name": "CVE-2021-2417",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2417"
},
{
"name": "CVE-2021-2424",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2424"
},
{
"name": "CVE-2021-2385",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2385"
},
{
"name": "CVE-2021-2357",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2357"
},
{
"name": "CVE-2021-2352",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2352"
},
{
"name": "CVE-2021-2402",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2402"
},
{
"name": "CVE-2021-2440",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2440"
},
{
"name": "CVE-2021-2340",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2340"
},
{
"name": "CVE-2021-2390",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2390"
},
{
"name": "CVE-2021-2374",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2374"
},
{
"name": "CVE-2021-2356",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2356"
},
{
"name": "CVE-2021-2411",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2411"
},
{
"name": "CVE-2021-2418",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2418"
},
{
"name": "CVE-2021-2367",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2367"
},
{
"name": "CVE-2021-2354",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2354"
},
{
"name": "CVE-2021-2422",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2422"
},
{
"name": "CVE-2020-10543",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10543"
},
{
"name": "CVE-2020-12723",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12723"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2021-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
},
{
"name": "CVE-2020-28500",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28500"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2019-2708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2708"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2021-35640",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35640"
},
{
"name": "CVE-2021-35626",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35626"
},
{
"name": "CVE-2021-2478",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2478"
},
{
"name": "CVE-2021-35624",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35624"
},
{
"name": "CVE-2021-35583",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35583"
},
{
"name": "CVE-2021-35628",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35628"
},
{
"name": "CVE-2021-35630",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35630"
},
{
"name": "CVE-2021-35644",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35644"
},
{
"name": "CVE-2021-2479",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2479"
},
{
"name": "CVE-2021-35638",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35638"
},
{
"name": "CVE-2021-35646",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35646"
},
{
"name": "CVE-2021-35596",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35596"
},
{
"name": "CVE-2021-35643",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35643"
},
{
"name": "CVE-2021-35637",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35637"
},
{
"name": "CVE-2021-35623",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35623"
},
{
"name": "CVE-2021-35632",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35632"
},
{
"name": "CVE-2021-35641",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35641"
},
{
"name": "CVE-2021-35604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35604"
},
{
"name": "CVE-2021-35636",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35636"
},
{
"name": "CVE-2021-35546",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35546"
},
{
"name": "CVE-2021-35627",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35627"
},
{
"name": "CVE-2021-35625",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35625"
},
{
"name": "CVE-2021-35608",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35608"
},
{
"name": "CVE-2021-35597",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35597"
},
{
"name": "CVE-2021-35537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35537"
},
{
"name": "CVE-2021-2481",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2481"
},
{
"name": "CVE-2021-35622",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35622"
},
{
"name": "CVE-2021-35610",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35610"
},
{
"name": "CVE-2021-35633",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35633"
},
{
"name": "CVE-2021-35634",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35634"
},
{
"name": "CVE-2021-35629",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35629"
},
{
"name": "CVE-2021-35631",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35631"
},
{
"name": "CVE-2021-35645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35645"
},
{
"name": "CVE-2021-35647",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35647"
},
{
"name": "CVE-2021-35612",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35612"
},
{
"name": "CVE-2021-35639",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35639"
},
{
"name": "CVE-2021-35648",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35648"
},
{
"name": "CVE-2021-35607",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35607"
},
{
"name": "CVE-2021-35602",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35602"
},
{
"name": "CVE-2021-35577",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35577"
},
{
"name": "CVE-2021-35642",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35642"
},
{
"name": "CVE-2021-35575",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35575"
},
{
"name": "CVE-2021-35635",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35635"
},
{
"name": "CVE-2021-35591",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35591"
},
{
"name": "CVE-2021-25219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25219"
},
{
"name": "CVE-2021-3875",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3875"
},
{
"name": "CVE-2019-10744",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10744"
},
{
"name": "CVE-2022-21352",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21352"
},
{
"name": "CVE-2022-21304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21304"
},
{
"name": "CVE-2022-21254",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21254"
},
{
"name": "CVE-2022-21265",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21265"
},
{
"name": "CVE-2022-21348",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21348"
},
{
"name": "CVE-2022-21372",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21372"
},
{
"name": "CVE-2022-21245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21245"
},
{
"name": "CVE-2022-21368",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21368"
},
{
"name": "CVE-2022-21339",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21339"
},
{
"name": "CVE-2022-21264",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21264"
},
{
"name": "CVE-2022-21297",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21297"
},
{
"name": "CVE-2022-21379",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21379"
},
{
"name": "CVE-2022-21253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21253"
},
{
"name": "CVE-2022-21301",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21301"
},
{
"name": "CVE-2022-21378",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21378"
},
{
"name": "CVE-2022-21370",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21370"
},
{
"name": "CVE-2022-21302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21302"
},
{
"name": "CVE-2022-21249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21249"
},
{
"name": "CVE-2022-21344",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21344"
},
{
"name": "CVE-2022-21270",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21270"
},
{
"name": "CVE-2022-21367",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21367"
},
{
"name": "CVE-2022-21342",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21342"
},
{
"name": "CVE-2022-21362",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21362"
},
{
"name": "CVE-2022-21303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21303"
},
{
"name": "CVE-2022-21256",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21256"
},
{
"name": "CVE-2022-21358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21358"
},
{
"name": "CVE-2022-21374",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21374"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2020-8203",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8203"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2022-2795",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2795"
},
{
"name": "CVE-2022-34903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
},
{
"name": "CVE-2022-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2021-4193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4193"
},
{
"name": "CVE-2020-15366",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15366"
},
{
"name": "CVE-2022-22965",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22965"
},
{
"name": "CVE-2022-0213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0213"
},
{
"name": "CVE-2022-21418",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21418"
},
{
"name": "CVE-2022-21412",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21412"
},
{
"name": "CVE-2022-21437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21437"
},
{
"name": "CVE-2022-21478",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21478"
},
{
"name": "CVE-2022-21479",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21479"
},
{
"name": "CVE-2022-21438",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21438"
},
{
"name": "CVE-2022-21440",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21440"
},
{
"name": "CVE-2022-21451",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21451"
},
{
"name": "CVE-2022-21427",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21427"
},
{
"name": "CVE-2022-21415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21415"
},
{
"name": "CVE-2022-21459",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21459"
},
{
"name": "CVE-2022-21460",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21460"
},
{
"name": "CVE-2022-21414",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21414"
},
{
"name": "CVE-2022-21413",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21413"
},
{
"name": "CVE-2022-21436",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21436"
},
{
"name": "CVE-2022-21435",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21435"
},
{
"name": "CVE-2022-21462",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21462"
},
{
"name": "CVE-2022-21444",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21444"
},
{
"name": "CVE-2022-21417",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21417"
},
{
"name": "CVE-2022-21457",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21457"
},
{
"name": "CVE-2022-21425",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21425"
},
{
"name": "CVE-2022-21452",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21452"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2021-4122",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4122"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2017-11164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
},
{
"name": "CVE-2022-21525",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21525"
},
{
"name": "CVE-2022-21537",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21537"
},
{
"name": "CVE-2022-21455",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21455"
},
{
"name": "CVE-2022-21534",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21534"
},
{
"name": "CVE-2022-21528",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21528"
},
{
"name": "CVE-2022-21529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21529"
},
{
"name": "CVE-2022-21531",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21531"
},
{
"name": "CVE-2022-21515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21515"
},
{
"name": "CVE-2022-21538",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21538"
},
{
"name": "CVE-2022-21527",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21527"
},
{
"name": "CVE-2022-21517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21517"
},
{
"name": "CVE-2022-21539",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21539"
},
{
"name": "CVE-2022-21556",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21556"
},
{
"name": "CVE-2022-21509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21509"
},
{
"name": "CVE-2022-21553",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21553"
},
{
"name": "CVE-2022-21530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21530"
},
{
"name": "CVE-2022-21522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21522"
},
{
"name": "CVE-2022-21547",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21547"
},
{
"name": "CVE-2022-21569",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21569"
},
{
"name": "CVE-2022-21526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21526"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2021-25220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25220"
},
{
"name": "CVE-2022-0396",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0396"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2012-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
},
{
"name": "CVE-2022-21592",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21592"
},
{
"name": "CVE-2022-21617",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21617"
},
{
"name": "CVE-2022-21595",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21595"
},
{
"name": "CVE-2022-21608",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21608"
},
{
"name": "CVE-2022-21589",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21589"
},
{
"name": "CVE-2023-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21863"
},
{
"name": "CVE-2023-21873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21873"
},
{
"name": "CVE-2023-21879",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21879"
},
{
"name": "CVE-2023-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21880"
},
{
"name": "CVE-2023-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21869"
},
{
"name": "CVE-2023-21872",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21872"
},
{
"name": "CVE-2023-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21877"
},
{
"name": "CVE-2023-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21870"
},
{
"name": "CVE-2023-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21887"
},
{
"name": "CVE-2023-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21836"
},
{
"name": "CVE-2023-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21881"
},
{
"name": "CVE-2023-21876",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21876"
},
{
"name": "CVE-2023-21840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21840"
},
{
"name": "CVE-2023-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21878"
},
{
"name": "CVE-2023-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21866"
},
{
"name": "CVE-2023-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21875"
},
{
"name": "CVE-2023-21865",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21865"
},
{
"name": "CVE-2023-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21883"
},
{
"name": "CVE-2023-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21867"
},
{
"name": "CVE-2023-21874",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21874"
},
{
"name": "CVE-2023-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21871"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2022-4415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2023-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21963"
},
{
"name": "CVE-2023-21977",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21977"
},
{
"name": "CVE-2023-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21912"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2023-20873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20873"
},
{
"name": "CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2023-22053",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22053"
},
{
"name": "CVE-2023-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22007"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2022-25883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2023-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22097"
},
{
"name": "CVE-2023-22084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22084"
},
{
"name": "CVE-2023-22026",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22026"
},
{
"name": "CVE-2023-22028",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22028"
},
{
"name": "CVE-2023-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22015"
},
{
"name": "CVE-2023-22103",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22103"
},
{
"name": "CVE-2023-22068",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22068"
},
{
"name": "CVE-2023-22078",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22078"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2023-22059",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22059"
},
{
"name": "CVE-2023-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22066"
},
{
"name": "CVE-2023-22114",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22114"
},
{
"name": "CVE-2023-22070",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22070"
},
{
"name": "CVE-2023-22032",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22032"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"name": "CVE-2021-22570",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22570"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2023-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2022-48522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2022-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2021-20193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20193"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-47100",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47100"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2022-27772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27772"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2023-6481",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6481"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-26686",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26686"
},
{
"name": "CVE-2023-52572",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52572"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2023-3138",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3138"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2023-31486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31486"
},
{
"name": "CVE-2024-26739",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26739"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2023-52757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52757"
},
{
"name": "CVE-2024-35866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35866"
},
{
"name": "CVE-2024-35867",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35867"
},
{
"name": "CVE-2024-35943",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35943"
},
{
"name": "CVE-2024-28180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2024-35790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35790"
},
{
"name": "CVE-2024-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
},
{
"name": "CVE-2024-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2004"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2024-35195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
},
{
"name": "CVE-2024-36945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
},
{
"name": "CVE-2024-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
},
{
"name": "CVE-2024-38541",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2024-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2024-21137",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21137"
},
{
"name": "CVE-2024-0760",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0760"
},
{
"name": "CVE-2024-1737",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1737"
},
{
"name": "CVE-2024-1975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1975"
},
{
"name": "CVE-2024-28835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2024-36908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36908"
},
{
"name": "CVE-2024-27402",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27402"
},
{
"name": "CVE-2024-37891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2024-38808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
},
{
"name": "CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"name": "CVE-2024-42230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42230"
},
{
"name": "CVE-2024-38807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38807"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2022-48893",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48893"
},
{
"name": "CVE-2024-42322",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42322"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2023-5841",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5841"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2023-6246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6246"
},
{
"name": "CVE-2024-46812",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46812"
},
{
"name": "CVE-2024-46821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46821"
},
{
"name": "CVE-2024-46751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46751"
},
{
"name": "CVE-2024-46753",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46753"
},
{
"name": "CVE-2024-46774",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46774"
},
{
"name": "CVE-2024-46787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
},
{
"name": "CVE-2022-21454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21454"
},
{
"name": "CVE-2024-21193",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21193"
},
{
"name": "CVE-2024-21194",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21194"
},
{
"name": "CVE-2024-21196",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21196"
},
{
"name": "CVE-2024-21197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21197"
},
{
"name": "CVE-2024-21198",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21198"
},
{
"name": "CVE-2024-21199",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21199"
},
{
"name": "CVE-2024-21201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21201"
},
{
"name": "CVE-2024-21207",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21207"
},
{
"name": "CVE-2024-21209",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21209"
},
{
"name": "CVE-2024-21212",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21212"
},
{
"name": "CVE-2024-21213",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21213"
},
{
"name": "CVE-2024-21219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21219"
},
{
"name": "CVE-2024-21236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21236"
},
{
"name": "CVE-2024-21239",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21239"
},
{
"name": "CVE-2024-21241",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21241"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2024-10487",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10487"
},
{
"name": "CVE-2024-10458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10458"
},
{
"name": "CVE-2024-10459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10459"
},
{
"name": "CVE-2024-10460",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10460"
},
{
"name": "CVE-2024-10461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10461"
},
{
"name": "CVE-2024-10462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10462"
},
{
"name": "CVE-2024-10463",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10463"
},
{
"name": "CVE-2024-10464",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10464"
},
{
"name": "CVE-2024-10465",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10465"
},
{
"name": "CVE-2024-10466",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10466"
},
{
"name": "CVE-2024-10467",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10467"
},
{
"name": "CVE-2024-10468",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10468"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2024-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38286"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2024-46816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46816"
},
{
"name": "CVE-2024-11395",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11395"
},
{
"name": "CVE-2024-49960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49960"
},
{
"name": "CVE-2024-50047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
},
{
"name": "CVE-2024-50073",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50073"
},
{
"name": "CVE-2024-11691",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11691"
},
{
"name": "CVE-2024-11692",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11692"
},
{
"name": "CVE-2024-11693",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11693"
},
{
"name": "CVE-2024-11694",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11694"
},
{
"name": "CVE-2024-11695",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11695"
},
{
"name": "CVE-2024-11696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11696"
},
{
"name": "CVE-2024-11697",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11697"
},
{
"name": "CVE-2024-11698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11698"
},
{
"name": "CVE-2024-11699",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11699"
},
{
"name": "CVE-2024-11700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11700"
},
{
"name": "CVE-2024-11701",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11701"
},
{
"name": "CVE-2024-11702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11702"
},
{
"name": "CVE-2024-11703",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11703"
},
{
"name": "CVE-2024-11704",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11704"
},
{
"name": "CVE-2024-11705",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11705"
},
{
"name": "CVE-2024-11706",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11706"
},
{
"name": "CVE-2024-11708",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11708"
},
{
"name": "CVE-2024-50272",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50272"
},
{
"name": "CVE-2024-50280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50280"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2024-49989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49989"
},
{
"name": "CVE-2024-50125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50125"
},
{
"name": "CVE-2024-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53051"
},
{
"name": "CVE-2024-53144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53144"
},
{
"name": "CVE-2024-8805",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8805"
},
{
"name": "CVE-2025-0237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0237"
},
{
"name": "CVE-2025-0238",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0238"
},
{
"name": "CVE-2025-0239",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0239"
},
{
"name": "CVE-2025-0240",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0240"
},
{
"name": "CVE-2025-0241",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0241"
},
{
"name": "CVE-2025-0242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0242"
},
{
"name": "CVE-2025-0243",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0243"
},
{
"name": "CVE-2025-0245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0245"
},
{
"name": "CVE-2025-0247",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0247"
},
{
"name": "CVE-2025-0434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0434"
},
{
"name": "CVE-2025-0435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0435"
},
{
"name": "CVE-2025-0436",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0436"
},
{
"name": "CVE-2025-0437",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0437"
},
{
"name": "CVE-2025-0438",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0438"
},
{
"name": "CVE-2025-0439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0439"
},
{
"name": "CVE-2025-0440",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0440"
},
{
"name": "CVE-2025-0441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0441"
},
{
"name": "CVE-2025-0442",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0442"
},
{
"name": "CVE-2025-0443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0443"
},
{
"name": "CVE-2025-0446",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0446"
},
{
"name": "CVE-2025-0447",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0447"
},
{
"name": "CVE-2025-0448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0448"
},
{
"name": "CVE-2025-21523",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21523"
},
{
"name": "CVE-2025-0612",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0612"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-0444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0444"
},
{
"name": "CVE-2025-0445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0445"
},
{
"name": "CVE-2025-0451",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0451"
},
{
"name": "CVE-2025-0762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0762"
},
{
"name": "CVE-2025-1009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1009"
},
{
"name": "CVE-2025-1010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1010"
},
{
"name": "CVE-2025-1011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1011"
},
{
"name": "CVE-2025-1012",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1012"
},
{
"name": "CVE-2025-1013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1013"
},
{
"name": "CVE-2025-1014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1014"
},
{
"name": "CVE-2024-56664",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56664"
},
{
"name": "CVE-2025-1016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1016"
},
{
"name": "CVE-2025-1017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1017"
},
{
"name": "CVE-2025-1018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1018"
},
{
"name": "CVE-2025-1019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1019"
},
{
"name": "CVE-2025-1020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1020"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2024-50258",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50258"
},
{
"name": "CVE-2024-53203",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53203"
},
{
"name": "CVE-2024-53128",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53128"
},
{
"name": "CVE-2025-0995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0995"
},
{
"name": "CVE-2025-0996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0996"
},
{
"name": "CVE-2025-0997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0997"
},
{
"name": "CVE-2025-0998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0998"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2025-1414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1414"
},
{
"name": "CVE-2025-0999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0999"
},
{
"name": "CVE-2025-1006",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1006"
},
{
"name": "CVE-2025-1426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1426"
},
{
"name": "CVE-2024-56751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56751"
},
{
"name": "CVE-2023-39017",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39017"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2025-1914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1914"
},
{
"name": "CVE-2025-1915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1915"
},
{
"name": "CVE-2025-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1916"
},
{
"name": "CVE-2025-1917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1917"
},
{
"name": "CVE-2025-1918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1918"
},
{
"name": "CVE-2025-1919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1919"
},
{
"name": "CVE-2025-1921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1921"
},
{
"name": "CVE-2025-1922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1922"
},
{
"name": "CVE-2025-1923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1923"
},
{
"name": "CVE-2025-1930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1930"
},
{
"name": "CVE-2025-1931",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1931"
},
{
"name": "CVE-2025-1932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1932"
},
{
"name": "CVE-2025-1933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1933"
},
{
"name": "CVE-2025-1934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1934"
},
{
"name": "CVE-2025-1935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1935"
},
{
"name": "CVE-2025-1936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1936"
},
{
"name": "CVE-2025-1937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1937"
},
{
"name": "CVE-2025-1938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1938"
},
{
"name": "CVE-2025-1939",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1939"
},
{
"name": "CVE-2025-1940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1940"
},
{
"name": "CVE-2025-1941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1941"
},
{
"name": "CVE-2025-1942",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1942"
},
{
"name": "CVE-2025-1943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1943"
},
{
"name": "CVE-2025-1920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1920"
},
{
"name": "CVE-2025-2135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2135"
},
{
"name": "CVE-2025-2136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2136"
},
{
"name": "CVE-2025-2137",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2137"
},
{
"name": "CVE-2025-24813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
},
{
"name": "CVE-2024-6763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6763"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2024-45772",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45772"
},
{
"name": "CVE-2025-2476",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2476"
},
{
"name": "CVE-2025-2857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2857"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-2783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2783"
},
{
"name": "CVE-2022-49063",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49063"
},
{
"name": "CVE-2022-49535",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49535"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2025-3066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3066"
},
{
"name": "CVE-2025-3067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3067"
},
{
"name": "CVE-2025-3068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3068"
},
{
"name": "CVE-2025-3071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3071"
},
{
"name": "CVE-2025-3072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3072"
},
{
"name": "CVE-2025-3073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3073"
},
{
"name": "CVE-2025-3074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3074"
},
{
"name": "CVE-2025-3028",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3028"
},
{
"name": "CVE-2025-3029",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3029"
},
{
"name": "CVE-2025-3030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3030"
},
{
"name": "CVE-2025-3031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3031"
},
{
"name": "CVE-2025-3032",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3032"
},
{
"name": "CVE-2025-3033",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3033"
},
{
"name": "CVE-2025-3034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3034"
},
{
"name": "CVE-2025-3035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3035"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2025-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3608"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2025-21588",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21588"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2025-3619",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3619"
},
{
"name": "CVE-2025-3620",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3620"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2025-4050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4050"
},
{
"name": "CVE-2025-4051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4051"
},
{
"name": "CVE-2025-4052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4052"
},
{
"name": "CVE-2025-4096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4096"
},
{
"name": "CVE-2025-2817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2817"
},
{
"name": "CVE-2025-4082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4082"
},
{
"name": "CVE-2025-4083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4083"
},
{
"name": "CVE-2025-4085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4085"
},
{
"name": "CVE-2025-4087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4087"
},
{
"name": "CVE-2025-4088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4088"
},
{
"name": "CVE-2025-4089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4089"
},
{
"name": "CVE-2025-4090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4090"
},
{
"name": "CVE-2025-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4091"
},
{
"name": "CVE-2025-4092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4092"
},
{
"name": "CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"name": "CVE-2024-46742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46742"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
},
{
"name": "CVE-2025-22027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22027"
},
{
"name": "CVE-2025-22035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22035"
},
{
"name": "CVE-2025-22044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-22050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
},
{
"name": "CVE-2025-22054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22054"
},
{
"name": "CVE-2025-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
},
{
"name": "CVE-2025-22056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22056"
},
{
"name": "CVE-2025-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
},
{
"name": "CVE-2025-22063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
},
{
"name": "CVE-2025-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22066"
},
{
"name": "CVE-2025-22071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22071"
},
{
"name": "CVE-2025-22073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22073"
},
{
"name": "CVE-2025-22075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
},
{
"name": "CVE-2025-22079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22079"
},
{
"name": "CVE-2025-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22081"
},
{
"name": "CVE-2025-22086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
},
{
"name": "CVE-2025-22089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22089"
},
{
"name": "CVE-2025-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
},
{
"name": "CVE-2025-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
},
{
"name": "CVE-2025-23138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-37838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37838"
},
{
"name": "CVE-2025-38152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38152"
},
{
"name": "CVE-2025-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38575"
},
{
"name": "CVE-2025-38637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
},
{
"name": "CVE-2025-39728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
},
{
"name": "CVE-2025-39735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2025-29087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29087"
},
{
"name": "CVE-2025-3277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3277"
},
{
"name": "CVE-2025-4609",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4609"
},
{
"name": "CVE-2025-4664",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4664"
},
{
"name": "CVE-2025-4372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4372"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2025-4918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4918"
},
{
"name": "CVE-2025-4919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4919"
},
{
"name": "CVE-2025-41232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41232"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2025-5063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5063"
},
{
"name": "CVE-2025-5064",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5064"
},
{
"name": "CVE-2025-5065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5065"
},
{
"name": "CVE-2025-5066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5066"
},
{
"name": "CVE-2025-5067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5067"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2022-49728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49728"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2025-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
},
{
"name": "CVE-2025-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
},
{
"name": "CVE-2025-22062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22062"
},
{
"name": "CVE-2025-23145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23145"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-37749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37749"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-5263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5263"
},
{
"name": "CVE-2025-5264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5264"
},
{
"name": "CVE-2025-5265",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5265"
},
{
"name": "CVE-2025-5266",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5266"
},
{
"name": "CVE-2025-5267",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5267"
},
{
"name": "CVE-2025-5268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5268"
},
{
"name": "CVE-2025-5270",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5270"
},
{
"name": "CVE-2025-5271",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5271"
},
{
"name": "CVE-2025-5272",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5272"
},
{
"name": "CVE-2025-5281",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5281"
},
{
"name": "CVE-2025-5283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
},
{
"name": "CVE-2025-23140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23140"
},
{
"name": "CVE-2025-23142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23142"
},
{
"name": "CVE-2025-23144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23144"
},
{
"name": "CVE-2025-23146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23146"
},
{
"name": "CVE-2025-23147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23147"
},
{
"name": "CVE-2025-23148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23148"
},
{
"name": "CVE-2025-23150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23150"
},
{
"name": "CVE-2025-23151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23151"
},
{
"name": "CVE-2025-23156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23156"
},
{
"name": "CVE-2025-23157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23157"
},
{
"name": "CVE-2025-23158",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23158"
},
{
"name": "CVE-2025-23159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23159"
},
{
"name": "CVE-2025-23161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23161"
},
{
"name": "CVE-2025-23163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23163"
},
{
"name": "CVE-2025-37738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37738"
},
{
"name": "CVE-2025-37739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37739"
},
{
"name": "CVE-2025-37740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37740"
},
{
"name": "CVE-2025-37741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37741"
},
{
"name": "CVE-2025-37742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37742"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2025-37757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37757"
},
{
"name": "CVE-2025-37758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37758"
},
{
"name": "CVE-2025-37765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37765"
},
{
"name": "CVE-2025-37766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37766"
},
{
"name": "CVE-2025-37767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37767"
},
{
"name": "CVE-2025-37768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37768"
},
{
"name": "CVE-2025-37770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37770"
},
{
"name": "CVE-2025-37771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37771"
},
{
"name": "CVE-2025-37773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37773"
},
{
"name": "CVE-2025-37780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37780"
},
{
"name": "CVE-2025-37781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37781"
},
{
"name": "CVE-2025-37787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37787"
},
{
"name": "CVE-2025-37788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37788"
},
{
"name": "CVE-2025-37789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37789"
},
{
"name": "CVE-2025-37790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37790"
},
{
"name": "CVE-2025-37792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37792"
},
{
"name": "CVE-2025-37794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37794"
},
{
"name": "CVE-2025-37796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37796"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-37803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37803"
},
{
"name": "CVE-2025-37805",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37805"
},
{
"name": "CVE-2025-37808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37808"
},
{
"name": "CVE-2025-37810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37810"
},
{
"name": "CVE-2025-37811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37811"
},
{
"name": "CVE-2025-37812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37812"
},
{
"name": "CVE-2025-37817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37817"
},
{
"name": "CVE-2025-37823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37823"
},
{
"name": "CVE-2025-37824",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37824"
},
{
"name": "CVE-2025-37829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37829"
},
{
"name": "CVE-2025-37830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37830"
},
{
"name": "CVE-2025-37836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37836"
},
{
"name": "CVE-2025-37839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37839"
},
{
"name": "CVE-2025-37840",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37840"
},
{
"name": "CVE-2025-37841",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37841"
},
{
"name": "CVE-2025-37844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37844"
},
{
"name": "CVE-2025-37850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37850"
},
{
"name": "CVE-2025-37851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37851"
},
{
"name": "CVE-2025-37857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37857"
},
{
"name": "CVE-2025-37858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37858"
},
{
"name": "CVE-2025-37859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37859"
},
{
"name": "CVE-2025-37862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37862"
},
{
"name": "CVE-2025-37867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37867"
},
{
"name": "CVE-2025-37871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37871"
},
{
"name": "CVE-2025-37875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37875"
},
{
"name": "CVE-2025-37881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37881"
},
{
"name": "CVE-2025-37883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37883"
},
{
"name": "CVE-2025-37885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2025-37892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37892"
},
{
"name": "CVE-2025-37937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37937"
},
{
"name": "CVE-2025-37940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37940"
},
{
"name": "CVE-2025-37982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37982"
},
{
"name": "CVE-2025-37983",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37983"
},
{
"name": "CVE-2025-37985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37985"
},
{
"name": "CVE-2025-37989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37989"
},
{
"name": "CVE-2025-37819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37819"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2025-37905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37905"
},
{
"name": "CVE-2025-37909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37909"
},
{
"name": "CVE-2025-37911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37911"
},
{
"name": "CVE-2025-37912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37912"
},
{
"name": "CVE-2025-37913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37913"
},
{
"name": "CVE-2025-37914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37914"
},
{
"name": "CVE-2025-37915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37915"
},
{
"name": "CVE-2025-37923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37923"
},
{
"name": "CVE-2025-37927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37927"
},
{
"name": "CVE-2025-37930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37930"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2025-37949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37949"
},
{
"name": "CVE-2025-37964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37964"
},
{
"name": "CVE-2025-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37967"
},
{
"name": "CVE-2025-37969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37969"
},
{
"name": "CVE-2025-37970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37970"
},
{
"name": "CVE-2025-37990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37990"
},
{
"name": "CVE-2025-37991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37991"
},
{
"name": "CVE-2025-5068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5068"
},
{
"name": "CVE-2025-5419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5419"
},
{
"name": "CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"name": "CVE-2025-49709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49709"
},
{
"name": "CVE-2025-49710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49710"
},
{
"name": "CVE-2023-6779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
},
{
"name": "CVE-2023-6780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2025-29088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29088"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2025-5958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5958"
},
{
"name": "CVE-2025-5959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5959"
},
{
"name": "CVE-2025-41234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41234"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-6191",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6191"
},
{
"name": "CVE-2025-6192",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6192"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2024-56406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2022-49168",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49168"
},
{
"name": "CVE-2025-37998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37998"
},
{
"name": "CVE-2023-42366",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42366"
},
{
"name": "CVE-2025-6424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6424"
},
{
"name": "CVE-2025-6425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6425"
},
{
"name": "CVE-2025-6426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6426"
},
{
"name": "CVE-2025-6427",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6427"
},
{
"name": "CVE-2025-6429",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6429"
},
{
"name": "CVE-2025-6430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6430"
},
{
"name": "CVE-2025-6432",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6432"
},
{
"name": "CVE-2025-6433",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6433"
},
{
"name": "CVE-2025-6434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6434"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2025-6555",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6555"
},
{
"name": "CVE-2025-6556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6556"
},
{
"name": "CVE-2025-6557",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6557"
},
{
"name": "CVE-2025-6435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6435"
},
{
"name": "CVE-2025-6436",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6436"
},
{
"name": "CVE-2025-6554",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6554"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2022-49636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2025-47268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
},
{
"name": "CVE-2025-37992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37992"
},
{
"name": "CVE-2025-37994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37994"
},
{
"name": "CVE-2025-37995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37995"
},
{
"name": "CVE-2025-38005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38005"
},
{
"name": "CVE-2025-38009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38009"
},
{
"name": "CVE-2025-38023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38023"
},
{
"name": "CVE-2025-38024",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38024"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2025-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
},
{
"name": "CVE-2025-6558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6558"
},
{
"name": "CVE-2025-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7656"
},
{
"name": "CVE-2025-7657",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7657"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"name": "CVE-2022-21546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21546"
},
{
"name": "CVE-2020-16156",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16156"
},
{
"name": "CVE-2025-8010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8010"
},
{
"name": "CVE-2025-8011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8011"
},
{
"name": "CVE-2025-8027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8027"
},
{
"name": "CVE-2025-8028",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8028"
},
{
"name": "CVE-2025-8029",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8029"
},
{
"name": "CVE-2025-8030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8030"
},
{
"name": "CVE-2025-8031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8031"
},
{
"name": "CVE-2025-8032",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8032"
},
{
"name": "CVE-2025-8033",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8033"
},
{
"name": "CVE-2025-8034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8034"
},
{
"name": "CVE-2025-8035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8035"
},
{
"name": "CVE-2025-8036",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8036"
},
{
"name": "CVE-2025-8037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8037"
},
{
"name": "CVE-2025-8038",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8038"
},
{
"name": "CVE-2025-8039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8039"
},
{
"name": "CVE-2025-8040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8040"
},
{
"name": "CVE-2025-8041",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8041"
},
{
"name": "CVE-2025-8043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8043"
},
{
"name": "CVE-2025-8044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8044"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2024-45339",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45339"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2025-38094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38094"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-8292",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8292"
},
{
"name": "CVE-2025-7424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2025-5889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5889"
},
{
"name": "CVE-2025-8576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8576"
},
{
"name": "CVE-2025-8577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8577"
},
{
"name": "CVE-2025-8578",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8578"
},
{
"name": "CVE-2025-8579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8579"
},
{
"name": "CVE-2025-8580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8580"
},
{
"name": "CVE-2025-8581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8581"
},
{
"name": "CVE-2025-8582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8582"
},
{
"name": "CVE-2025-8583",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8583"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2025-27817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27817"
},
{
"name": "CVE-2025-27818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27818"
},
{
"name": "CVE-2025-8879",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8879"
},
{
"name": "CVE-2025-8880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8880"
},
{
"name": "CVE-2025-8881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8881"
},
{
"name": "CVE-2025-8882",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8882"
},
{
"name": "CVE-2025-8901",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8901"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2025-7339",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7339"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2025-48964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2025-9132",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9132"
},
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2024-13009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13009"
},
{
"name": "CVE-2025-55668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2005-2541",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-2541"
},
{
"name": "CVE-2008-5727",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5727"
},
{
"name": "CVE-2008-5728",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5728"
},
{
"name": "CVE-2008-5729",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5729"
},
{
"name": "CVE-2008-5730",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5730"
},
{
"name": "CVE-2008-5742",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5742"
},
{
"name": "CVE-2011-3374",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3374"
},
{
"name": "CVE-2014-4715",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4715"
},
{
"name": "CVE-2015-2214",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2214"
},
{
"name": "CVE-2016-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0682"
},
{
"name": "CVE-2016-0689",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0689"
},
{
"name": "CVE-2016-0692",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0692"
},
{
"name": "CVE-2016-0694",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0694"
},
{
"name": "CVE-2016-2149",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2149"
},
{
"name": "CVE-2016-2160",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2160"
},
{
"name": "CVE-2016-3418",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3418"
},
{
"name": "CVE-2017-10140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10140"
},
{
"name": "CVE-2017-12195",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12195"
},
{
"name": "CVE-2017-12629",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12629"
},
{
"name": "CVE-2017-3604",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3604"
},
{
"name": "CVE-2017-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3605"
},
{
"name": "CVE-2017-3606",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3606"
},
{
"name": "CVE-2017-3607",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3607"
},
{
"name": "CVE-2017-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3608"
},
{
"name": "CVE-2017-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3609"
},
{
"name": "CVE-2017-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3610"
},
{
"name": "CVE-2017-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3611"
},
{
"name": "CVE-2017-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3612"
},
{
"name": "CVE-2017-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3613"
},
{
"name": "CVE-2017-3614",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3614"
},
{
"name": "CVE-2017-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3615"
},
{
"name": "CVE-2017-3616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3616"
},
{
"name": "CVE-2017-3617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3617"
},
{
"name": "CVE-2018-1000169",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000169"
},
{
"name": "CVE-2018-1196",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1196"
},
{
"name": "CVE-2018-1273",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1273"
},
{
"name": "CVE-2019-10782",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10782"
},
{
"name": "CVE-2019-9658",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9658"
},
{
"name": "CVE-2020-2981",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2981"
},
{
"name": "CVE-2021-20298",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20298"
},
{
"name": "CVE-2021-20304",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20304"
},
{
"name": "CVE-2021-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22055"
},
{
"name": "CVE-2021-23169",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23169"
},
{
"name": "CVE-2021-3236",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3236"
},
{
"name": "CVE-2022-0635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0635"
},
{
"name": "CVE-2022-0667",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0667"
},
{
"name": "CVE-2022-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3219"
},
{
"name": "CVE-2022-39046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39046"
},
{
"name": "CVE-2022-42010",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42010"
},
{
"name": "CVE-2022-42011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42011"
},
{
"name": "CVE-2022-42012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42012"
},
{
"name": "CVE-2022-44638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44638"
},
{
"name": "CVE-2023-31437",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31437"
},
{
"name": "CVE-2023-31438",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31438"
},
{
"name": "CVE-2023-31439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31439"
},
{
"name": "CVE-2023-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37769"
},
{
"name": "CVE-2023-39810",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39810"
},
{
"name": "CVE-2023-4156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4156"
},
{
"name": "CVE-2023-4320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4320"
},
{
"name": "CVE-2023-43785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43785"
},
{
"name": "CVE-2023-43786",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43786"
},
{
"name": "CVE-2023-43787",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43787"
},
{
"name": "CVE-2023-46129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46129"
},
{
"name": "CVE-2023-47039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47039"
},
{
"name": "CVE-2023-5189",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5189"
},
{
"name": "CVE-2024-11584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11584"
},
{
"name": "CVE-2024-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
},
{
"name": "CVE-2024-22047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22047"
},
{
"name": "CVE-2024-2397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2397"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2024-31047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-31047"
},
{
"name": "CVE-2024-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3220"
},
{
"name": "CVE-2024-58251",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58251"
},
{
"name": "CVE-2024-6174",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6174"
},
{
"name": "CVE-2024-7012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7012"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2025-26519",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26519"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2025-30258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30258"
},
{
"name": "CVE-2025-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2025-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2025-45768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
},
{
"name": "CVE-2025-46392",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46392"
},
{
"name": "CVE-2025-46394",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46394"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2025-5115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5115"
},
{
"name": "CVE-2025-5222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
},
{
"name": "CVE-2025-5278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5278"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2025-6297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6297"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2025-8262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8262"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-9179",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9179"
},
{
"name": "CVE-2025-9180",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9180"
},
{
"name": "CVE-2025-9181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9181"
},
{
"name": "CVE-2025-9182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9182"
},
{
"name": "CVE-2025-9183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9183"
},
{
"name": "CVE-2025-9184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9184"
},
{
"name": "CVE-2025-9185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9185"
},
{
"name": "CVE-2025-9187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9187"
},
{
"name": "CVE-2025-9308",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9308"
}
],
"initial_release_date": "2025-09-05T00:00:00",
"last_revision_date": "2025-09-05T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0756",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-05T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36093",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36093"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36102",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36102"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36101",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36101"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36100",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36100"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36105",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36105"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36091",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36091"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36078",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36078"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36107",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36107"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36094",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36094"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36097",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36097"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-46",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36104"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36108",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36108"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36095",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36095"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-09",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36090"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36096",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36096"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36106",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36106"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36109",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36109"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36098",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36098"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-68",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36111"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36103",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36103"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36099",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36099"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36092",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36092"
},
{
"published_at": "2025-09-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36110",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36110"
}
]
}
CERTFR-2025-AVI-0671
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling Partner Engagement Manager Essentials Edition | Sterling Partner Engagement Manager Essentials Edition versions 6.2.3.x antérieures à 6.2.3.3.1 | ||
| IBM | QRadar SIEM | QRadar SIEM versions 7.5.0 antérieures à 7.5.0 UP13 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.3.x antérieures à 6.3.0.14 | ||
| IBM | Sterling Partner Engagement Manager Standard Edition | Sterling Partner Engagement Manager Standard Edition versions 6.2.4.x antérieures à 6.2.4.0.1 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.4.x antérieures à 6.4.0.3 | ||
| IBM | QRadar Incident Forensics | QRadar Incident Forensics versions 7.5.0 antérieures à 7.5.0 UP13 | ||
| IBM | Db2 | Db2 Intelligence Center versions 1.1.x antérieures à 1.1.1.0 | ||
| IBM | Sterling Partner Engagement Manager Essentials Edition | Sterling Partner Engagement Manager Essentials Edition versions 6.2.4.x antérieures à 6.2.4.0.1 | ||
| IBM | Db2 | Db2 versions V10.5, V11.1 et V11.5 sans le correctif APAR DT261533 | ||
| IBM | Sterling Partner Engagement Manager Standard Edition | Sterling Partner Engagement Manager Standard Edition versions 6.2.3.x antérieures à 6.2.3.3.1 |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sterling Partner Engagement Manager Essentials Edition versions 6.2.3.x ant\u00e9rieures \u00e0 6.2.3.3.1",
"product": {
"name": "Sterling Partner Engagement Manager Essentials Edition",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.0 ant\u00e9rieures \u00e0 7.5.0 UP13",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.14",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager Standard Edition versions 6.2.4.x ant\u00e9rieures \u00e0 6.2.4.0.1",
"product": {
"name": "Sterling Partner Engagement Manager Standard Edition",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.4.x ant\u00e9rieures \u00e0 6.4.0.3",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Incident Forensics versions 7.5.0 ant\u00e9rieures \u00e0 7.5.0 UP13",
"product": {
"name": "QRadar Incident Forensics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 Intelligence Center versions 1.1.x ant\u00e9rieures \u00e0 1.1.1.0",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager Essentials Edition versions 6.2.4.x ant\u00e9rieures \u00e0 6.2.4.0.1",
"product": {
"name": "Sterling Partner Engagement Manager Essentials Edition",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 versions V10.5, V11.1 et V11.5 sans le correctif APAR DT261533",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager Standard Edition versions 6.2.3.x ant\u00e9rieures \u00e0 6.2.3.3.1",
"product": {
"name": "Sterling Partner Engagement Manager Standard Edition",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2017-7867",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7867"
},
{
"name": "CVE-2025-27818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27818"
},
{
"name": "CVE-2014-7923",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7923"
},
{
"name": "CVE-2024-45339",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45339"
},
{
"name": "CVE-2025-27817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27817"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2025-4373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4373"
},
{
"name": "CVE-2017-14952",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14952"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2022-48919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48919"
},
{
"name": "CVE-2024-31141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-31141"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2017-17484",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17484"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2024-52533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52533"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2017-15422",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15422"
},
{
"name": "CVE-2020-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21913"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2017-15396",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15396"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2025-27363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27363"
},
{
"name": "CVE-2024-50301",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50301"
},
{
"name": "CVE-2024-53064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53064"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2016-6293",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6293"
},
{
"name": "CVE-2017-7868",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7868"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2020-10531",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10531"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2016-7415",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7415"
},
{
"name": "CVE-2011-4599",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4599"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
}
],
"initial_release_date": "2025-08-08T00:00:00",
"last_revision_date": "2025-08-08T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0671",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-08-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-08-05",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7239285",
"url": "https://www.ibm.com/support/pages/node/7239285"
},
{
"published_at": "2025-08-07",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7241673",
"url": "https://www.ibm.com/support/pages/node/7241673"
},
{
"published_at": "2025-08-06",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7241589",
"url": "https://www.ibm.com/support/pages/node/7241589"
},
{
"published_at": "2025-08-07",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7241823",
"url": "https://www.ibm.com/support/pages/node/7241823"
},
{
"published_at": "2025-08-01",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7241292",
"url": "https://www.ibm.com/support/pages/node/7241292"
}
]
}
CERTFR-2024-AVI-1081
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM.Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar Suite Software | QRadar Suite Software versions antérieures à 1.11.0.0 | ||
| IBM | QRadar SIEM | QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP10 IF02 | ||
| IBM | Cognos Dashboards | Cognos Dashboards on Cloud Pak for Data versions 4.8.x à 5.0.x antérieures à 5.1 | ||
| IBM | QRadar Incident Forensics | QRadar Incident Forensics 7.5.x antérieures à 7.5.0 UP10 IF02 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "QRadar Suite Software versions ant\u00e9rieures \u00e0 1.11.0.0",
"product": {
"name": "QRadar Suite Software",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP10 IF02",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Dashboards on Cloud Pak for Data versions 4.8.x \u00e0 5.0.x ant\u00e9rieures \u00e0 5.1",
"product": {
"name": "Cognos Dashboards",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Incident Forensics 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP10 IF02",
"product": {
"name": "QRadar Incident Forensics",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-42459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42459"
},
{
"name": "CVE-2024-21536",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21536"
},
{
"name": "CVE-2024-7006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7006"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2023-43642",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43642"
},
{
"name": "CVE-2024-28849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28849"
},
{
"name": "CVE-2023-31582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31582"
},
{
"name": "CVE-2023-23613",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23613"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2023-37920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"name": "CVE-2024-25638",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25638"
},
{
"name": "CVE-2022-31160",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31160"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2024-42460",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42460"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-34462",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34462"
},
{
"name": "CVE-2023-34454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34454"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-38998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38998"
},
{
"name": "CVE-2023-34453",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34453"
},
{
"name": "CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"name": "CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"name": "CVE-2024-4067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2024-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23454"
},
{
"name": "CVE-2022-41917",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41917"
},
{
"name": "CVE-2024-48949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48949"
},
{
"name": "CVE-2024-41755",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41755"
},
{
"name": "CVE-2023-48161",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48161"
},
{
"name": "CVE-2024-47764",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47764"
},
{
"name": "CVE-2024-38372",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38372"
},
{
"name": "CVE-2023-34455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34455"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2024-29131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29131"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2023-36478",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36478"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"name": "CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2024-29133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29133"
},
{
"name": "CVE-2024-41110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41110"
},
{
"name": "CVE-2024-38999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38999"
},
{
"name": "CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"name": "CVE-2024-38986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38986"
},
{
"name": "CVE-2022-41915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41915"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2021-22569",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22569"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2024-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37890"
},
{
"name": "CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"name": "CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"name": "CVE-2024-36114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36114"
},
{
"name": "CVE-2024-52318",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52318"
},
{
"name": "CVE-2024-42461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42461"
},
{
"name": "CVE-2023-33546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33546"
},
{
"name": "CVE-2024-41818",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41818"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"name": "CVE-2024-52317",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52317"
},
{
"name": "CVE-2024-47175",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47175"
},
{
"name": "CVE-2022-23491",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23491"
},
{
"name": "CVE-2024-51504",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51504"
},
{
"name": "CVE-2022-41881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41881"
},
{
"name": "CVE-2024-52316",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52316"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2023-23612",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23612"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
}
],
"initial_release_date": "2024-12-13T00:00:00",
"last_revision_date": "2024-12-13T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-1081",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-12-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2024-12-11",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7177766",
"url": "https://www.ibm.com/support/pages/node/7177766"
},
{
"published_at": "2024-12-09",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7178224",
"url": "https://www.ibm.com/support/pages/node/7178224"
},
{
"published_at": "2024-12-11",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7178556",
"url": "https://www.ibm.com/support/pages/node/7178556"
}
]
}
CERTFR-2025-AVI-0337
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling | Sterling Connect:Direct Web Services versions 6.1.x antérieures à 6.1.0.28 | ||
| IBM | QRadar | QRadar Suite Software versions 1.1x.x.x antérieures à 1.11.2.x | ||
| IBM | Cloud Pak | Cloud Pak for Security versions 1.1x.x.x antérieures à 1.11.2.x | ||
| IBM | QRadar | SOAR QRadar Plugin App versions antérieures à 5.6.0 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sterling Connect:Direct Web Services versions 6.1.x ant\u00e9rieures \u00e0 6.1.0.28",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Suite Software versions 1.1x.x.x ant\u00e9rieures \u00e0 1.11.2.x",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cloud Pak for Security versions 1.1x.x.x ant\u00e9rieures \u00e0 1.11.2.x",
"product": {
"name": "Cloud Pak",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "SOAR QRadar Plugin App versions ant\u00e9rieures \u00e0 5.6.0",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-42459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42459"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2024-6531",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6531"
},
{
"name": "CVE-2024-22201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22201"
},
{
"name": "CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"name": "CVE-2024-55565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55565"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2020-35494",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35494"
},
{
"name": "CVE-2020-15250",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15250"
},
{
"name": "CVE-2024-23944",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23944"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2020-35496",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35496"
},
{
"name": "CVE-2024-21534",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21534"
},
{
"name": "CVE-2024-42460",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42460"
},
{
"name": "CVE-2024-56326",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56326"
},
{
"name": "CVE-2024-45813",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45813"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2023-45133",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45133"
},
{
"name": "CVE-2025-21613",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21613"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2023-25584",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25584"
},
{
"name": "CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2024-4067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
},
{
"name": "CVE-2024-29018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29018"
},
{
"name": "CVE-2024-8184",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8184"
},
{
"name": "CVE-2025-1302",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1302"
},
{
"name": "CVE-2025-27152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27152"
},
{
"name": "CVE-2024-21538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21538"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2024-48948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48948"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2018-18700",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18700"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"name": "CVE-2024-6763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6763"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2019-16163",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16163"
},
{
"name": "CVE-2024-56201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56201"
},
{
"name": "CVE-2023-51775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
},
{
"name": "CVE-2024-52798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52798"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2023-1972",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1972"
},
{
"name": "CVE-2025-26791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26791"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2023-25588",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25588"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2020-35495",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35495"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2024-42461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42461"
},
{
"name": "CVE-2024-29180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29180"
},
{
"name": "CVE-2019-12972",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12972"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2023-25585",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25585"
},
{
"name": "CVE-2025-21614",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21614"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2020-35507",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35507"
},
{
"name": "CVE-2020-35493",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35493"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2018-12699",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12699"
},
{
"name": "CVE-2024-57699",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57699"
}
],
"initial_release_date": "2025-04-18T00:00:00",
"last_revision_date": "2025-04-18T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0337",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-04-18T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Injection SQL (SQLi)"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-04-11",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7230739",
"url": "https://www.ibm.com/support/pages/node/7230739"
},
{
"published_at": "2025-04-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7231169",
"url": "https://www.ibm.com/support/pages/node/7231169"
},
{
"published_at": "2025-04-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7231051",
"url": "https://www.ibm.com/support/pages/node/7231051"
}
]
}
CERTFR-2025-AVI-0170
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Cognos Analytics | Cognos Analytics versions 11.2.x antérieures à 12.2.4 IF4 | ||
| IBM | QRadar | QRadar Data Synchronization versions antérieures à 3.2.1 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.1.x antérieures à 6.1.0.1 iFix 02 | ||
| IBM | WebSphere | WebSphere Application Server versions 9.0.x sans le correctif de sécurité temporaire PH16353 ou antérieures à 9.0.5.2 | ||
| IBM | Sterling | Sterling External Authentication Server versions 6.1.x antérieures à 6.1.0.2 iFix 02 | ||
| IBM | Cognos Dashboards | Cognos Dashboards on Cloud Pak for Data versions 4.x sans le dernier correctif de sécurité | ||
| IBM | Cognos Analytics | Cognos Analytics versions 12.0.x antérieures à 12.0.4 IF2 | ||
| IBM | Sterling | Sterling External Authentication Server versions 6.0.x antérieures à 6.0.3.1 iFix 02 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.2.x antérieures à 6.2.0.1 iFix 01 | ||
| IBM | Cognos Dashboards | Cognos Dashboards on Cloud Pak for Data versions 5.x antérieures à 5.1 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 12.2.4 IF4",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Data Synchronization versions ant\u00e9rieures \u00e0 3.2.1",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.1.x ant\u00e9rieures \u00e0 6.1.0.1 iFix 02",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server versions 9.0.x sans le correctif de s\u00e9curit\u00e9 temporaire PH16353 ou ant\u00e9rieures \u00e0 9.0.5.2",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling External Authentication Server versions 6.1.x ant\u00e9rieures \u00e0 6.1.0.2 iFix 02",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Dashboards on Cloud Pak for Data versions 4.x sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Cognos Dashboards",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 12.0.x ant\u00e9rieures \u00e0 12.0.4 IF2",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling External Authentication Server versions 6.0.x ant\u00e9rieures \u00e0 6.0.3.1 iFix 02",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.1 iFix 01",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Dashboards on Cloud Pak for Data versions 5.x ant\u00e9rieures \u00e0 5.1",
"product": {
"name": "Cognos Dashboards",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-21536",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21536"
},
{
"name": "CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"name": "CVE-2023-35946",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35946"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2015-7450",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7450"
},
{
"name": "CVE-2022-48554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48554"
},
{
"name": "CVE-2018-19797",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19797"
},
{
"name": "CVE-2023-28523",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28523"
},
{
"name": "CVE-2021-27290",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27290"
},
{
"name": "CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"name": "CVE-2023-31124",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31124"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2023-23936",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23936"
},
{
"name": "CVE-2018-19827",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19827"
},
{
"name": "CVE-2018-11694",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11694"
},
{
"name": "CVE-2024-39331",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39331"
},
{
"name": "CVE-2022-4904",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4904"
},
{
"name": "CVE-2023-32067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32067"
},
{
"name": "CVE-2024-47561",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47561"
},
{
"name": "CVE-2024-30205",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30205"
},
{
"name": "CVE-2024-40094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40094"
},
{
"name": "CVE-2023-24807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24807"
},
{
"name": "CVE-2025-22150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22150"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2024-30203",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30203"
},
{
"name": "CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"name": "CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"name": "CVE-2024-10917",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10917"
},
{
"name": "CVE-2021-35065",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35065"
},
{
"name": "CVE-2023-23920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23920"
},
{
"name": "CVE-2022-24999",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24999"
},
{
"name": "CVE-2024-21538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21538"
},
{
"name": "CVE-2023-31147",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31147"
},
{
"name": "CVE-2024-47764",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47764"
},
{
"name": "CVE-2023-23918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23918"
},
{
"name": "CVE-2024-56340",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56340"
},
{
"name": "CVE-2024-48948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48948"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2024-45216",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45216"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"name": "CVE-2023-28527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28527"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2023-39410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39410"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2019-6286",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6286"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2018-19839",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19839"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2024-45217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45217"
},
{
"name": "CVE-2024-38999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38999"
},
{
"name": "CVE-2024-52798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52798"
},
{
"name": "CVE-2018-20821",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20821"
},
{
"name": "CVE-2019-6283",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6283"
},
{
"name": "CVE-2023-35947",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35947"
},
{
"name": "CVE-2022-25881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25881"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2023-23919",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23919"
},
{
"name": "CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2024-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30204"
},
{
"name": "CVE-2018-20190",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20190"
},
{
"name": "CVE-2023-28526",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28526"
},
{
"name": "CVE-2023-28155",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28155"
},
{
"name": "CVE-2018-11698",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11698"
},
{
"name": "CVE-2025-0823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0823"
},
{
"name": "CVE-2023-26136",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26136"
},
{
"name": "CVE-2023-31130",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31130"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2024-27267",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27267"
},
{
"name": "CVE-2020-7598",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7598"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
}
],
"initial_release_date": "2025-02-28T00:00:00",
"last_revision_date": "2025-02-28T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0170",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-02-28T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-02-27",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7183676",
"url": "https://www.ibm.com/support/pages/node/7183676"
},
{
"published_at": "2019-11-14",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 1107105",
"url": "https://www.ibm.com/support/pages/node/1107105"
},
{
"published_at": "2025-02-28",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7184475",
"url": "https://www.ibm.com/support/pages/node/7184475"
},
{
"published_at": "2025-02-28",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7184474",
"url": "https://www.ibm.com/support/pages/node/7184474"
},
{
"published_at": "2025-02-25",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7184092",
"url": "https://www.ibm.com/support/pages/node/7184092"
},
{
"published_at": "2025-02-27",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7184217",
"url": "https://www.ibm.com/support/pages/node/7184217"
},
{
"published_at": "2025-02-28",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7184476",
"url": "https://www.ibm.com/support/pages/node/7184476"
}
]
}
CERTFR-2025-AVI-0909
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans Oracle Systems. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle ZFS Storage Appliance Kit version 8.8",
"product": {
"name": "Systems",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Solaris version 11",
"product": {
"name": "Systems",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Solaris Cluster version 4",
"product": {
"name": "Systems",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-62477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62477"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2025-62289",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62289"
},
{
"name": "CVE-2020-17521",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17521"
},
{
"name": "CVE-2025-62290",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62290"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2025-53070",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53070"
},
{
"name": "CVE-2025-62480",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62480"
},
{
"name": "CVE-2025-53046",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53046"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2025-62478",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62478"
},
{
"name": "CVE-2025-62476",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62476"
},
{
"name": "CVE-2025-62475",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62475"
},
{
"name": "CVE-2025-62479",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62479"
},
{
"name": "CVE-2025-53068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53068"
},
{
"name": "CVE-2024-57699",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57699"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
}
],
"initial_release_date": "2025-10-22T00:00:00",
"last_revision_date": "2025-10-22T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0909",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-22T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Systems. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Systems",
"vendor_advisories": [
{
"published_at": "2025-10-21",
"title": "Bulletin de s\u00e9curit\u00e9 Oracle Systems cpuoct2025",
"url": "https://www.oracle.com/security-alerts/cpuoct2025.html"
}
]
}
CERTFR-2025-AVI-0003
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Db2 warehouse versions ant\u00e9rieures \u00e0 5.1",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 Big SQL versions ant\u00e9rieures \u00e0 7.8",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 versions ant\u00e9rieures \u00e0 5.1",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-37370",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2022-24795",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24795"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2023-30991",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30991"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2023-38740",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38740"
},
{
"name": "CVE-2023-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
},
{
"name": "CVE-2023-38719",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38719"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2023-30987",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30987"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2022-31163",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31163"
},
{
"name": "CVE-2024-33883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33883"
},
{
"name": "CVE-2023-40373",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40373"
},
{
"name": "CVE-2021-41186",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41186"
},
{
"name": "CVE-2024-0406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0406"
},
{
"name": "CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"name": "CVE-2023-38728",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38728"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2023-38720",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38720"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"name": "CVE-2023-41993",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41993"
},
{
"name": "CVE-2023-39976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39976"
},
{
"name": "CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"name": "CVE-2024-41110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41110"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2024-27281",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27281"
},
{
"name": "CVE-2023-33850",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33850"
},
{
"name": "CVE-2022-0759",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0759"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-2597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2597"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2024-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37890"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2021-32740",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32740"
},
{
"name": "CVE-2023-40374",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40374"
},
{
"name": "CVE-2024-47220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47220"
},
{
"name": "CVE-2024-6387",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6387"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2024-39689",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39689"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"name": "CVE-2023-40372",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40372"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2024-37371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
}
],
"initial_release_date": "2025-01-03T00:00:00",
"last_revision_date": "2025-01-03T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0003",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-01-03T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-01-02",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7180133",
"url": "https://www.ibm.com/support/pages/node/7180133"
},
{
"published_at": "2025-01-02",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7180137",
"url": "https://www.ibm.com/support/pages/node/7180137"
},
{
"published_at": "2025-01-01",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7180105",
"url": "https://www.ibm.com/support/pages/node/7180105"
},
{
"published_at": "2025-01-02",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7180134",
"url": "https://www.ibm.com/support/pages/node/7180134"
},
{
"published_at": "2025-01-02",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7180135",
"url": "https://www.ibm.com/support/pages/node/7180135"
},
{
"published_at": "2025-01-02",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7180138",
"url": "https://www.ibm.com/support/pages/node/7180138"
}
]
}
CERTFR-2025-AVI-0947
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling Connect:Direct | Sterling Connect:Direct versions 6.2.x antérieures à 6.2.0.9.iFix005 pour Unix | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct versions 6.4.x antérieures à 6.4.0.2.iFix004 pour Unix | ||
| IBM | QRadar | QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP14 | ||
| IBM | QRadar Hub | Qradar Hub versions antérieures à 3.9.0 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct versions 6.3.x antérieures à 6.3.0.5.iFix008 pour Unix | ||
| IBM | QRadar | QRadar Incident Forensics versions 7.5.x antérieures à 7.5.0 UP14 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sterling Connect:Direct versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.9.iFix005 pour Unix",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct versions 6.4.x ant\u00e9rieures \u00e0 6.4.0.2.iFix004 pour Unix",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP14",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Qradar Hub versions ant\u00e9rieures \u00e0 3.9.0",
"product": {
"name": "QRadar Hub",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.5.iFix008 pour Unix",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Incident Forensics versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP14",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2025-54389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54389"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2022-26336",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26336"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2025-38464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
},
{
"name": "CVE-2025-38211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38211"
},
{
"name": "CVE-2023-45145",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45145"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2025-38332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38332"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-36007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36007"
},
{
"name": "CVE-2012-0868",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0868"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2024-21096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21096"
},
{
"name": "CVE-2019-10130",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10130"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2025-36137",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36137"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2017-7484",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7484"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
}
],
"initial_release_date": "2025-10-31T00:00:00",
"last_revision_date": "2025-10-31T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0947",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-31T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Injection SQL (SQLi)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-10-30",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7249678",
"url": "https://www.ibm.com/support/pages/node/7249678"
},
{
"published_at": "2025-10-27",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7249277",
"url": "https://www.ibm.com/support/pages/node/7249277"
},
{
"published_at": "2025-10-30",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7249661",
"url": "https://www.ibm.com/support/pages/node/7249661"
},
{
"published_at": "2025-10-27",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7249276",
"url": "https://www.ibm.com/support/pages/node/7249276"
}
]
}
CERTFR-2025-AVI-0622
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits VMware. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | Tanzu Platform versions 4.0.x antérieures à 4.0.38+LTS-T pour Cloud Foundry Windows | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.0.x antérieures à 10.0.8 pour Cloud Foundry Windows | ||
| VMware | N/A | Stemcells sans le dernier correctif de sécurité | ||
| VMware | Tanzu Platform | Tanzu Platform versions 4.0.x antérieures à 4.0.38+LTS-T pour Cloud Foundry | ||
| VMware | Tanzu Platform | Tanzu Platform versions 6.0.x antérieures à 6.0.18+LTS-T pour Cloud Foundry Windows | ||
| VMware | Tanzu | Anti-Virus sans le dernier correctif de sécurité pour Tanzu version 2.4.0 | ||
| VMware | Tanzu | Scheduler sans le dernier correctif de sécurité pour Tanzu version 2.0.19 | ||
| VMware | Tanzu Platform | Tanzu Platform versions 6.0.x antérieures à 6.0.18+LTS-T pour Cloud Foundry | ||
| VMware | Tanzu Platform | GenAI sans le dernier correctif de sécurité pour Tanzu Platform pour Cloud Foundry version 10.2.1 | ||
| VMware | Tanzu Application Service | Tanzu Application Service versions antérieures à 1.16.11 | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.2.x antérieures à 10.2.1+LTS-T pour Cloud Foundry isolation segment | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.0.x antérieures à 10.0.8 pour Cloud Foundry isolation segment | ||
| VMware | Tanzu | Spring Cloud Services sans le dernier correctif de sécurité pour Tanzu version 3.3.8 | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.0.x antérieures à 10.0.8 pour Cloud Foundry | ||
| VMware | Tanzu Platform | Tanzu Platform versions 4.0.x antérieures à 4.0.38+LTS-T pour Cloud Foundry isolation segment | ||
| VMware | Tanzu | Spring Cloud Data Flow sans le dernier correctif de sécurité pour Tanzu version 1.14.7 | ||
| VMware | Tanzu Platform | Tanzu Platform versions 6.0.x antérieures à 6.0.18+LTS-T pour Cloud Foundry isolation segment | ||
| VMware | Tanzu Platform | Tanzu Platform versions 10.2.x antérieures à 10.2.1+LTS-T pour Cloud Foundry | ||
| VMware | Tanzu Application Service | Single Sign-On sans le dernier correctif de sécurité pour Tanzu Application Service version 1.16.11 | ||
| VMware | Tanzu | File Integrity Monitoring sans le dernier correctif de sécurité pour Tanzu version 2.1.47 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu Platform versions 4.0.x ant\u00e9rieures \u00e0 4.0.38+LTS-T pour Cloud Foundry Windows",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.0.x ant\u00e9rieures \u00e0 10.0.8 pour Cloud Foundry Windows",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 4.0.x ant\u00e9rieures \u00e0 4.0.38+LTS-T pour Cloud Foundry",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 6.0.x ant\u00e9rieures \u00e0 6.0.18+LTS-T pour Cloud Foundry Windows",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Anti-Virus sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 2.4.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Scheduler sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 2.0.19",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 6.0.x ant\u00e9rieures \u00e0 6.0.18+LTS-T pour Cloud Foundry",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "GenAI sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu Platform pour Cloud Foundry version 10.2.1",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.11",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.2.x ant\u00e9rieures \u00e0 10.2.1+LTS-T pour Cloud Foundry isolation segment",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.0.x ant\u00e9rieures \u00e0 10.0.8 pour Cloud Foundry isolation segment",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 3.3.8",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.0.x ant\u00e9rieures \u00e0 10.0.8 pour Cloud Foundry",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 4.0.x ant\u00e9rieures \u00e0 4.0.38+LTS-T pour Cloud Foundry isolation segment",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Data Flow sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 1.14.7",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 6.0.x ant\u00e9rieures \u00e0 6.0.18+LTS-T pour Cloud Foundry isolation segment",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform versions 10.2.x ant\u00e9rieures \u00e0 10.2.1+LTS-T pour Cloud Foundry",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu Application Service version 1.16.11",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "File Integrity Monitoring sans le dernier correctif de s\u00e9curit\u00e9 pour Tanzu version 2.1.47",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2022-32149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32149"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2022-27191",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27191"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2022-25647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25647"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2022-41722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2022-41720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2022-30634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2022-29804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-33201",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33201"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-36617",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36617"
},
{
"name": "CVE-2022-23471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23471"
},
{
"name": "CVE-2023-25153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25153"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2023-25173",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25173"
},
{
"name": "CVE-2022-31030",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31030"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2023-2253",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2253"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2024-21012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21012"
},
{
"name": "CVE-2023-28841",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28841"
},
{
"name": "CVE-2023-28842",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28842"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2023-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
},
{
"name": "CVE-2023-28840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28840"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2023-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2024-35255",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35255"
},
{
"name": "CVE-2024-24557",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24557"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2024-28180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-36945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2023-28756",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28756"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2024-42230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42230"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2022-24769",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24769"
},
{
"name": "CVE-2024-41110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41110"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2024-46812",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46812"
},
{
"name": "CVE-2024-46821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46821"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2024-46753",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46753"
},
{
"name": "CVE-2024-46787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2024-50047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2024-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53051"
},
{
"name": "CVE-2024-0406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0406"
},
{
"name": "CVE-2024-53144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53144"
},
{
"name": "CVE-2024-8805",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8805"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2024-27282",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27282"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2024-56664",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56664"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2025-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22228"
},
{
"name": "CVE-2023-24531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2020-36843",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36843"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2025-30691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30691"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2020-15250",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15250"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2024-29018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29018"
},
{
"name": "CVE-2025-21613",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21613"
},
{
"name": "CVE-2025-21614",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21614"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-31650",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31650"
},
{
"name": "CVE-2025-31651",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31651"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"name": "CVE-2025-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
},
{
"name": "CVE-2025-22035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22035"
},
{
"name": "CVE-2025-22044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-22050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
},
{
"name": "CVE-2025-22054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22054"
},
{
"name": "CVE-2025-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
},
{
"name": "CVE-2025-22056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22056"
},
{
"name": "CVE-2025-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
},
{
"name": "CVE-2025-22063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
},
{
"name": "CVE-2025-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22066"
},
{
"name": "CVE-2025-22071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22071"
},
{
"name": "CVE-2025-22073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22073"
},
{
"name": "CVE-2025-22075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
},
{
"name": "CVE-2025-22079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22079"
},
{
"name": "CVE-2025-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22081"
},
{
"name": "CVE-2025-22086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
},
{
"name": "CVE-2025-22089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22089"
},
{
"name": "CVE-2025-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
},
{
"name": "CVE-2025-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
},
{
"name": "CVE-2025-23138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-38152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38152"
},
{
"name": "CVE-2025-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38575"
},
{
"name": "CVE-2025-38637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
},
{
"name": "CVE-2025-39728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
},
{
"name": "CVE-2025-39735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-4575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4575"
},
{
"name": "CVE-2022-49728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49728"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2025-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
},
{
"name": "CVE-2025-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2025-37937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37937"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2025-41234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41234"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2025-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27219"
},
{
"name": "CVE-2025-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27220"
},
{
"name": "CVE-2025-48976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48976"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2022-49636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2022-21698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21698"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2022-28948",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28948"
},
{
"name": "CVE-2022-29173",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29173"
},
{
"name": "CVE-2022-35929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35929"
},
{
"name": "CVE-2022-36056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36056"
},
{
"name": "CVE-2022-36109",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36109"
},
{
"name": "CVE-2023-28755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28755"
},
{
"name": "CVE-2023-30551",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30551"
},
{
"name": "CVE-2023-33199",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33199"
},
{
"name": "CVE-2023-33202",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33202"
},
{
"name": "CVE-2023-46737",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46737"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2024-24579",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24579"
},
{
"name": "CVE-2024-29902",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29902"
},
{
"name": "CVE-2024-29903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29903"
},
{
"name": "CVE-2024-40635",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40635"
},
{
"name": "CVE-2024-41909",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41909"
},
{
"name": "CVE-2024-45339",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45339"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2024-52587",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52587"
},
{
"name": "CVE-2024-6104",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6104"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2025-29786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29786"
},
{
"name": "CVE-2025-32441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32441"
},
{
"name": "CVE-2025-32955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32955"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-3445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3445"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2025-46727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46727"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-47290",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47290"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2025-4949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4949"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
}
],
"initial_release_date": "2025-07-25T00:00:00",
"last_revision_date": "2025-07-25T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0622",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-25T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35981",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35981"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35967",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35967"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35980",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35980"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35974",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35974"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35979",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35979"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35984",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35984"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35970",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35970"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35983",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35983"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35978",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35978"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35968",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35968"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35973",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35973"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35976",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35976"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35969",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35969"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35966",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35966"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35972",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35972"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35977",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35977"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35982",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35982"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35971",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35971"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35975",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35975"
}
]
}
CERTFR-2025-AVI-0058
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans Oracle Weblogic. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle WebLogic Server version 14.1.2.0.0",
"product": {
"name": "Weblogic",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle WebLogic Server version 12.2.1.4.0",
"product": {
"name": "Weblogic",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle WebLogic Server version 14.1.1.0.0",
"product": {
"name": "Weblogic",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2025-21535",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21535"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2024-23635",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23635"
},
{
"name": "CVE-2025-21549",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21549"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2023-7272",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7272"
}
],
"initial_release_date": "2025-01-22T00:00:00",
"last_revision_date": "2025-01-22T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0058",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-01-22T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Weblogic. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Weblogic",
"vendor_advisories": [
{
"published_at": "2025-01-21",
"title": "Bulletin de s\u00e9curit\u00e9 Oracle Weblogic cpujan2025",
"url": "https://www.oracle.com/security-alerts/cpujan2025.html"
}
]
}
ncsc-2025-0124
Vulnerability from csaf_ncscnl
Published
2025-04-16 08:39
Modified
2025-04-16 08:39
Summary
Kwetsbaarheden verholpen in Oracle Communications
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft meerdere kwetsbaarheden verholpen in Oracle Communications producten, waaronder de Cloud Native Core en Policy Management.
Interpretaties
De kwetsbaarheden in Oracle Communications producten stellen ongeauthenticeerde aanvallers in staat om ongeautoriseerde toegang te verkrijgen tot gevoelige gegevens en kunnen leiden tot Denial-of-Service (DoS) aanvallen. Specifieke versies van de Cloud Native Core, zoals de Binding Support Function en Network Repository Function, zijn getroffen, met CVSS-scores die variëren van 4.3 tot 9.8, wat wijst op significante risico's voor de beschikbaarheid en vertrouwelijkheid van de systemen.
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-44
Path Equivalence: 'file.name' (Internal Dot)
CWE-706
Use of Incorrectly-Resolved Name or Reference
CWE-444
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-502
Deserialization of Untrusted Data
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-121
Stack-based Buffer Overflow
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-1395
Dependency on Vulnerable Third-Party Component
CWE-653
Improper Isolation or Compartmentalization
CWE-670
Always-Incorrect Control Flow Implementation
CWE-676
Use of Potentially Dangerous Function
CWE-1336
Improper Neutralization of Special Elements Used in a Template Engine
CWE-392
Missing Report of Error Condition
CWE-772
Missing Release of Resource after Effective Lifetime
CWE-208
Observable Timing Discrepancy
CWE-669
Incorrect Resource Transfer Between Spheres
CWE-349
Acceptance of Extraneous Untrusted Data With Trusted Data
CWE-834
Excessive Iteration
CWE-303
Incorrect Implementation of Authentication Algorithm
CWE-732
Incorrect Permission Assignment for Critical Resource
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CWE-1286
Improper Validation of Syntactic Correctness of Input
CWE-754
Improper Check for Unusual or Exceptional Conditions
CWE-680
Integer Overflow to Buffer Overflow
CWE-345
Insufficient Verification of Data Authenticity
CWE-369
Divide By Zero
CWE-552
Files or Directories Accessible to External Parties
CWE-639
Authorization Bypass Through User-Controlled Key
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-404
Improper Resource Shutdown or Release
CWE-862
Missing Authorization
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-1333
Inefficient Regular Expression Complexity
CWE-295
Improper Certificate Validation
CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-674
Uncontrolled Recursion
CWE-611
Improper Restriction of XML External Entity Reference
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE-269
Improper Privilege Management
CWE-20
Improper Input Validation
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft meerdere kwetsbaarheden verholpen in Oracle Communications producten, waaronder de Cloud Native Core en Policy Management.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden in Oracle Communications producten stellen ongeauthenticeerde aanvallers in staat om ongeautoriseerde toegang te verkrijgen tot gevoelige gegevens en kunnen leiden tot Denial-of-Service (DoS) aanvallen. Specifieke versies van de Cloud Native Core, zoals de Binding Support Function en Network Repository Function, zijn getroffen, met CVSS-scores die vari\u00ebren van 4.3 tot 9.8, wat wijst op significante risico\u0027s voor de beschikbaarheid en vertrouwelijkheid van de systemen.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Path Equivalence: \u0027file.name\u0027 (Internal Dot)",
"title": "CWE-44"
},
{
"category": "general",
"text": "Use of Incorrectly-Resolved Name or Reference",
"title": "CWE-706"
},
{
"category": "general",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
},
{
"category": "general",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
},
{
"category": "general",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "general",
"text": "Dependency on Vulnerable Third-Party Component",
"title": "CWE-1395"
},
{
"category": "general",
"text": "Improper Isolation or Compartmentalization",
"title": "CWE-653"
},
{
"category": "general",
"text": "Always-Incorrect Control Flow Implementation",
"title": "CWE-670"
},
{
"category": "general",
"text": "Use of Potentially Dangerous Function",
"title": "CWE-676"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements Used in a Template Engine",
"title": "CWE-1336"
},
{
"category": "general",
"text": "Missing Report of Error Condition",
"title": "CWE-392"
},
{
"category": "general",
"text": "Missing Release of Resource after Effective Lifetime",
"title": "CWE-772"
},
{
"category": "general",
"text": "Observable Timing Discrepancy",
"title": "CWE-208"
},
{
"category": "general",
"text": "Incorrect Resource Transfer Between Spheres",
"title": "CWE-669"
},
{
"category": "general",
"text": "Acceptance of Extraneous Untrusted Data With Trusted Data",
"title": "CWE-349"
},
{
"category": "general",
"text": "Excessive Iteration",
"title": "CWE-834"
},
{
"category": "general",
"text": "Incorrect Implementation of Authentication Algorithm",
"title": "CWE-303"
},
{
"category": "general",
"text": "Incorrect Permission Assignment for Critical Resource",
"title": "CWE-732"
},
{
"category": "general",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)",
"title": "CWE-917"
},
{
"category": "general",
"text": "Improper Validation of Syntactic Correctness of Input",
"title": "CWE-1286"
},
{
"category": "general",
"text": "Improper Check for Unusual or Exceptional Conditions",
"title": "CWE-754"
},
{
"category": "general",
"text": "Integer Overflow to Buffer Overflow",
"title": "CWE-680"
},
{
"category": "general",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
},
{
"category": "general",
"text": "Divide By Zero",
"title": "CWE-369"
},
{
"category": "general",
"text": "Files or Directories Accessible to External Parties",
"title": "CWE-552"
},
{
"category": "general",
"text": "Authorization Bypass Through User-Controlled Key",
"title": "CWE-639"
},
{
"category": "general",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Missing Authorization",
"title": "CWE-862"
},
{
"category": "general",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "general",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "general",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "general",
"text": "Use of a Broken or Risky Cryptographic Algorithm",
"title": "CWE-327"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"title": "CWE-120"
},
{
"category": "general",
"text": "Improper Privilege Management",
"title": "CWE-269"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - cveprojectv5; nvd; oracle",
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Communications",
"tracking": {
"current_release_date": "2025-04-16T08:39:55.217751Z",
"generator": {
"date": "2025-02-25T15:15:00Z",
"engine": {
"name": "V.A.",
"version": "1.0"
}
},
"id": "NCSC-2025-0124",
"initial_release_date": "2025-04-16T08:39:55.217751Z",
"revision_history": [
{
"date": "2025-04-16T08:39:55.217751Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/24.2.1",
"product": {
"name": "vers:unknown/24.2.1",
"product_id": "CSAFPID-1838578"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/24.2.0",
"product": {
"name": "vers:unknown/24.2.0",
"product_id": "CSAFPID-1838586"
}
}
],
"category": "product_name",
"name": "Communications Cloud Native Core Binding Support Function"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003e=24.2.0|\u003c=24.2.2",
"product": {
"name": "vers:unknown/\u003e=24.2.0|\u003c=24.2.2",
"product_id": "CSAFPID-1838591"
}
}
],
"category": "product_name",
"name": "Communications Cloud Native Core Policy"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/24.2.1",
"product": {
"name": "vers:unknown/24.2.1",
"product_id": "CSAFPID-1838592"
}
}
],
"category": "product_name",
"name": "Communications Cloud Native Core Console"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/24.2.0",
"product": {
"name": "vers:unknown/24.2.0",
"product_id": "CSAFPID-1838572"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/24.2.1",
"product": {
"name": "vers:unknown/24.2.1",
"product_id": "CSAFPID-1838581"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/24.2.2",
"product": {
"name": "vers:unknown/24.2.2",
"product_id": "CSAFPID-1838584"
}
}
],
"category": "product_name",
"name": "Communications Cloud Native Core Security Edge Protection Proxy"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003e=6.0|\u003c=6.1",
"product": {
"name": "vers:unknown/\u003e=6.0|\u003c=6.1",
"product_id": "CSAFPID-2698355"
}
}
],
"category": "product_name",
"name": "Communications Unified Assurance"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/24.3.0",
"product": {
"name": "vers:unknown/24.3.0",
"product_id": "CSAFPID-2698333"
}
}
],
"category": "product_name",
"name": "Management Cloud Engine"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/24.2.0",
"product": {
"name": "vers:unknown/24.2.0",
"product_id": "CSAFPID-2698334"
}
}
],
"category": "product_name",
"name": "Communications Cloud Native Core Network Data Analytics Function"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/24.2.5",
"product": {
"name": "vers:unknown/24.2.5",
"product_id": "CSAFPID-2698374"
}
}
],
"category": "product_name",
"name": "Communications Cloud Native Core Network Function Cloud Native Environment"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/9.0.0",
"product": {
"name": "vers:unknown/9.0.0",
"product_id": "CSAFPID-1234193"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/9.0.1",
"product": {
"name": "vers:unknown/9.0.1",
"product_id": "CSAFPID-1234261"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/9.0.2",
"product": {
"name": "vers:unknown/9.0.2",
"product_id": "CSAFPID-2698362"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/9.0.3",
"product": {
"name": "vers:unknown/9.0.3",
"product_id": "CSAFPID-2698358"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/\u003e=9.0.0|\u003c=9.0.3",
"product": {
"name": "vers:unknown/\u003e=9.0.0|\u003c=9.0.3",
"product_id": "CSAFPID-2698372"
}
}
],
"category": "product_name",
"name": "Communications Element Manager"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/15.0.0.0.0",
"product": {
"name": "vers:unknown/15.0.0.0.0",
"product_id": "CSAFPID-1837923"
}
}
],
"category": "product_name",
"name": "Communications Policy Management"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003e=9.0.0|\u003c=9.0.3",
"product": {
"name": "vers:unknown/\u003e=9.0.0|\u003c=9.0.3",
"product_id": "CSAFPID-2698373"
}
}
],
"category": "product_name",
"name": "Communications Session Report Manager"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/9.1.1.9",
"product": {
"name": "vers:unknown/9.1.1.9",
"product_id": "CSAFPID-2698357"
}
}
],
"category": "product_name",
"name": "SD-WAN Edge"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/24.2.3",
"product": {
"name": "vers:unknown/24.2.3",
"product_id": "CSAFPID-1838579"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/24.3.0",
"product": {
"name": "vers:unknown/24.3.0",
"product_id": "CSAFPID-1838582"
}
}
],
"category": "product_name",
"name": "Communications Cloud Native Core Unified Data Repository"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/10.0.0",
"product": {
"name": "vers:unknown/10.0.0",
"product_id": "CSAFPID-2698381"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/9.2.0",
"product": {
"name": "vers:unknown/9.2.0",
"product_id": "CSAFPID-1207518"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/9.3.0",
"product": {
"name": "vers:unknown/9.3.0",
"product_id": "CSAFPID-1207704"
}
}
],
"category": "product_name",
"name": "Communications Session Border Controller"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/4.1.0",
"product": {
"name": "vers:unknown/4.1.0",
"product_id": "CSAFPID-1207607"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/4.2.0",
"product": {
"name": "vers:unknown/4.2.0",
"product_id": "CSAFPID-1207752"
}
}
],
"category": "product_name",
"name": "Enterprise Communications Broker"
}
],
"category": "product_family",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/24.2.0",
"product": {
"name": "vers:oracle/24.2.0",
"product_id": "CSAFPID-1839911",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.2.1",
"product": {
"name": "vers:oracle/24.2.1",
"product_id": "CSAFPID-1839908",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=24.2.0|\u003c=24.2.2",
"product": {
"name": "vers:oracle/\u003e=24.2.0|\u003c=24.2.2",
"product_id": "CSAFPID-2698963",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.0-24.2.2:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Binding Support Function"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/24.2.3",
"product": {
"name": "vers:oracle/24.2.3",
"product_id": "CSAFPID-2698973",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.2.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.2.4",
"product": {
"name": "vers:oracle/24.2.4",
"product_id": "CSAFPID-2699085",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.2.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.3.0",
"product": {
"name": "vers:oracle/24.3.0",
"product_id": "CSAFPID-1839941",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.3.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core DBTier"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=24.2.0|\u003c=24.2.2",
"product": {
"name": "vers:oracle/\u003e=24.2.0|\u003c=24.2.2",
"product_id": "CSAFPID-1839907",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0-24.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=24.2.0|\u003c=24.2.4",
"product": {
"name": "vers:oracle/\u003e=24.2.0|\u003c=24.2.4",
"product_id": "CSAFPID-2698965",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0-24.2.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=24.2.1|\u003c=24.2.4",
"product": {
"name": "vers:oracle/\u003e=24.2.1|\u003c=24.2.4",
"product_id": "CSAFPID-2698944",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.1-24.2.4:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Policy"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/24.2.1",
"product": {
"name": "vers:oracle/24.2.1",
"product_id": "CSAFPID-1839952",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.2.2",
"product": {
"name": "vers:oracle/24.2.2",
"product_id": "CSAFPID-2699038",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.2:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Certificate Management"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/24.2.1",
"product": {
"name": "vers:oracle/24.2.1",
"product_id": "CSAFPID-1839951",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.2.2",
"product": {
"name": "vers:oracle/24.2.2",
"product_id": "CSAFPID-2699059",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.2:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Console"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/24.2.2",
"product": {
"name": "vers:oracle/24.2.2",
"product_id": "CSAFPID-1839919",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.2.3",
"product": {
"name": "vers:oracle/24.2.3",
"product_id": "CSAFPID-2698957",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.3:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Network Repository Function"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/23.4.0",
"product": {
"name": "vers:oracle/23.4.0",
"product_id": "CSAFPID-1839924",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.2.0",
"product": {
"name": "vers:oracle/24.2.0",
"product_id": "CSAFPID-1839910",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.2.1",
"product": {
"name": "vers:oracle/24.2.1",
"product_id": "CSAFPID-1839909",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.2.2",
"product": {
"name": "vers:oracle/24.2.2",
"product_id": "CSAFPID-1839894",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.2.3",
"product": {
"name": "vers:oracle/24.2.3",
"product_id": "CSAFPID-2698958",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.3.0",
"product": {
"name": "vers:oracle/24.3.0",
"product_id": "CSAFPID-2699094",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.3.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Security Edge Protection Proxy"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/24.2.0",
"product": {
"name": "vers:oracle/24.2.0",
"product_id": "CSAFPID-1839934",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.2.3",
"product": {
"name": "vers:oracle/24.2.3",
"product_id": "CSAFPID-2699086",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.3.0",
"product": {
"name": "vers:oracle/24.3.0",
"product_id": "CSAFPID-1839935",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/25.1.100",
"product": {
"name": "vers:oracle/25.1.100",
"product_id": "CSAFPID-2699073",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:25.1.100:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Service Communication Proxy"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/46.6",
"product": {
"name": "vers:oracle/46.6",
"product_id": "CSAFPID-2698993",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications EAGLE Element Management System"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/5.1",
"product": {
"name": "vers:oracle/5.1",
"product_id": "CSAFPID-1839893",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_operations_monitor:5.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/5.2",
"product": {
"name": "vers:oracle/5.2",
"product_id": "CSAFPID-1839895",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_operations_monitor:5.2:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Operations Monitor"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/12.11",
"product": {
"name": "vers:oracle/12.11",
"product_id": "CSAFPID-1839890",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.11:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/14.0",
"product": {
"name": "vers:oracle/14.0",
"product_id": "CSAFPID-1839891",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:14.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/14.0.0",
"product": {
"name": "vers:oracle/14.0.0",
"product_id": "CSAFPID-2699072",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:14.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/15.0",
"product": {
"name": "vers:oracle/15.0",
"product_id": "CSAFPID-1839961",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:15.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/15.0.0",
"product": {
"name": "vers:oracle/15.0.0",
"product_id": "CSAFPID-2699023",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:15.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/15.0.1",
"product": {
"name": "vers:oracle/15.0.1",
"product_id": "CSAFPID-2699025",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:15.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/15.0.2",
"product": {
"name": "vers:oracle/15.0.2",
"product_id": "CSAFPID-2699024",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:15.0.2:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications User Data Repository"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/9.0.0.0",
"product": {
"name": "vers:oracle/9.0.0.0",
"product_id": "CSAFPID-2698999",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Diameter Signaling Router"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/24.3.0",
"product": {
"name": "vers:oracle/24.3.0",
"product_id": "CSAFPID-2698996",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:management_cloud_engine:24.3.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Management Cloud Engine"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/24.2.0",
"product": {
"name": "vers:oracle/24.2.0",
"product_id": "CSAFPID-2699007",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Network Data Analytics Function"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/24.2.0",
"product": {
"name": "vers:oracle/24.2.0",
"product_id": "CSAFPID-1839868",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.2.5",
"product": {
"name": "vers:oracle/24.2.5",
"product_id": "CSAFPID-2699029",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.2.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.3.0",
"product": {
"name": "vers:oracle/24.3.0",
"product_id": "CSAFPID-1839869",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.3.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Network Function Cloud Native Environment"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/9.0.0",
"product": {
"name": "vers:oracle/9.0.0",
"product_id": "CSAFPID-2699013",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/9.0.1",
"product": {
"name": "vers:oracle/9.0.1",
"product_id": "CSAFPID-2699012",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/9.0.2",
"product": {
"name": "vers:oracle/9.0.2",
"product_id": "CSAFPID-2699016",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/9.0.3",
"product": {
"name": "vers:oracle/9.0.3",
"product_id": "CSAFPID-2699015",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=9.0.0|\u003c=9.0.3",
"product": {
"name": "vers:oracle/\u003e=9.0.0|\u003c=9.0.3",
"product_id": "CSAFPID-2699098",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0.0-9.0.3:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Element Manager"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/15.0.0.0.0",
"product": {
"name": "vers:oracle/15.0.0.0.0",
"product_id": "CSAFPID-1839960",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Policy Management"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/9.0.0",
"product": {
"name": "vers:oracle/9.0.0",
"product_id": "CSAFPID-2699093",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/9.0.1",
"product": {
"name": "vers:oracle/9.0.1",
"product_id": "CSAFPID-2699092",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/9.0.2",
"product": {
"name": "vers:oracle/9.0.2",
"product_id": "CSAFPID-2699091",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/9.0.3",
"product": {
"name": "vers:oracle/9.0.3",
"product_id": "CSAFPID-2699090",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=9.0.0|\u003c=9.0.3",
"product": {
"name": "vers:oracle/\u003e=9.0.0|\u003c=9.0.3",
"product_id": "CSAFPID-2699124",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0.0-9.0.3:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Session Report Manager"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/9.1.1.9",
"product": {
"name": "vers:oracle/9.1.1.9",
"product_id": "CSAFPID-2698959",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:sd-wan_edge:9.1.1.9:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle SD-WAN Edge"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/22.4.0",
"product": {
"name": "vers:oracle/22.4.0",
"product_id": "CSAFPID-2699181",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/23.4.4",
"product": {
"name": "vers:oracle/23.4.4",
"product_id": "CSAFPID-1839930",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.1.1",
"product": {
"name": "vers:oracle/24.1.1",
"product_id": "CSAFPID-1839933",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.2.2",
"product": {
"name": "vers:oracle/24.2.2",
"product_id": "CSAFPID-1839931",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.2.3",
"product": {
"name": "vers:oracle/24.2.3",
"product_id": "CSAFPID-1839963",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.3.0",
"product": {
"name": "vers:oracle/24.3.0",
"product_id": "CSAFPID-1839932",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/25.1.100",
"product": {
"name": "vers:oracle/25.1.100",
"product_id": "CSAFPID-2698956",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:25.1.100:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=23.1.0|\u003c=23.4.0",
"product": {
"name": "vers:oracle/\u003e=23.1.0|\u003c=23.4.0",
"product_id": "CSAFPID-2699180",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.0-23.4.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Unified Data Repository"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/10.0.0",
"product": {
"name": "vers:oracle/10.0.0",
"product_id": "CSAFPID-2699083",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_border_controller:10.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/9.2.0",
"product": {
"name": "vers:oracle/9.2.0",
"product_id": "CSAFPID-1839887",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/9.3.0",
"product": {
"name": "vers:oracle/9.3.0",
"product_id": "CSAFPID-1839889",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Session Border Controller"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/4.1.0",
"product": {
"name": "vers:oracle/4.1.0",
"product_id": "CSAFPID-1839888",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:enterprise_communications_broker:4.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/4.2.0",
"product": {
"name": "vers:oracle/4.2.0",
"product_id": "CSAFPID-1839886",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:enterprise_communications_broker:4.2.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Enterprise Communications Broker"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/24.1.0",
"product": {
"name": "vers:oracle/24.1.0",
"product_id": "CSAFPID-1839925",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.2.0",
"product": {
"name": "vers:oracle/24.2.0",
"product_id": "CSAFPID-1840027",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.3.0",
"product": {
"name": "vers:oracle/24.3.0",
"product_id": "CSAFPID-2699041",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=24.1.0|\u003c=24.3.0",
"product": {
"name": "vers:oracle/\u003e=24.1.0|\u003c=24.3.0",
"product_id": "CSAFPID-2698961",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0-24.3.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Network Analytics Data Director"
}
],
"category": "product_family",
"name": "Oracle Communications"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=23.4.0|\u003c=23.4.1",
"product": {
"name": "vers:oracle/\u003e=23.4.0|\u003c=23.4.1",
"product_id": "CSAFPID-1145869"
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=23.4.0|\u003c=23.4.3",
"product": {
"name": "vers:oracle/\u003e=23.4.0|\u003c=23.4.3",
"product_id": "CSAFPID-1145271",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=23.4.0|\u003c=23.4.5",
"product": {
"name": "vers:oracle/\u003e=23.4.0|\u003c=23.4.5",
"product_id": "CSAFPID-1173947",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Binding Support Function"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=23.4.0|\u003c=23.4.2",
"product": {
"name": "vers:oracle/\u003e=23.4.0|\u003c=23.4.2",
"product_id": "CSAFPID-1145868"
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=23.4.0|\u003c=23.4.4",
"product": {
"name": "vers:oracle/\u003e=23.4.0|\u003c=23.4.4",
"product_id": "CSAFPID-1145270",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=23.4.0|\u003c=23.4.6",
"product": {
"name": "vers:oracle/\u003e=23.4.0|\u003c=23.4.6",
"product_id": "CSAFPID-1173946",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Policy"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/23.4.3",
"product": {
"name": "vers:oracle/23.4.3",
"product_id": "CSAFPID-1173942",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.2.0",
"product": {
"name": "vers:oracle/24.2.0",
"product_id": "CSAFPID-1173945",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Certificate Management"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/23.4.2",
"product": {
"name": "vers:oracle/23.4.2",
"product_id": "CSAFPID-1173940",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.2.0",
"product": {
"name": "vers:oracle/24.2.0",
"product_id": "CSAFPID-1173941",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Console"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/23.4.4",
"product": {
"name": "vers:oracle/23.4.4",
"product_id": "CSAFPID-1173965",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.2.1",
"product": {
"name": "vers:oracle/24.2.1",
"product_id": "CSAFPID-1173967",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.1:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Network Repository Function"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/23.4.2",
"product": {
"name": "vers:oracle/23.4.2",
"product_id": "CSAFPID-1173943",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.2.0",
"product": {
"name": "vers:oracle/24.2.0",
"product_id": "CSAFPID-1173944",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Security Edge Protection Proxy"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/23.4.0",
"product": {
"name": "vers:oracle/23.4.0",
"product_id": "CSAFPID-1145265",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.1.0",
"product": {
"name": "vers:oracle/24.1.0",
"product_id": "CSAFPID-1145273",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.2.0",
"product": {
"name": "vers:oracle/24.2.0",
"product_id": "CSAFPID-1174046",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Service Communication Proxy"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/7.3.6",
"product": {
"name": "vers:oracle/7.3.6",
"product_id": "CSAFPID-2699077",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_integrity:7.3.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/7.4.0",
"product": {
"name": "vers:oracle/7.4.0",
"product_id": "CSAFPID-2699075",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_integrity:7.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/7.5.0",
"product": {
"name": "vers:oracle/7.5.0",
"product_id": "CSAFPID-2699076",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_integrity:7.5.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Network Integrity"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/6.0",
"product": {
"name": "vers:oracle/6.0",
"product_id": "CSAFPID-2699027",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=6.0.0|\u003c=6.0.5",
"product": {
"name": "vers:oracle/\u003e=6.0.0|\u003c=6.0.5",
"product_id": "CSAFPID-1839852",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=6.0.4|\u003c=6.0.5",
"product": {
"name": "vers:oracle/\u003e=6.0.4|\u003c=6.0.5",
"product_id": "CSAFPID-1840033",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.4-6.0.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=6.0|\u003c=6.1",
"product": {
"name": "vers:oracle/\u003e=6.0|\u003c=6.1",
"product_id": "CSAFPID-2698955",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0-6.1:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Unified Assurance"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/12.0.0.8.0",
"product": {
"name": "vers:oracle/12.0.0.8.0",
"product_id": "CSAFPID-2699001",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.8.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/15.0.0.0.0",
"product": {
"name": "vers:oracle/15.0.0.0.0",
"product_id": "CSAFPID-2699084",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/15.0.1.0.0",
"product": {
"name": "vers:oracle/15.0.1.0.0",
"product_id": "CSAFPID-2699079",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=12.0.0.4.0|\u003c=12.0.0.8.0",
"product": {
"name": "vers:oracle/\u003e=12.0.0.4.0|\u003c=12.0.0.8.0",
"product_id": "CSAFPID-2699058",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4.0-12.0.0.8.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=12.0.0.4|\u003c=12.0.0.8",
"product": {
"name": "vers:oracle/\u003e=12.0.0.4|\u003c=12.0.0.8",
"product_id": "CSAFPID-1839957",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4-12.0.0.8:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=15.0.0.0.0|\u003c=15.0.1.0.0",
"product": {
"name": "vers:oracle/\u003e=15.0.0.0.0|\u003c=15.0.1.0.0",
"product_id": "CSAFPID-2699000",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0-15.0.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=15.0.0.0|\u003c=15.0.0.1",
"product": {
"name": "vers:oracle/\u003e=15.0.0.0|\u003c=15.0.0.1",
"product_id": "CSAFPID-1839953",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0-15.0.0.1:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Billing and Revenue Management"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/8.1.0.26.0",
"product": {
"name": "vers:oracle/8.1.0.26.0",
"product_id": "CSAFPID-2698964",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.26.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Messaging Server"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/6.3.1",
"product": {
"name": "vers:oracle/6.3.1",
"product_id": "CSAFPID-2698991",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications MetaSolv Solution"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/12.0.6.0.0",
"product": {
"name": "vers:oracle/12.0.6.0.0",
"product_id": "CSAFPID-2699127",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.6.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/15.0.0.0.0",
"product": {
"name": "vers:oracle/15.0.0.0.0",
"product_id": "CSAFPID-2699126",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/15.0.1.0.0",
"product": {
"name": "vers:oracle/15.0.1.0.0",
"product_id": "CSAFPID-2699128",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.1.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Network Charging and Control"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/7.4.0",
"product": {
"name": "vers:oracle/7.4.0",
"product_id": "CSAFPID-1839980",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/7.5.0",
"product": {
"name": "vers:oracle/7.5.0",
"product_id": "CSAFPID-1840004",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/7.4.1",
"product": {
"name": "vers:oracle/7.4.1",
"product_id": "CSAFPID-1839981",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.4.1:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Order and Service Management"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/15.0.0.0.0",
"product": {
"name": "vers:oracle/15.0.0.0.0",
"product_id": "CSAFPID-2699056",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/15.0.1.0.0",
"product": {
"name": "vers:oracle/15.0.1.0.0",
"product_id": "CSAFPID-2699063",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_pricing_design_center:15.0.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=12.0.0.4.0|\u003c=12.0.0.8.0",
"product": {
"name": "vers:oracle/\u003e=12.0.0.4.0|\u003c=12.0.0.8.0",
"product_id": "CSAFPID-2699060",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4.0-12.0.0.8.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Pricing Design Center"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/8.0.0.3",
"product": {
"name": "vers:oracle/8.0.0.3",
"product_id": "CSAFPID-1839921",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/8.0.0.4.0",
"product": {
"name": "vers:oracle/8.0.0.4.0",
"product_id": "CSAFPID-2698975",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/8.1.0.1",
"product": {
"name": "vers:oracle/8.1.0.1",
"product_id": "CSAFPID-1839922",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.1.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/8.1.0.2.0",
"product": {
"name": "vers:oracle/8.1.0.2.0",
"product_id": "CSAFPID-2698974",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.1.0.2.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Service Catalog and Design"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/7.4.1",
"product": {
"name": "vers:oracle/7.4.1",
"product_id": "CSAFPID-1839978",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/7.4.2",
"product": {
"name": "vers:oracle/7.4.2",
"product_id": "CSAFPID-1839979",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/7.5.0",
"product": {
"name": "vers:oracle/7.5.0",
"product_id": "CSAFPID-2699035",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/7.5.1",
"product": {
"name": "vers:oracle/7.5.1",
"product_id": "CSAFPID-1839983",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/7.6.0",
"product": {
"name": "vers:oracle/7.6.0",
"product_id": "CSAFPID-1840005",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.6.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/7.7.0",
"product": {
"name": "vers:oracle/7.7.0",
"product_id": "CSAFPID-2699034",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=7.4.0|\u003c=7.4.2",
"product": {
"name": "vers:oracle/\u003e=7.4.0|\u003c=7.4.2",
"product_id": "CSAFPID-2699036",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0-7.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=7.5.0|\u003c=7.5.1",
"product": {
"name": "vers:oracle/\u003e=7.5.0|\u003c=7.5.1",
"product_id": "CSAFPID-2699096",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0-7.5.1:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Unified Inventory Management"
}
],
"category": "product_family",
"name": "Oracle Communications Applications"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/23.4.0",
"product": {
"name": "vers:oracle/23.4.0",
"product_id": "CSAFPID-1145246",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.1.0",
"product": {
"name": "vers:oracle/24.1.0",
"product_id": "CSAFPID-1145247",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Network Function Cloud Native Environment"
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:semver/7.4.0",
"product": {
"name": "vers:semver/7.4.0",
"product_id": "CSAFPID-2698653"
}
},
{
"category": "product_version_range",
"name": "vers:semver/7.4.1",
"product": {
"name": "vers:semver/7.4.1",
"product_id": "CSAFPID-2698654"
}
},
{
"category": "product_version_range",
"name": "vers:semver/7.5.0",
"product": {
"name": "vers:semver/7.5.0",
"product_id": "CSAFPID-2698655"
}
}
],
"category": "product_name",
"name": "Oracle Communications Order and Service Management"
}
],
"category": "vendor",
"name": "Oracle Corporation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-5388",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"notes": [
{
"category": "other",
"text": "Observable Timing Discrepancy",
"title": "CWE-208"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-5388",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5388.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2023-5388"
},
{
"cve": "CVE-2023-5685",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-5685",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5685.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2023-5685"
},
{
"cve": "CVE-2023-49582",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"notes": [
{
"category": "other",
"text": "Incorrect Permission Assignment for Critical Resource",
"title": "CWE-732"
},
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-49582",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49582.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2023-49582"
},
{
"cve": "CVE-2023-51074",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-51074",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51074.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2023-51074"
},
{
"cve": "CVE-2024-1135",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "other",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-1135",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1135.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-1135"
},
{
"cve": "CVE-2024-4227",
"cwe": {
"id": "CWE-834",
"name": "Excessive Iteration"
},
"notes": [
{
"category": "other",
"text": "Excessive Iteration",
"title": "CWE-834"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-4227",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4227.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-4227"
},
{
"cve": "CVE-2024-5535",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "Dependency on Vulnerable Third-Party Component",
"title": "CWE-1395"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-5535",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-5535"
},
{
"cve": "CVE-2024-6763",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"notes": [
{
"category": "other",
"text": "Improper Validation of Syntactic Correctness of Input",
"title": "CWE-1286"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-6763",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6763.json"
}
],
"title": "CVE-2024-6763"
},
{
"cve": "CVE-2024-7254",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-7254",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7254.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-7254"
},
{
"cve": "CVE-2024-11053",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-11053",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11053.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-11053"
},
{
"cve": "CVE-2024-12797",
"cwe": {
"id": "CWE-392",
"name": "Missing Report of Error Condition"
},
"notes": [
{
"category": "other",
"text": "Missing Report of Error Condition",
"title": "CWE-392"
},
{
"category": "other",
"text": "Dependency on Vulnerable Third-Party Component",
"title": "CWE-1395"
},
{
"category": "other",
"text": "Improper Certificate Validation",
"title": "CWE-295"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-12797",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-12797.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-12797"
},
{
"cve": "CVE-2024-12798",
"cwe": {
"id": "CWE-917",
"name": "Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)",
"title": "CWE-917"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/RE:L/U:Clear",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-12798",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-12798.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-12798"
},
{
"cve": "CVE-2024-21538",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21538",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21538.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-21538"
},
{
"cve": "CVE-2024-25638",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"notes": [
{
"category": "other",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
},
{
"category": "other",
"text": "Acceptance of Extraneous Untrusted Data With Trusted Data",
"title": "CWE-349"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-25638",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25638.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.9,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-25638"
},
{
"cve": "CVE-2024-28168",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28168",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28168.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-28168"
},
{
"cve": "CVE-2024-28219",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "other",
"text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"title": "CWE-120"
},
{
"category": "other",
"text": "Use of Potentially Dangerous Function",
"title": "CWE-676"
},
{
"category": "other",
"text": "Integer Overflow to Buffer Overflow",
"title": "CWE-680"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28219",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28219.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-28219"
},
{
"cve": "CVE-2024-28834",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Use of a Broken or Risky Cryptographic Algorithm",
"title": "CWE-327"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28834",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28834.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-28834"
},
{
"cve": "CVE-2024-31141",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Files or Directories Accessible to External Parties",
"title": "CWE-552"
},
{
"category": "other",
"text": "Improper Privilege Management",
"title": "CWE-269"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-31141",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31141.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-31141"
},
{
"cve": "CVE-2024-34064",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-34064",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34064.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-34064"
},
{
"cve": "CVE-2024-35195",
"cwe": {
"id": "CWE-670",
"name": "Always-Incorrect Control Flow Implementation"
},
"notes": [
{
"category": "other",
"text": "Always-Incorrect Control Flow Implementation",
"title": "CWE-670"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-35195",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35195.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-35195"
},
{
"cve": "CVE-2024-37891",
"cwe": {
"id": "CWE-669",
"name": "Incorrect Resource Transfer Between Spheres"
},
"notes": [
{
"category": "other",
"text": "Incorrect Resource Transfer Between Spheres",
"title": "CWE-669"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37891",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-37891"
},
{
"cve": "CVE-2024-38819",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38819",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38819.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-38819"
},
{
"cve": "CVE-2024-38827",
"cwe": {
"id": "CWE-639",
"name": "Authorization Bypass Through User-Controlled Key"
},
"notes": [
{
"category": "other",
"text": "Authorization Bypass Through User-Controlled Key",
"title": "CWE-639"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38827",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38827.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-38827"
},
{
"cve": "CVE-2024-40896",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40896",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40896.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-40896"
},
{
"cve": "CVE-2024-43044",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "other",
"text": "Improper Check for Unusual or Exceptional Conditions",
"title": "CWE-754"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-43044",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43044.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-43044"
},
{
"cve": "CVE-2024-43709",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-43709",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43709.json"
}
],
"title": "CVE-2024-43709"
},
{
"cve": "CVE-2024-43796",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-43796",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43796.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-43796"
},
{
"cve": "CVE-2024-47072",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47072",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47072.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-47072"
},
{
"cve": "CVE-2024-47554",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47554",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47554.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-47554"
},
{
"cve": "CVE-2024-49767",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-49767",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-49767.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-49767"
},
{
"cve": "CVE-2024-50602",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Improper Check for Unusual or Exceptional Conditions",
"title": "CWE-754"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-50602",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50602.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-50602"
},
{
"cve": "CVE-2024-52046",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-52046",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52046.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-52046"
},
{
"cve": "CVE-2024-52303",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"notes": [
{
"category": "other",
"text": "Missing Release of Resource after Effective Lifetime",
"title": "CWE-772"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-52303",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52303.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-52303"
},
{
"cve": "CVE-2024-53122",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "Divide By Zero",
"title": "CWE-369"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-53122",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-53122.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-53122"
},
{
"cve": "CVE-2024-56128",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"notes": [
{
"category": "other",
"text": "Incorrect Implementation of Authentication Algorithm",
"title": "CWE-303"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-56128",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56128.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-56128"
},
{
"cve": "CVE-2024-56337",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "other",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-56337",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56337.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-56337"
},
{
"cve": "CVE-2024-57699",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-57699",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-57699.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2024-57699"
},
{
"cve": "CVE-2025-1974",
"cwe": {
"id": "CWE-653",
"name": "Improper Isolation or Compartmentalization"
},
"notes": [
{
"category": "other",
"text": "Improper Isolation or Compartmentalization",
"title": "CWE-653"
},
{
"category": "other",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-1974",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-1974.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2025-1974"
},
{
"cve": "CVE-2025-23084",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-23084",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23084.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2025-23084"
},
{
"cve": "CVE-2025-23184",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-23184",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23184.json"
}
],
"title": "CVE-2025-23184"
},
{
"cve": "CVE-2025-24813",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "other",
"text": "Path Equivalence: \u0027file.name\u0027 (Internal Dot)",
"title": "CWE-44"
},
{
"category": "other",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
},
{
"category": "other",
"text": "Use of Incorrectly-Resolved Name or Reference",
"title": "CWE-706"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24813",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24813.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2025-24813"
},
{
"cve": "CVE-2025-24928",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24928",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24928.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2025-24928"
},
{
"cve": "CVE-2025-24970",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24970",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24970.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2025-24970"
},
{
"cve": "CVE-2025-27516",
"cwe": {
"id": "CWE-1336",
"name": "Improper Neutralization of Special Elements Used in a Template Engine"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements Used in a Template Engine",
"title": "CWE-1336"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27516",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27516.json"
}
],
"title": "CVE-2025-27516"
},
{
"cve": "CVE-2025-27789",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27789",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27789.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2025-27789"
},
{
"cve": "CVE-2025-30729",
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30729",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30729.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2025-30729"
},
{
"cve": "CVE-2025-31721",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-31721",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-31721.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1838578",
"CSAFPID-1839911",
"CSAFPID-1839908",
"CSAFPID-1145869",
"CSAFPID-1145271",
"CSAFPID-1173947",
"CSAFPID-2698963",
"CSAFPID-2698973",
"CSAFPID-2699085",
"CSAFPID-1839941",
"CSAFPID-1838591",
"CSAFPID-1145868",
"CSAFPID-1145270",
"CSAFPID-1173946",
"CSAFPID-1839907",
"CSAFPID-2698965",
"CSAFPID-2698944",
"CSAFPID-1173942",
"CSAFPID-1173945",
"CSAFPID-1839952",
"CSAFPID-2699038",
"CSAFPID-1838592",
"CSAFPID-1173940",
"CSAFPID-1173941",
"CSAFPID-1839951",
"CSAFPID-2699059",
"CSAFPID-1173965",
"CSAFPID-1173967",
"CSAFPID-1839919",
"CSAFPID-2698957",
"CSAFPID-1838572",
"CSAFPID-1838581",
"CSAFPID-1838584",
"CSAFPID-1839924",
"CSAFPID-1173943",
"CSAFPID-1173944",
"CSAFPID-1839910",
"CSAFPID-1839909",
"CSAFPID-1839894",
"CSAFPID-2698958",
"CSAFPID-2699094",
"CSAFPID-1145265",
"CSAFPID-1145273",
"CSAFPID-1174046",
"CSAFPID-1839934",
"CSAFPID-2699086",
"CSAFPID-1839935",
"CSAFPID-2699073",
"CSAFPID-2698993",
"CSAFPID-1839893",
"CSAFPID-1839895",
"CSAFPID-1839890",
"CSAFPID-1839891",
"CSAFPID-2699072",
"CSAFPID-1839961",
"CSAFPID-2699023",
"CSAFPID-2699025",
"CSAFPID-2699024",
"CSAFPID-2698999",
"CSAFPID-2699077",
"CSAFPID-2699075",
"CSAFPID-2699076",
"CSAFPID-2698355",
"CSAFPID-2699027",
"CSAFPID-1839852",
"CSAFPID-1840033",
"CSAFPID-2698955",
"CSAFPID-2699001",
"CSAFPID-2699084",
"CSAFPID-2699079",
"CSAFPID-2699058",
"CSAFPID-1839957",
"CSAFPID-2699000",
"CSAFPID-1839953",
"CSAFPID-2698964",
"CSAFPID-2698991",
"CSAFPID-2699127",
"CSAFPID-2699126",
"CSAFPID-2699128",
"CSAFPID-1839980",
"CSAFPID-1840004",
"CSAFPID-1839981",
"CSAFPID-2698653",
"CSAFPID-2698654",
"CSAFPID-2698655",
"CSAFPID-2699056",
"CSAFPID-2699063",
"CSAFPID-2699060",
"CSAFPID-1839921",
"CSAFPID-2698975",
"CSAFPID-1839922",
"CSAFPID-2698974",
"CSAFPID-1839978",
"CSAFPID-1839979",
"CSAFPID-2699035",
"CSAFPID-1839983",
"CSAFPID-1840005",
"CSAFPID-2699034",
"CSAFPID-2699036",
"CSAFPID-2699096",
"CSAFPID-2698996",
"CSAFPID-2698333",
"CSAFPID-2698334",
"CSAFPID-2699007",
"CSAFPID-2698374",
"CSAFPID-1145246",
"CSAFPID-1145247",
"CSAFPID-1839868",
"CSAFPID-2699029",
"CSAFPID-1839869",
"CSAFPID-1234193",
"CSAFPID-1234261",
"CSAFPID-2698362",
"CSAFPID-2698358",
"CSAFPID-2698372",
"CSAFPID-2699013",
"CSAFPID-2699012",
"CSAFPID-2699016",
"CSAFPID-2699015",
"CSAFPID-2699098",
"CSAFPID-1837923",
"CSAFPID-1839960",
"CSAFPID-2698373",
"CSAFPID-2699093",
"CSAFPID-2699092",
"CSAFPID-2699091",
"CSAFPID-2699090",
"CSAFPID-2699124",
"CSAFPID-2698959",
"CSAFPID-2698357",
"CSAFPID-1838579",
"CSAFPID-1838582",
"CSAFPID-2699181",
"CSAFPID-1839930",
"CSAFPID-1839933",
"CSAFPID-1839931",
"CSAFPID-1839963",
"CSAFPID-1839932",
"CSAFPID-2698956",
"CSAFPID-2699180",
"CSAFPID-2698381",
"CSAFPID-1207518",
"CSAFPID-1207704",
"CSAFPID-2699083",
"CSAFPID-1839887",
"CSAFPID-1839889",
"CSAFPID-1207607",
"CSAFPID-1207752",
"CSAFPID-1839888",
"CSAFPID-1839886",
"CSAFPID-1839925",
"CSAFPID-1840027",
"CSAFPID-2699041",
"CSAFPID-2698961",
"CSAFPID-1838586"
]
}
],
"title": "CVE-2025-31721"
}
]
}
ncsc-2025-0335
Vulnerability from csaf_ncscnl
Published
2025-10-23 13:45
Modified
2025-10-23 13:45
Summary
Kwetsbaarheden verholpen in Oracle Analytics
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft meerdere kwetsbaarheden verholpen in Oracle Analytics producten.
Interpretaties
De kwetsbaarheden kunnen de vertrouwelijkheid, integriteit en beschikbaarheid in gevaar brengen, met een maximale impactscore van 'HOOG'. Aanvallers kunnen deze kwetsbaarheden misbruiken om ongeautoriseerde toegang te verkrijgen of Denial-of-Service (DoS) aanvallen uit te voeren. Specifieke versies van subcomponenten als Oracle Communications Cloud Native Core Binding Support Function en DBTier zijn getroffen, evenals Oracle Business Intelligence Enterprise Edition, die kwetsbaarheden bevatten die ongeautoriseerde toegang en gedeeltelijke Denial-of-Service mogelijk maken.
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-20
Improper Input Validation
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-267
Privilege Defined With Unsafe Actions
CWE-284
Improper Access Control
CWE-295
Improper Certificate Validation
CWE-392
Missing Report of Error Condition
CWE-400
Uncontrolled Resource Consumption
CWE-404
Improper Resource Shutdown or Release
CWE-674
Uncontrolled Recursion
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-787
Out-of-bounds Write
CWE-1395
Dependency on Vulnerable Third-Party Component
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft meerdere kwetsbaarheden verholpen in Oracle Analytics producten.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden kunnen de vertrouwelijkheid, integriteit en beschikbaarheid in gevaar brengen, met een maximale impactscore van \u0027HOOG\u0027. Aanvallers kunnen deze kwetsbaarheden misbruiken om ongeautoriseerde toegang te verkrijgen of Denial-of-Service (DoS) aanvallen uit te voeren. Specifieke versies van subcomponenten als Oracle Communications Cloud Native Core Binding Support Function en DBTier zijn getroffen, evenals Oracle Business Intelligence Enterprise Edition, die kwetsbaarheden bevatten die ongeautoriseerde toegang en gedeeltelijke Denial-of-Service mogelijk maken.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Privilege Defined With Unsafe Actions",
"title": "CWE-267"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "general",
"text": "Missing Report of Error Condition",
"title": "CWE-392"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Dependency on Vulnerable Third-Party Component",
"title": "CWE-1395"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference",
"url": "https://www.oracle.com/security-alerts/cpuoct2025.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Analytics",
"tracking": {
"current_release_date": "2025-10-23T13:45:06.747933Z",
"generator": {
"date": "2025-08-04T16:30:00Z",
"engine": {
"name": "V.A.",
"version": "1.3"
}
},
"id": "NCSC-2025-0335",
"initial_release_date": "2025-10-23T13:45:06.747933Z",
"revision_history": [
{
"date": "2025-10-23T13:45:06.747933Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-1"
}
}
],
"category": "product_name",
"name": "Oracle BI Publisher"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-2"
}
}
],
"category": "product_name",
"name": "Oracle Business Intelligence Enterprise Edition"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-7254",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "description",
"text": "Multiple vulnerabilities across various Oracle, IBM, and Protobuf products could lead to Denial of Service and unauthorized access, with significant risks identified in versions of Oracle Communications, MySQL Connector/J, and IBM WebSphere.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-7254 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-7254.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2"
]
}
],
"title": "CVE-2024-7254"
},
{
"cve": "CVE-2024-12797",
"cwe": {
"id": "CWE-392",
"name": "Missing Report of Error Condition"
},
"notes": [
{
"category": "other",
"text": "Missing Report of Error Condition",
"title": "CWE-392"
},
{
"category": "other",
"text": "Dependency on Vulnerable Third-Party Component",
"title": "CWE-1395"
},
{
"category": "other",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "description",
"text": "Multiple vulnerabilities across OpenSSL and Oracle products expose clients to man-in-the-middle attacks, unauthorized access, and partial denial of service, particularly affecting RFC7250 Raw Public Keys and specific versions of Oracle Communications and Business Intelligence software.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-12797 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-12797.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2"
]
}
],
"title": "CVE-2024-12797"
},
{
"cve": "CVE-2024-47554",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "description",
"text": "Multiple vulnerabilities across Oracle Middleware, Documaker, and Apache Commons IO components allow unauthenticated attackers to exploit denial of service risks, with CVSS scores ranging from 4.3 to 7.5.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47554 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-47554.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2"
]
}
],
"title": "CVE-2024-47554"
},
{
"cve": "CVE-2025-25193",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "description",
"text": "Recent updates to Netty and Oracle products address critical vulnerabilities, including denial of service risks due to unsafe environment file reading and flaws in various APIs and components.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-25193 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-25193.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2"
]
}
],
"title": "CVE-2025-25193"
},
{
"cve": "CVE-2025-48795",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle WebCenter Forms Recognition and Apache CXF expose systems to data compromise and denial of service risks, with CVSS scores indicating significant impacts on confidentiality, integrity, and availability.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-48795 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48795.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2"
]
}
],
"title": "CVE-2025-48795"
},
{
"cve": "CVE-2025-48976",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "description",
"text": "Multiple vulnerabilities affecting Oracle Application Testing Suite and Apache Commons FileUpload, including DoS risks due to insufficient multipart header limits, have been identified, with CVSS scores reaching 7.5.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-48976 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48976.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2"
]
}
],
"title": "CVE-2025-48976"
},
{
"cve": "CVE-2025-53049",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "description",
"text": "A vulnerability in Oracle Business Intelligence Enterprise Edition (versions 7.6.0.0.0 and 8.2.0.0.0) allows high-privileged attackers to potentially take over the system, with a CVSS score of 8.4.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-53049 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-53049.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2"
]
}
],
"title": "CVE-2025-53049"
},
{
"cve": "CVE-2025-61754",
"cwe": {
"id": "CWE-267",
"name": "Privilege Defined With Unsafe Actions"
},
"notes": [
{
"category": "other",
"text": "Privilege Defined With Unsafe Actions",
"title": "CWE-267"
},
{
"category": "description",
"text": "A vulnerability in Oracle BI Publisher (versions 7.6.0.0.0 and 8.2.0.0.0) allows low privileged attackers to exploit the Web Service API, potentially leading to unauthorized access to critical data, with a CVSS score of 6.5.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-61754 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-61754.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2"
]
}
],
"title": "CVE-2025-61754"
}
]
}
ncsc-2025-0027
Vulnerability from csaf_ncscnl
Published
2025-01-22 13:36
Modified
2025-01-22 13:36
Summary
Kwetsbaarheden verholpen in Oracle Fusion Middleware
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft meerdere kwetsbaarheden verholpen in zijn producten, waaronder Oracle Fusion Middleware, Oracle WebLogic Server, en Oracle HTTP Server.
Interpretaties
De kwetsbaarheden bevinden zich in verschillende Oracle producten, waaronder Oracle WebLogic Server versies 12.2.1.4.0 en 14.1.1.0.0, die het mogelijk maken voor ongeauthenticeerde kwaadwillenden om toegang te krijgen tot kritieke gegevens. Dit kan leiden tot ernstige gevolgen voor de vertrouwelijkheid, integriteit en beschikbaarheid van de systemen. De kwetsbaarheid in Oracle HTTP Server versie 12.2.1.4.0 stelt kwaadwillenden in staat om ongeautoriseerde toegang te verkrijgen, met een CVSS-score van 5.3, terwijl de kwetsbaarheid in WebLogic Server een CVSS-score van 9.8 heeft, wat wijst op een kritieke impact. Kwaadwillenden kunnen ook gebruik maken van kwetsbaarheden in Oracle Fusion Middleware en andere producten om Denial-of-Service (DoS) aanvallen uit te voeren.
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-338
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
CWE-35
Path Traversal: '.../...//'
CWE-1395
Dependency on Vulnerable Third-Party Component
CWE-130
Improper Handling of Length Parameter Inconsistency
CWE-755
Improper Handling of Exceptional Conditions
CWE-732
Incorrect Permission Assignment for Critical Resource
CWE-116
Improper Encoding or Escaping of Output
CWE-190
Integer Overflow or Wraparound
CWE-532
Insertion of Sensitive Information into Log File
CWE-798
Use of Hard-coded Credentials
CWE-125
Out-of-bounds Read
CWE-284
Improper Access Control
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-295
Improper Certificate Validation
CWE-400
Uncontrolled Resource Consumption
CWE-502
Deserialization of Untrusted Data
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-611
Improper Restriction of XML External Entity Reference
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-122
Heap-based Buffer Overflow
CWE-121
Stack-based Buffer Overflow
CWE-20
Improper Input Validation
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft meerdere kwetsbaarheden verholpen in zijn producten, waaronder Oracle Fusion Middleware, Oracle WebLogic Server, en Oracle HTTP Server.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden bevinden zich in verschillende Oracle producten, waaronder Oracle WebLogic Server versies 12.2.1.4.0 en 14.1.1.0.0, die het mogelijk maken voor ongeauthenticeerde kwaadwillenden om toegang te krijgen tot kritieke gegevens. Dit kan leiden tot ernstige gevolgen voor de vertrouwelijkheid, integriteit en beschikbaarheid van de systemen. De kwetsbaarheid in Oracle HTTP Server versie 12.2.1.4.0 stelt kwaadwillenden in staat om ongeautoriseerde toegang te verkrijgen, met een CVSS-score van 5.3, terwijl de kwetsbaarheid in WebLogic Server een CVSS-score van 9.8 heeft, wat wijst op een kritieke impact. Kwaadwillenden kunnen ook gebruik maken van kwetsbaarheden in Oracle Fusion Middleware en andere producten om Denial-of-Service (DoS) aanvallen uit te voeren.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
"title": "CWE-338"
},
{
"category": "general",
"text": "Path Traversal: \u0027.../...//\u0027",
"title": "CWE-35"
},
{
"category": "general",
"text": "Dependency on Vulnerable Third-Party Component",
"title": "CWE-1395"
},
{
"category": "general",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
},
{
"category": "general",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "general",
"text": "Incorrect Permission Assignment for Critical Resource",
"title": "CWE-732"
},
{
"category": "general",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "Insertion of Sensitive Information into Log File",
"title": "CWE-532"
},
{
"category": "general",
"text": "Use of Hard-coded Credentials",
"title": "CWE-798"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - cveprojectv5; nvd; oracle",
"url": "https://www.oracle.com/security-alerts/cpujan2025.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Fusion Middleware",
"tracking": {
"current_release_date": "2025-01-22T13:36:27.908718Z",
"id": "NCSC-2025-0027",
"initial_release_date": "2025-01-22T13:36:27.908718Z",
"revision_history": [
{
"date": "2025-01-22T13:36:27.908718Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "http_server",
"product": {
"name": "http_server",
"product_id": "CSAFPID-93909",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "http_server",
"product": {
"name": "http_server",
"product_id": "CSAFPID-40303",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "http_server",
"product": {
"name": "http_server",
"product_id": "CSAFPID-912074",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:http_server:14.1.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "fusion_middleware_mapviewer",
"product": {
"name": "fusion_middleware_mapviewer",
"product_id": "CSAFPID-226018",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "fusion_middleware",
"product": {
"name": "fusion_middleware",
"product_id": "CSAFPID-1646487",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:fusion_middleware:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "fusion_middleware",
"product": {
"name": "fusion_middleware",
"product_id": "CSAFPID-332789",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:fusion_middleware:11.1.1.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "fusion_middleware",
"product": {
"name": "fusion_middleware",
"product_id": "CSAFPID-1747074",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:fusion_middleware:12.2.1.19.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "fusion_middleware",
"product": {
"name": "fusion_middleware",
"product_id": "CSAFPID-342815",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:fusion_middleware:12.2.1.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "fusion_middleware",
"product": {
"name": "fusion_middleware",
"product_id": "CSAFPID-271904",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "fusion_middleware",
"product": {
"name": "fusion_middleware",
"product_id": "CSAFPID-503474",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:fusion_middleware:14.1.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "fusion_middleware",
"product": {
"name": "fusion_middleware",
"product_id": "CSAFPID-1674670",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:fusion_middleware:8.5.7:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "weblogic_server",
"product": {
"name": "weblogic_server",
"product_id": "CSAFPID-3661",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "weblogic_server",
"product": {
"name": "weblogic_server",
"product_id": "CSAFPID-3660",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "weblogic_server",
"product": {
"name": "weblogic_server",
"product_id": "CSAFPID-1973",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "weblogic_server",
"product": {
"name": "weblogic_server",
"product_id": "CSAFPID-1751293",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:weblogic_server:14.1.2.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "security_service",
"product": {
"name": "security_service",
"product_id": "CSAFPID-199820",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:security_service:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_activity_monitoring",
"product": {
"name": "business_activity_monitoring",
"product_id": "CSAFPID-228157",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_activity_monitoring__bam_",
"product": {
"name": "business_activity_monitoring__bam_",
"product_id": "CSAFPID-764927",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_activity_monitoring__bam_:12.2.1.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_activity_monitoring__bam_",
"product": {
"name": "business_activity_monitoring__bam_",
"product_id": "CSAFPID-764928",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_activity_monitoring__bam_:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "identity_manager",
"product": {
"name": "identity_manager",
"product_id": "CSAFPID-220164",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:identity_manager:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "managed_file_transfer",
"product": {
"name": "managed_file_transfer",
"product_id": "CSAFPID-204581",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "middleware_common_libraries_and_tools",
"product": {
"name": "middleware_common_libraries_and_tools",
"product_id": "CSAFPID-94398",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "middleware_common_libraries_and_tools",
"product": {
"name": "middleware_common_libraries_and_tools",
"product_id": "CSAFPID-94309",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "middleware_common_libraries_and_tools",
"product": {
"name": "middleware_common_libraries_and_tools",
"product_id": "CSAFPID-94393",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:middleware_common_libraries_and_tools:14.1.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_process_management_suite",
"product": {
"name": "business_process_management_suite",
"product_id": "CSAFPID-9043",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_process_management_suite",
"product": {
"name": "business_process_management_suite",
"product_id": "CSAFPID-9642",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "outside_in_technology",
"product": {
"name": "outside_in_technology",
"product_id": "CSAFPID-1260",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:outside_in_technology:8.5.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "outside_in_technology",
"product": {
"name": "outside_in_technology",
"product_id": "CSAFPID-912053",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:outside_in_technology:8.5.7:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "webcenter_portal",
"product": {
"name": "webcenter_portal",
"product_id": "CSAFPID-135359",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "webcenter_portal",
"product": {
"name": "webcenter_portal",
"product_id": "CSAFPID-45194",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-12415",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
}
],
"product_status": {
"known_affected": [
"CSAFPID-45194",
"CSAFPID-135359",
"CSAFPID-1646487",
"CSAFPID-9642",
"CSAFPID-40303",
"CSAFPID-220164",
"CSAFPID-204581",
"CSAFPID-94309",
"CSAFPID-1260",
"CSAFPID-3661",
"CSAFPID-3660",
"CSAFPID-1973",
"CSAFPID-94393",
"CSAFPID-226018",
"CSAFPID-764927",
"CSAFPID-764928",
"CSAFPID-9043",
"CSAFPID-93909",
"CSAFPID-94398"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2019-12415",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2019/CVE-2019-12415.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-45194",
"CSAFPID-135359",
"CSAFPID-1646487",
"CSAFPID-9642",
"CSAFPID-40303",
"CSAFPID-220164",
"CSAFPID-204581",
"CSAFPID-94309",
"CSAFPID-1260",
"CSAFPID-3661",
"CSAFPID-3660",
"CSAFPID-1973",
"CSAFPID-94393",
"CSAFPID-226018",
"CSAFPID-764927",
"CSAFPID-764928",
"CSAFPID-9043",
"CSAFPID-93909",
"CSAFPID-94398"
]
}
],
"title": "CVE-2019-12415"
},
{
"cve": "CVE-2023-7272",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-3660",
"CSAFPID-1973"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-7272",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-7272.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-3660",
"CSAFPID-1973"
]
}
],
"title": "CVE-2023-7272"
},
{
"cve": "CVE-2023-38709",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)",
"title": "CWE-113"
},
{
"category": "other",
"text": "Improper Validation of Specified Quantity in Input",
"title": "CWE-1284"
}
],
"product_status": {
"known_affected": [
"CSAFPID-228157",
"CSAFPID-271904",
"CSAFPID-40303",
"CSAFPID-220164",
"CSAFPID-94309",
"CSAFPID-912053",
"CSAFPID-45194",
"CSAFPID-3660",
"CSAFPID-1973"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-38709",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38709.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-228157",
"CSAFPID-271904",
"CSAFPID-40303",
"CSAFPID-220164",
"CSAFPID-94309",
"CSAFPID-912053",
"CSAFPID-45194",
"CSAFPID-3660",
"CSAFPID-1973"
]
}
],
"title": "CVE-2023-38709"
},
{
"cve": "CVE-2023-39410",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1260",
"CSAFPID-1973",
"CSAFPID-3660",
"CSAFPID-9642",
"CSAFPID-40303",
"CSAFPID-45194",
"CSAFPID-94309",
"CSAFPID-204581",
"CSAFPID-220164",
"CSAFPID-271904"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-39410",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39410.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1260",
"CSAFPID-1973",
"CSAFPID-3660",
"CSAFPID-9642",
"CSAFPID-40303",
"CSAFPID-45194",
"CSAFPID-94309",
"CSAFPID-204581",
"CSAFPID-220164",
"CSAFPID-271904"
]
}
],
"title": "CVE-2023-39410"
},
{
"cve": "CVE-2023-44483",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"notes": [
{
"category": "other",
"text": "Insertion of Sensitive Information into Log File",
"title": "CWE-532"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1260",
"CSAFPID-1973",
"CSAFPID-3660",
"CSAFPID-9642",
"CSAFPID-40303",
"CSAFPID-45194",
"CSAFPID-94309",
"CSAFPID-204581",
"CSAFPID-220164",
"CSAFPID-271904",
"CSAFPID-94393",
"CSAFPID-226018",
"CSAFPID-912053",
"CSAFPID-912074",
"CSAFPID-228157"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-44483",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44483.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1260",
"CSAFPID-1973",
"CSAFPID-3660",
"CSAFPID-9642",
"CSAFPID-40303",
"CSAFPID-45194",
"CSAFPID-94309",
"CSAFPID-204581",
"CSAFPID-220164",
"CSAFPID-271904",
"CSAFPID-94393",
"CSAFPID-226018",
"CSAFPID-912053",
"CSAFPID-912074",
"CSAFPID-228157"
]
}
],
"title": "CVE-2023-44483"
},
{
"cve": "CVE-2023-49582",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"notes": [
{
"category": "other",
"text": "Incorrect Permission Assignment for Critical Resource",
"title": "CWE-732"
},
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
}
],
"product_status": {
"known_affected": [
"CSAFPID-40303"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-49582",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49582.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-40303"
]
}
],
"title": "CVE-2023-49582"
},
{
"cve": "CVE-2023-51775",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-332789",
"CSAFPID-342815",
"CSAFPID-1674670",
"CSAFPID-503474",
"CSAFPID-1260",
"CSAFPID-1973",
"CSAFPID-3660",
"CSAFPID-40303",
"CSAFPID-45194",
"CSAFPID-94309",
"CSAFPID-94393",
"CSAFPID-204581",
"CSAFPID-220164",
"CSAFPID-226018",
"CSAFPID-912053",
"CSAFPID-912074",
"CSAFPID-228157",
"CSAFPID-271904"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-51775",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51775.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-332789",
"CSAFPID-342815",
"CSAFPID-1674670",
"CSAFPID-503474",
"CSAFPID-1260",
"CSAFPID-1973",
"CSAFPID-3660",
"CSAFPID-40303",
"CSAFPID-45194",
"CSAFPID-94309",
"CSAFPID-94393",
"CSAFPID-204581",
"CSAFPID-220164",
"CSAFPID-226018",
"CSAFPID-912053",
"CSAFPID-912074",
"CSAFPID-228157",
"CSAFPID-271904"
]
}
],
"title": "CVE-2023-51775"
},
{
"cve": "CVE-2024-5535",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "Dependency on Vulnerable Third-Party Component",
"title": "CWE-1395"
}
],
"product_status": {
"known_affected": [
"CSAFPID-40303"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-5535",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-40303"
]
}
],
"title": "CVE-2024-5535"
},
{
"cve": "CVE-2024-6119",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "other",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
}
],
"product_status": {
"known_affected": [
"CSAFPID-40303"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-6119",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6119.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-40303"
]
}
],
"title": "CVE-2024-6119"
},
{
"cve": "CVE-2024-8096",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Certificate Validation",
"title": "CWE-295"
}
],
"product_status": {
"known_affected": [
"CSAFPID-40303"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-8096",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-8096.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-40303"
]
}
],
"title": "CVE-2024-8096"
},
{
"cve": "CVE-2024-23635",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1260",
"CSAFPID-1973",
"CSAFPID-3660",
"CSAFPID-40303",
"CSAFPID-45194",
"CSAFPID-94309",
"CSAFPID-94393",
"CSAFPID-204581",
"CSAFPID-220164",
"CSAFPID-226018",
"CSAFPID-912053",
"CSAFPID-912074",
"CSAFPID-228157",
"CSAFPID-271904"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-23635",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23635.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1260",
"CSAFPID-1973",
"CSAFPID-3660",
"CSAFPID-40303",
"CSAFPID-45194",
"CSAFPID-94309",
"CSAFPID-94393",
"CSAFPID-204581",
"CSAFPID-220164",
"CSAFPID-226018",
"CSAFPID-912053",
"CSAFPID-912074",
"CSAFPID-228157",
"CSAFPID-271904"
]
}
],
"title": "CVE-2024-23635"
},
{
"cve": "CVE-2024-29857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-228157",
"CSAFPID-271904",
"CSAFPID-40303",
"CSAFPID-220164",
"CSAFPID-94309",
"CSAFPID-912053",
"CSAFPID-45194",
"CSAFPID-3660",
"CSAFPID-1973",
"CSAFPID-1747074",
"CSAFPID-1674670",
"CSAFPID-503474"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29857",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29857.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-228157",
"CSAFPID-271904",
"CSAFPID-40303",
"CSAFPID-220164",
"CSAFPID-94309",
"CSAFPID-912053",
"CSAFPID-45194",
"CSAFPID-3660",
"CSAFPID-1973",
"CSAFPID-1747074",
"CSAFPID-1674670",
"CSAFPID-503474"
]
}
],
"title": "CVE-2024-29857"
},
{
"cve": "CVE-2024-30171",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"notes": [
{
"category": "other",
"text": "Observable Timing Discrepancy",
"title": "CWE-208"
},
{
"category": "other",
"text": "Observable Discrepancy",
"title": "CWE-203"
}
],
"product_status": {
"known_affected": [
"CSAFPID-228157",
"CSAFPID-271904",
"CSAFPID-40303",
"CSAFPID-220164",
"CSAFPID-94309",
"CSAFPID-912053",
"CSAFPID-45194",
"CSAFPID-3660",
"CSAFPID-1973"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-30171",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-30171.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-228157",
"CSAFPID-271904",
"CSAFPID-40303",
"CSAFPID-220164",
"CSAFPID-94309",
"CSAFPID-912053",
"CSAFPID-45194",
"CSAFPID-3660",
"CSAFPID-1973"
]
}
],
"title": "CVE-2024-30171"
},
{
"cve": "CVE-2024-30172",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"product_status": {
"known_affected": [
"CSAFPID-228157",
"CSAFPID-271904",
"CSAFPID-40303",
"CSAFPID-220164",
"CSAFPID-94309",
"CSAFPID-912053",
"CSAFPID-45194",
"CSAFPID-3660",
"CSAFPID-1973"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-30172",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-30172.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-228157",
"CSAFPID-271904",
"CSAFPID-40303",
"CSAFPID-220164",
"CSAFPID-94309",
"CSAFPID-912053",
"CSAFPID-45194",
"CSAFPID-3660",
"CSAFPID-1973"
]
}
],
"title": "CVE-2024-30172"
},
{
"cve": "CVE-2024-34447",
"cwe": {
"id": "CWE-706",
"name": "Use of Incorrectly-Resolved Name or Reference"
},
"notes": [
{
"category": "other",
"text": "Use of Incorrectly-Resolved Name or Reference",
"title": "CWE-706"
}
],
"product_status": {
"known_affected": [
"CSAFPID-228157",
"CSAFPID-271904",
"CSAFPID-40303",
"CSAFPID-220164",
"CSAFPID-94309",
"CSAFPID-912053",
"CSAFPID-45194",
"CSAFPID-3660",
"CSAFPID-1973"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-34447",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34447.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-228157",
"CSAFPID-271904",
"CSAFPID-40303",
"CSAFPID-220164",
"CSAFPID-94309",
"CSAFPID-912053",
"CSAFPID-45194",
"CSAFPID-3660",
"CSAFPID-1973"
]
}
],
"title": "CVE-2024-34447"
},
{
"cve": "CVE-2024-34750",
"cwe": {
"id": "CWE-755",
"name": "Improper Handling of Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-204581"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-34750",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-204581"
]
}
],
"title": "CVE-2024-34750"
},
{
"cve": "CVE-2024-37370",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
}
],
"product_status": {
"known_affected": [
"CSAFPID-199820"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37370",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37370.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-199820"
]
}
],
"title": "CVE-2024-37370"
},
{
"cve": "CVE-2024-37371",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
}
],
"product_status": {
"known_affected": [
"CSAFPID-199820"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37371",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37371.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-199820"
]
}
],
"title": "CVE-2024-37371"
},
{
"cve": "CVE-2024-38473",
"cwe": {
"id": "CWE-172",
"name": "Encoding Error"
},
"notes": [
{
"category": "other",
"text": "Encoding Error",
"title": "CWE-172"
},
{
"category": "other",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
}
],
"product_status": {
"known_affected": [
"CSAFPID-40303"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38473",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38473.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-40303"
]
}
],
"title": "CVE-2024-38473"
},
{
"cve": "CVE-2024-38475",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "other",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
},
{
"category": "other",
"text": "Path Traversal: \u0027.../...//\u0027",
"title": "CWE-35"
},
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Use of Hard-coded Credentials",
"title": "CWE-798"
},
{
"category": "other",
"text": "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
"title": "CWE-338"
}
],
"product_status": {
"known_affected": [
"CSAFPID-40303"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38475",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38475.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-40303"
]
}
],
"title": "CVE-2024-38475"
},
{
"cve": "CVE-2024-38816",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "other",
"text": "Relative Path Traversal",
"title": "CWE-23"
}
],
"product_status": {
"known_affected": [
"CSAFPID-94309",
"CSAFPID-220164"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38816",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38816.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-94309",
"CSAFPID-220164"
]
}
],
"title": "CVE-2024-38816"
},
{
"cve": "CVE-2024-38819",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
}
],
"product_status": {
"known_affected": [
"CSAFPID-94309",
"CSAFPID-220164"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38819",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38819.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-94309",
"CSAFPID-220164"
]
}
],
"title": "CVE-2024-38819"
},
{
"cve": "CVE-2024-38998",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
}
],
"product_status": {
"known_affected": [
"CSAFPID-228157",
"CSAFPID-9642",
"CSAFPID-226018",
"CSAFPID-45194"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38998",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38998.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-228157",
"CSAFPID-9642",
"CSAFPID-226018",
"CSAFPID-45194"
]
}
],
"title": "CVE-2024-38998"
},
{
"cve": "CVE-2024-38999",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
}
],
"product_status": {
"known_affected": [
"CSAFPID-9642",
"CSAFPID-228157",
"CSAFPID-332789",
"CSAFPID-342815",
"CSAFPID-271904",
"CSAFPID-1674670",
"CSAFPID-503474",
"CSAFPID-226018",
"CSAFPID-45194"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38999",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-9642",
"CSAFPID-228157",
"CSAFPID-332789",
"CSAFPID-342815",
"CSAFPID-271904",
"CSAFPID-1674670",
"CSAFPID-503474",
"CSAFPID-226018",
"CSAFPID-45194"
]
}
],
"title": "CVE-2024-38999"
},
{
"cve": "CVE-2024-40898",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
}
],
"product_status": {
"known_affected": [
"CSAFPID-40303"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40898",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40898.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-40303"
]
}
],
"title": "CVE-2024-40898"
},
{
"cve": "CVE-2024-45490",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "other",
"text": "Incorrect Calculation of Buffer Size",
"title": "CWE-131"
},
{
"category": "other",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
}
],
"product_status": {
"known_affected": [
"CSAFPID-912053",
"CSAFPID-40303"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45490",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45490.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-912053",
"CSAFPID-40303"
]
}
],
"title": "CVE-2024-45490"
},
{
"cve": "CVE-2024-45491",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"product_status": {
"known_affected": [
"CSAFPID-912053",
"CSAFPID-40303"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45491",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45491.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-912053",
"CSAFPID-40303"
]
}
],
"title": "CVE-2024-45491"
},
{
"cve": "CVE-2024-45492",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"product_status": {
"known_affected": [
"CSAFPID-912053",
"CSAFPID-332789",
"CSAFPID-342815",
"CSAFPID-271904",
"CSAFPID-1674670",
"CSAFPID-503474",
"CSAFPID-40303"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45492",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-912053",
"CSAFPID-332789",
"CSAFPID-342815",
"CSAFPID-271904",
"CSAFPID-1674670",
"CSAFPID-503474",
"CSAFPID-40303"
]
}
],
"title": "CVE-2024-45492"
},
{
"cve": "CVE-2024-47072",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
}
],
"product_status": {
"known_affected": [
"CSAFPID-228157"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47072",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47072.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-228157"
]
}
],
"title": "CVE-2024-47072"
},
{
"cve": "CVE-2024-47554",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751293",
"CSAFPID-45194",
"CSAFPID-1973",
"CSAFPID-3660"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47554",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47554.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751293",
"CSAFPID-45194",
"CSAFPID-1973",
"CSAFPID-3660"
]
}
],
"title": "CVE-2024-47554"
},
{
"cve": "CVE-2024-47561",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
}
],
"product_status": {
"known_affected": [
"CSAFPID-9642"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47561",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-9642"
]
}
],
"title": "CVE-2024-47561"
},
{
"cve": "CVE-2025-21498",
"product_status": {
"known_affected": [
"CSAFPID-40303"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21498",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21498.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-40303"
]
}
],
"title": "CVE-2025-21498"
},
{
"cve": "CVE-2025-21535",
"product_status": {
"known_affected": [
"CSAFPID-3660",
"CSAFPID-1973"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21535",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21535.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-3660",
"CSAFPID-1973"
]
}
],
"title": "CVE-2025-21535"
},
{
"cve": "CVE-2025-21549",
"product_status": {
"known_affected": [
"CSAFPID-1973"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21549",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21549.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1973"
]
}
],
"title": "CVE-2025-21549"
}
]
}
ncsc-2025-0131
Vulnerability from csaf_ncscnl
Published
2025-04-16 15:10
Modified
2025-04-16 15:10
Summary
Kwetsbaarheden verholpen in Oracle JD Edwards
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in JD Edwards EnterpriseOne Tools (Specifiek voor versies 9.2.0.0 tot 9.2.9.2).
Interpretaties
De kwetsbaarheden in JD Edwards EnterpriseOne Tools stellen ongeauthenticeerde kwaadwillenden in staat om via HTTP toegang te krijgen tot het systeem, wat kan leiden tot ongeautoriseerde toegang tot gevoelige gegevens en manipulatie daarvan of zelfs volledige overname van JD Edwards EnterpriseOne Tools. Enkele van de kwetsbaarheden kunnen leiden tot gedeeltelijke of volledige DoS, hiervoor is echter wel gebruikersinteractie vereist.
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-1395
Dependency on Vulnerable Third-Party Component
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-416
Use After Free
CWE-400
Uncontrolled Resource Consumption
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft kwetsbaarheden verholpen in JD Edwards EnterpriseOne Tools (Specifiek voor versies 9.2.0.0 tot 9.2.9.2).",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden in JD Edwards EnterpriseOne Tools stellen ongeauthenticeerde kwaadwillenden in staat om via HTTP toegang te krijgen tot het systeem, wat kan leiden tot ongeautoriseerde toegang tot gevoelige gegevens en manipulatie daarvan of zelfs volledige overname van JD Edwards EnterpriseOne Tools. Enkele van de kwetsbaarheden kunnen leiden tot gedeeltelijke of volledige DoS, hiervoor is echter wel gebruikersinteractie vereist.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Dependency on Vulnerable Third-Party Component",
"title": "CWE-1395"
},
{
"category": "general",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - cveprojectv5; nvd; oracle",
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle JD Edwards",
"tracking": {
"current_release_date": "2025-04-16T15:10:06.149204Z",
"generator": {
"date": "2025-02-25T15:15:00Z",
"engine": {
"name": "V.A.",
"version": "1.0"
}
},
"id": "NCSC-2025-0131",
"initial_release_date": "2025-04-16T15:10:06.149204Z",
"revision_history": [
{
"date": "2025-04-16T15:10:06.149204Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/9.2.0.0-9.2.9.2",
"product": {
"name": "vers:unknown/9.2.0.0-9.2.9.2",
"product_id": "CSAFPID-2726961",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:jd_edwards_enterpriseone:9.2.0.0_-_9.2.9.2"
}
}
}
],
"category": "product_name",
"name": "JD Edwards"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=9.2.0.0|\u003c=9.2.9.2",
"product": {
"name": "vers:oracle/\u003e=9.2.0.0|\u003c=9.2.9.2",
"product_id": "CSAFPID-2698984",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2.0.0-9.2.9.2:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "JD Edwards EnterpriseOne Tools"
}
],
"category": "product_family",
"name": "Oracle JD Edwards"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003e=9.2.0.0|\u003c=9.2.9.2",
"product": {
"name": "vers:unknown/\u003e=9.2.0.0|\u003c=9.2.9.2",
"product_id": "CSAFPID-2698367"
}
}
],
"category": "product_name",
"name": "Jd Edwards Enterpriseone Tools"
}
],
"category": "product_family",
"name": "Oracle"
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:semver/9.2.0.0|\u003c=9.2.9.2",
"product": {
"name": "vers:semver/9.2.0.0|\u003c=9.2.9.2",
"product_id": "CSAFPID-2698646"
}
}
],
"category": "product_name",
"name": "JD Edwards EnterpriseOne Tools"
}
],
"category": "vendor",
"name": "Oracle Corporation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-5535",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "Dependency on Vulnerable Third-Party Component",
"title": "CWE-1395"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2726961",
"CSAFPID-2698984",
"CSAFPID-2698367",
"CSAFPID-2698646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-5535",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2726961",
"CSAFPID-2698984",
"CSAFPID-2698367",
"CSAFPID-2698646"
]
}
],
"title": "CVE-2024-5535"
},
{
"cve": "CVE-2024-23807",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2726961",
"CSAFPID-2698984",
"CSAFPID-2698367",
"CSAFPID-2698646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-23807",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2726961",
"CSAFPID-2698984",
"CSAFPID-2698367",
"CSAFPID-2698646"
]
}
],
"title": "CVE-2024-23807"
},
{
"cve": "CVE-2024-25710",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2726961",
"CSAFPID-2698984",
"CSAFPID-2698367",
"CSAFPID-2698646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-25710",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25710.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2726961",
"CSAFPID-2698984",
"CSAFPID-2698367",
"CSAFPID-2698646"
]
}
],
"title": "CVE-2024-25710"
},
{
"cve": "CVE-2024-45613",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2726961",
"CSAFPID-2698984",
"CSAFPID-2698367",
"CSAFPID-2698646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45613",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45613.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2726961",
"CSAFPID-2698984",
"CSAFPID-2698367",
"CSAFPID-2698646"
]
}
],
"title": "CVE-2024-45613"
},
{
"cve": "CVE-2024-47554",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2726961",
"CSAFPID-2698984",
"CSAFPID-2698367",
"CSAFPID-2698646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47554",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47554.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2726961",
"CSAFPID-2698984",
"CSAFPID-2698367",
"CSAFPID-2698646"
]
}
],
"title": "CVE-2024-47554"
},
{
"cve": "CVE-2025-21586",
"product_status": {
"known_affected": [
"CSAFPID-2726961",
"CSAFPID-2698984",
"CSAFPID-2698367",
"CSAFPID-2698646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21586",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21586.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2726961",
"CSAFPID-2698984",
"CSAFPID-2698367",
"CSAFPID-2698646"
]
}
],
"title": "CVE-2025-21586"
},
{
"cve": "CVE-2025-30709",
"product_status": {
"known_affected": [
"CSAFPID-2726961",
"CSAFPID-2698984",
"CSAFPID-2698367",
"CSAFPID-2698646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30709",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30709.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2726961",
"CSAFPID-2698984",
"CSAFPID-2698367",
"CSAFPID-2698646"
]
}
],
"title": "CVE-2025-30709"
},
{
"cve": "CVE-2025-30740",
"product_status": {
"known_affected": [
"CSAFPID-2726961",
"CSAFPID-2698984",
"CSAFPID-2698367",
"CSAFPID-2698646"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30740",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30740.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2726961",
"CSAFPID-2698984",
"CSAFPID-2698367",
"CSAFPID-2698646"
]
}
],
"title": "CVE-2025-30740"
}
]
}
ncsc-2025-0021
Vulnerability from csaf_ncscnl
Published
2025-01-22 13:30
Modified
2025-01-22 13:30
Summary
Kwetsbaarheden verholpen in Oracle Communications
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft meerdere kwetsbaarheden verholpen in zijn Communicatieproducten, waaronder Oracle Communications Unified Assurance, Oracle Communications Cloud Native Core Network Function en Oracle Communications Order and Service Management.
Interpretaties
De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om Denial of Service (DoS) aanvallen uit te voeren of om ongeautoriseerde toegang tot gevoelige gegevens te verkrijgen. Specifieke versies, zoals 24.2.0 en 24.3.0 van de Cloud Native Core Network Function, zijn bijzonder kwetsbaar. Kwaadwillenden kunnen deze kwetsbaarheden misbruiken door speciaal geprepareerde HTTP-verzoeken te sturen naar het kwetsbare systeem.
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-1395
Dependency on Vulnerable Third-Party Component
CWE-670
Always-Incorrect Control Flow Implementation
CWE-405
Asymmetric Resource Consumption (Amplification)
CWE-35
Path Traversal: '.../...//'
CWE-466
Return of Pointer Value Outside of Expected Range
CWE-338
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
CWE-676
Use of Potentially Dangerous Function
CWE-606
Unchecked Input for Loop Condition
CWE-450
Multiple Interpretations of UI Input
CWE-131
Incorrect Calculation of Buffer Size
CWE-328
Use of Weak Hash
CWE-130
Improper Handling of Length Parameter Inconsistency
CWE-669
Incorrect Resource Transfer Between Spheres
CWE-1220
Insufficient Granularity of Access Control
CWE-201
Insertion of Sensitive Information Into Sent Data
CWE-349
Acceptance of Extraneous Untrusted Data With Trusted Data
CWE-755
Improper Handling of Exceptional Conditions
CWE-347
Improper Verification of Cryptographic Signature
CWE-834
Excessive Iteration
CWE-178
Improper Handling of Case Sensitivity
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CWE-440
Expected Behavior Violation
CWE-415
Double Free
CWE-311
Missing Encryption of Sensitive Data
CWE-924
Improper Enforcement of Message Integrity During Transmission in a Communication Channel
CWE-754
Improper Check for Unusual or Exceptional Conditions
CWE-703
Improper Check or Handling of Exceptional Conditions
CWE-617
Reachable Assertion
CWE-427
Uncontrolled Search Path Element
CWE-836
Use of Password Hash Instead of Password for Authentication
CWE-680
Integer Overflow to Buffer Overflow
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CWE-23
Relative Path Traversal
CWE-116
Improper Encoding or Escaping of Output
CWE-345
Insufficient Verification of Data Authenticity
CWE-203
Observable Discrepancy
CWE-354
Improper Validation of Integrity Check Value
CWE-325
Missing Cryptographic Step
CWE-190
Integer Overflow or Wraparound
CWE-451
User Interface (UI) Misrepresentation of Critical Information
CWE-61
UNIX Symbolic Link (Symlink) Following
CWE-552
Files or Directories Accessible to External Parties
CWE-639
Authorization Bypass Through User-Controlled Key
CWE-798
Use of Hard-coded Credentials
CWE-434
Unrestricted Upload of File with Dangerous Type
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-404
Improper Resource Shutdown or Release
CWE-284
Improper Access Control
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-1333
Inefficient Regular Expression Complexity
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-416
Use After Free
CWE-476
NULL Pointer Dereference
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-502
Deserialization of Untrusted Data
CWE-248
Uncaught Exception
CWE-674
Uncontrolled Recursion
CWE-863
Incorrect Authorization
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-611
Improper Restriction of XML External Entity Reference
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-122
Heap-based Buffer Overflow
CWE-121
Stack-based Buffer Overflow
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-269
Improper Privilege Management
CWE-20
Improper Input Validation
CWE-209
Generation of Error Message Containing Sensitive Information
CWE-276
Incorrect Default Permissions
CWE-294
Authentication Bypass by Capture-replay
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft meerdere kwetsbaarheden verholpen in zijn Communicatieproducten, waaronder Oracle Communications Unified Assurance, Oracle Communications Cloud Native Core Network Function en Oracle Communications Order and Service Management.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om Denial of Service (DoS) aanvallen uit te voeren of om ongeautoriseerde toegang tot gevoelige gegevens te verkrijgen. Specifieke versies, zoals 24.2.0 en 24.3.0 van de Cloud Native Core Network Function, zijn bijzonder kwetsbaar. Kwaadwillenden kunnen deze kwetsbaarheden misbruiken door speciaal geprepareerde HTTP-verzoeken te sturen naar het kwetsbare systeem.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Dependency on Vulnerable Third-Party Component",
"title": "CWE-1395"
},
{
"category": "general",
"text": "Always-Incorrect Control Flow Implementation",
"title": "CWE-670"
},
{
"category": "general",
"text": "Asymmetric Resource Consumption (Amplification)",
"title": "CWE-405"
},
{
"category": "general",
"text": "Path Traversal: \u0027.../...//\u0027",
"title": "CWE-35"
},
{
"category": "general",
"text": "Return of Pointer Value Outside of Expected Range",
"title": "CWE-466"
},
{
"category": "general",
"text": "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
"title": "CWE-338"
},
{
"category": "general",
"text": "Use of Potentially Dangerous Function",
"title": "CWE-676"
},
{
"category": "general",
"text": "Unchecked Input for Loop Condition",
"title": "CWE-606"
},
{
"category": "general",
"text": "Multiple Interpretations of UI Input",
"title": "CWE-450"
},
{
"category": "general",
"text": "Incorrect Calculation of Buffer Size",
"title": "CWE-131"
},
{
"category": "general",
"text": "Use of Weak Hash",
"title": "CWE-328"
},
{
"category": "general",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
},
{
"category": "general",
"text": "Incorrect Resource Transfer Between Spheres",
"title": "CWE-669"
},
{
"category": "general",
"text": "Insufficient Granularity of Access Control",
"title": "CWE-1220"
},
{
"category": "general",
"text": "Insertion of Sensitive Information Into Sent Data",
"title": "CWE-201"
},
{
"category": "general",
"text": "Acceptance of Extraneous Untrusted Data With Trusted Data",
"title": "CWE-349"
},
{
"category": "general",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "general",
"text": "Improper Verification of Cryptographic Signature",
"title": "CWE-347"
},
{
"category": "general",
"text": "Excessive Iteration",
"title": "CWE-834"
},
{
"category": "general",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
},
{
"category": "general",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "general",
"text": "Expected Behavior Violation",
"title": "CWE-440"
},
{
"category": "general",
"text": "Double Free",
"title": "CWE-415"
},
{
"category": "general",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "general",
"text": "Improper Enforcement of Message Integrity During Transmission in a Communication Channel",
"title": "CWE-924"
},
{
"category": "general",
"text": "Improper Check for Unusual or Exceptional Conditions",
"title": "CWE-754"
},
{
"category": "general",
"text": "Improper Check or Handling of Exceptional Conditions",
"title": "CWE-703"
},
{
"category": "general",
"text": "Reachable Assertion",
"title": "CWE-617"
},
{
"category": "general",
"text": "Uncontrolled Search Path Element",
"title": "CWE-427"
},
{
"category": "general",
"text": "Use of Password Hash Instead of Password for Authentication",
"title": "CWE-836"
},
{
"category": "general",
"text": "Integer Overflow to Buffer Overflow",
"title": "CWE-680"
},
{
"category": "general",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
},
{
"category": "general",
"text": "Relative Path Traversal",
"title": "CWE-23"
},
{
"category": "general",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
},
{
"category": "general",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
},
{
"category": "general",
"text": "Observable Discrepancy",
"title": "CWE-203"
},
{
"category": "general",
"text": "Improper Validation of Integrity Check Value",
"title": "CWE-354"
},
{
"category": "general",
"text": "Missing Cryptographic Step",
"title": "CWE-325"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "User Interface (UI) Misrepresentation of Critical Information",
"title": "CWE-451"
},
{
"category": "general",
"text": "UNIX Symbolic Link (Symlink) Following",
"title": "CWE-61"
},
{
"category": "general",
"text": "Files or Directories Accessible to External Parties",
"title": "CWE-552"
},
{
"category": "general",
"text": "Authorization Bypass Through User-Controlled Key",
"title": "CWE-639"
},
{
"category": "general",
"text": "Use of Hard-coded Credentials",
"title": "CWE-798"
},
{
"category": "general",
"text": "Unrestricted Upload of File with Dangerous Type",
"title": "CWE-434"
},
{
"category": "general",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "general",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Use of a Broken or Risky Cryptographic Algorithm",
"title": "CWE-327"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "Uncaught Exception",
"title": "CWE-248"
},
{
"category": "general",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "Incorrect Authorization",
"title": "CWE-863"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"title": "CWE-120"
},
{
"category": "general",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "Improper Privilege Management",
"title": "CWE-269"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Generation of Error Message Containing Sensitive Information",
"title": "CWE-209"
},
{
"category": "general",
"text": "Incorrect Default Permissions",
"title": "CWE-276"
},
{
"category": "general",
"text": "Authentication Bypass by Capture-replay",
"title": "CWE-294"
},
{
"category": "general",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - cveprojectv5; nvd; oracle",
"url": "https://www.oracle.com/security-alerts/cpujan2025.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Communications",
"tracking": {
"current_release_date": "2025-01-22T13:30:50.189632Z",
"id": "NCSC-2025-0021",
"initial_release_date": "2025-01-22T13:30:50.189632Z",
"revision_history": [
{
"date": "2025-01-22T13:30:50.189632Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1727475",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635313",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:10.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635305",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:12.11.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635311",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:12.11.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635312",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:12.11.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635323",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:12.6.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670430",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:14.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674632",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:14.0.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674630",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:14.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635320",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:15.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674633",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:17.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670439",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:22.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635322",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670429",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670435",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670431",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670436",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670432",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.3.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635321",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635310",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635318",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674640",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674642",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:23.4.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670434",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:24.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635316",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:24.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674639",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:24.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635314",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674638",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:24.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674637",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:24.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635306",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:4.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635307",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:4.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635317",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:46.6.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635319",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:46.6.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670438",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635324",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:5.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635315",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:5.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670433",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674641",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.0.1.10.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674635",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674636",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.1.1.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1670437",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.1.1.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674631",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.1.1.9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1674634",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.1.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635308",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications",
"product": {
"name": "communications",
"product_id": "CSAFPID-1635309",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications:9.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications__10.4.0.4",
"product": {
"name": "communications__10.4.0.4",
"product_id": "CSAFPID-1674629",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications__10.4.0.4:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___23.4.2",
"product": {
"name": "communications___23.4.2",
"product_id": "CSAFPID-1670442",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___23.4.2:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___23.4.3",
"product": {
"name": "communications___23.4.3",
"product_id": "CSAFPID-1635325",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___23.4.3:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___23.4.4",
"product": {
"name": "communications___23.4.4",
"product_id": "CSAFPID-1635326",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___23.4.4:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___23.4.5",
"product": {
"name": "communications___23.4.5",
"product_id": "CSAFPID-1674645",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___23.4.5:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___23.4.6",
"product": {
"name": "communications___23.4.6",
"product_id": "CSAFPID-1674646",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___23.4.6:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___24.2.0",
"product": {
"name": "communications___24.2.0",
"product_id": "CSAFPID-1674644",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___24.2.0:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___7.2.1.0.0",
"product": {
"name": "communications___7.2.1.0.0",
"product_id": "CSAFPID-1670441",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___7.2.1.0.0:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___8.6.0.6",
"product": {
"name": "communications___8.6.0.6",
"product_id": "CSAFPID-1635327",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___8.6.0.6:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___8.6.0.8",
"product": {
"name": "communications___8.6.0.8",
"product_id": "CSAFPID-1635328",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___8.6.0.8:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___9.0.2",
"product": {
"name": "communications___9.0.2",
"product_id": "CSAFPID-1670440",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___9.0.2:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___9.0.3",
"product": {
"name": "communications___9.0.3",
"product_id": "CSAFPID-1635329",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___9.0.3:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications___9.1.1.8.0",
"product": {
"name": "communications___9.1.1.8.0",
"product_id": "CSAFPID-1674643",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications___9.1.1.8.0:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1751386",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1674621",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:15.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1751381",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:15.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1751383",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:15.0.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1751378",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:3.0.2.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1751377",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:3.0.3.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1751385",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:3.0.3.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1674618",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:6.0.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1674619",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:7.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1674622",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:7.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1751384",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:7.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1674617",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:7.4.3.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1674623",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:7.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1751382",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:8.0.0.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1751380",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:8.1.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1751379",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:8.1.0.26:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications",
"product": {
"name": "communications_applications",
"product_id": "CSAFPID-1674620",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications:8.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications___12.0.6.0.0",
"product": {
"name": "communications_applications___12.0.6.0.0",
"product_id": "CSAFPID-1674627",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications___12.0.6.0.0:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications___5.5.22",
"product": {
"name": "communications_applications___5.5.22",
"product_id": "CSAFPID-1674626",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications___5.5.22:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications___6.0.3",
"product": {
"name": "communications_applications___6.0.3",
"product_id": "CSAFPID-1674628",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications___6.0.3:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications___6.0.4",
"product": {
"name": "communications_applications___6.0.4",
"product_id": "CSAFPID-1674624",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications___6.0.4:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_applications___6.0.5",
"product": {
"name": "communications_applications___6.0.5",
"product_id": "CSAFPID-1674625",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_applications___6.0.5:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_asap",
"product": {
"name": "communications_asap",
"product_id": "CSAFPID-816792",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_billing_and_revenue_management",
"product": {
"name": "communications_billing_and_revenue_management",
"product_id": "CSAFPID-764735",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_billing_and_revenue_management",
"product": {
"name": "communications_billing_and_revenue_management",
"product_id": "CSAFPID-1751255",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4-12.0.0.8:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_billing_and_revenue_management",
"product": {
"name": "communications_billing_and_revenue_management",
"product_id": "CSAFPID-1751254",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0-15.0.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_billing_and_revenue_management",
"product": {
"name": "communications_billing_and_revenue_management",
"product_id": "CSAFPID-816793",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_billing_and_revenue_management",
"product": {
"name": "communications_billing_and_revenue_management",
"product_id": "CSAFPID-912557",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_brm_-_elastic_charging_engine",
"product": {
"name": "communications_brm_-_elastic_charging_engine",
"product_id": "CSAFPID-764247",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_brm_-_elastic_charging_engine",
"product": {
"name": "communications_brm_-_elastic_charging_engine",
"product_id": "CSAFPID-1650820",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.4-12.0.0.8:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_brm_-_elastic_charging_engine",
"product": {
"name": "communications_brm_-_elastic_charging_engine",
"product_id": "CSAFPID-912556",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_brm_-_elastic_charging_engine",
"product": {
"name": "communications_brm_-_elastic_charging_engine",
"product_id": "CSAFPID-1751303",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-220055",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-816765",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-816766",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-816767",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-1503577",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_automated_test_suite",
"product": {
"name": "communications_cloud_native_core_automated_test_suite",
"product_id": "CSAFPID-1751300",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-764237",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-1650752",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-1673396",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-1751085",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_binding_support_function",
"product": {
"name": "communications_cloud_native_core_binding_support_function",
"product_id": "CSAFPID-1751079",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:24.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_certificate_management",
"product": {
"name": "communications_cloud_native_core_certificate_management",
"product_id": "CSAFPID-1673526",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_certificate_management",
"product": {
"name": "communications_cloud_native_core_certificate_management",
"product_id": "CSAFPID-1673391",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_certificate_management",
"product": {
"name": "communications_cloud_native_core_certificate_management",
"product_id": "CSAFPID-1673394",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_certificate_management",
"product": {
"name": "communications_cloud_native_core_certificate_management",
"product_id": "CSAFPID-1751253",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-816768",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-816769",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-912085",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-1503578",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-1673389",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-1673390",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_console",
"product": {
"name": "communications_cloud_native_core_console",
"product_id": "CSAFPID-1751090",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_dbtier",
"product": {
"name": "communications_cloud_native_core_dbtier",
"product_id": "CSAFPID-1673421",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_dbtier",
"product": {
"name": "communications_cloud_native_core_dbtier",
"product_id": "CSAFPID-1673420",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_dbtier",
"product": {
"name": "communications_cloud_native_core_dbtier",
"product_id": "CSAFPID-1751246",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_data_analytics_function",
"product": {
"name": "communications_cloud_native_core_network_data_analytics_function",
"product_id": "CSAFPID-816770",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_data_analytics_function",
"product": {
"name": "communications_cloud_native_core_network_data_analytics_function",
"product_id": "CSAFPID-816771",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_data_analytics_function",
"product": {
"name": "communications_cloud_native_core_network_data_analytics_function",
"product_id": "CSAFPID-912068",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_data_analytics_function",
"product": {
"name": "communications_cloud_native_core_network_data_analytics_function",
"product_id": "CSAFPID-1503579",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-816772",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-912076",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_exposure_function",
"product": {
"name": "communications_cloud_native_core_network_exposure_function",
"product_id": "CSAFPID-1503580",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-219838",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-611387",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-816773",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-912101",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-1503581",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-1751208",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-1751209",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-912539",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-912540",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-912541",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_installation___23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-912542",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_obserability_services_overlay___23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product": {
"name": "communications_cloud_native_core_network_function_cloud_native_environment",
"product_id": "CSAFPID-912543",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_observability_services_overlay___23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-816774",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-816346",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-912077",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-1503322",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-1673413",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-1673415",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-1751231",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-816775",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_repository_function",
"product": {
"name": "communications_cloud_native_core_network_repository_function",
"product_id": "CSAFPID-912544",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-816348",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-912545",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-816347",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-1673494",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-816776",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:_install_upgrade___23.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_network_slice_selection_function",
"product": {
"name": "communications_cloud_native_core_network_slice_selection_function",
"product_id": "CSAFPID-816777",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:_install_upgrade___23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-764240",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-1650751",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-1673517",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-1673395",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-912069",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-1751225",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0-24.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-1751088",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_policy",
"product": {
"name": "communications_cloud_native_core_policy",
"product_id": "CSAFPID-1751089",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:24.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-94291",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-816778",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-614517",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-912547",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-1673392",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-1503582",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-1673393",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-1751081",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-1751084",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product": {
"name": "communications_cloud_native_core_security_edge_protection_proxy",
"product_id": "CSAFPID-912546",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:_automated_test_suite___23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-224795",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-912548",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-912102",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-912549",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-1503583",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-1503584",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-1503585",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-1672767",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_service_communication_proxy",
"product": {
"name": "communications_cloud_native_core_service_communication_proxy",
"product_id": "CSAFPID-1751241",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-764826",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-90016",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-912078",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-816349",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-912550",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-1503586",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-1503587",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-1751238",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-1751240",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.1.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-1673399",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-1751239",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-1751080",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-1751082",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_cloud_native_core_unified_data_repository",
"product": {
"name": "communications_cloud_native_core_unified_data_repository",
"product_id": "CSAFPID-816779",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:_signaling___23.3.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_converged_application_server",
"product": {
"name": "communications_converged_application_server",
"product_id": "CSAFPID-1751229",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_converged_application_server:8.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_converged_application_server",
"product": {
"name": "communications_converged_application_server",
"product_id": "CSAFPID-1751230",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_converged_application_server:8.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_converged_charging_system",
"product": {
"name": "communications_converged_charging_system",
"product_id": "CSAFPID-1503599",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_converged_charging_system",
"product": {
"name": "communications_converged_charging_system",
"product_id": "CSAFPID-1503600",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergence",
"product": {
"name": "communications_convergence",
"product_id": "CSAFPID-1751292",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.2.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergence",
"product": {
"name": "communications_convergence",
"product_id": "CSAFPID-1751294",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.3.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergence",
"product": {
"name": "communications_convergence",
"product_id": "CSAFPID-224793",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.3.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergence",
"product": {
"name": "communications_convergence",
"product_id": "CSAFPID-1751295",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.3.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergence",
"product": {
"name": "communications_convergence",
"product_id": "CSAFPID-816794",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.3.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergent_charging_controller",
"product": {
"name": "communications_convergent_charging_controller",
"product_id": "CSAFPID-342793",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergent_charging_controller",
"product": {
"name": "communications_convergent_charging_controller",
"product_id": "CSAFPID-1650777",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.1.0.0-12.0.6.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergent_charging_controller",
"product": {
"name": "communications_convergent_charging_controller",
"product_id": "CSAFPID-1265",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.6.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergent_charging_controller",
"product": {
"name": "communications_convergent_charging_controller",
"product_id": "CSAFPID-816350",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_convergent_charging_controller",
"product": {
"name": "communications_convergent_charging_controller",
"product_id": "CSAFPID-1261",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_core_session_manager",
"product": {
"name": "communications_core_session_manager",
"product_id": "CSAFPID-1672764",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_core_session_manager:9.1.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1503588",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1751104",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.3.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-40293",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1751242",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1751237",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0.0-9.0.2.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1751097",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-611413",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-1751211",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-912551",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:_patches___9.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_diameter_signaling_router",
"product": {
"name": "communications_diameter_signaling_router",
"product_id": "CSAFPID-912552",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:_platform___9.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_eagle_element_management_system",
"product": {
"name": "communications_eagle_element_management_system",
"product_id": "CSAFPID-1503316",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_eagle_element_management_system",
"product": {
"name": "communications_eagle_element_management_system",
"product_id": "CSAFPID-1503317",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_eagle_element_management_system",
"product": {
"name": "communications_eagle_element_management_system",
"product_id": "CSAFPID-1751243",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_eagle_element_management_system:47.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-764242",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-819413",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-819414",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0.2.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_element_manager",
"product": {
"name": "communications_element_manager",
"product_id": "CSAFPID-816780",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_element_manager:9.4.53:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_fraud_monitor",
"product": {
"name": "communications_fraud_monitor",
"product_id": "CSAFPID-816781",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_fraud_monitor:5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_fraud_monitor",
"product": {
"name": "communications_fraud_monitor",
"product_id": "CSAFPID-816782",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_fraud_monitor:5.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_fraud_monitor",
"product": {
"name": "communications_fraud_monitor",
"product_id": "CSAFPID-912553",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_fraud_monitor:5.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_instant_messaging_server",
"product": {
"name": "communications_instant_messaging_server",
"product_id": "CSAFPID-219803",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_ip_service_activator",
"product": {
"name": "communications_ip_service_activator",
"product_id": "CSAFPID-204622",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_ip_service_activator",
"product": {
"name": "communications_ip_service_activator",
"product_id": "CSAFPID-219909",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_ip_service_activator:7.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_messaging_server",
"product": {
"name": "communications_messaging_server",
"product_id": "CSAFPID-816351",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.24.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_messaging_server",
"product": {
"name": "communications_messaging_server",
"product_id": "CSAFPID-1751218",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.26:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_metasolv_solution",
"product": {
"name": "communications_metasolv_solution",
"product_id": "CSAFPID-611595",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-816353",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.2.0.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-816352",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.3.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-1503589",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-1503590",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-1673414",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-816783",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_general___23.2.0.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-816786",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_general___23.3.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-816784",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_install_upgrade___23.2.0.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-816787",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_install_upgrade___23.3.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-816785",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_third_party___23.2.0.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_analytics_data_director",
"product": {
"name": "communications_network_analytics_data_director",
"product_id": "CSAFPID-816788",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_third_party___23.3.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_charging_and_control",
"product": {
"name": "communications_network_charging_and_control",
"product_id": "CSAFPID-342803",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_charging_and_control",
"product": {
"name": "communications_network_charging_and_control",
"product_id": "CSAFPID-1650778",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.1.0.0-12.0.6.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_charging_and_control",
"product": {
"name": "communications_network_charging_and_control",
"product_id": "CSAFPID-1266",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.6.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_charging_and_control",
"product": {
"name": "communications_network_charging_and_control",
"product_id": "CSAFPID-816354",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_charging_and_control",
"product": {
"name": "communications_network_charging_and_control",
"product_id": "CSAFPID-204563",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_network_integrity",
"product": {
"name": "communications_network_integrity",
"product_id": "CSAFPID-219776",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_network_integrity:7.3.6.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_offline_mediation_controller",
"product": {
"name": "communications_offline_mediation_controller",
"product_id": "CSAFPID-765242",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_offline_mediation_controller:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_offline_mediation_controller",
"product": {
"name": "communications_offline_mediation_controller",
"product_id": "CSAFPID-916906",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.8:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_offline_mediation_controller",
"product": {
"name": "communications_offline_mediation_controller",
"product_id": "CSAFPID-1751247",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_offline_mediation_controller:15.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_offline_mediation_controller",
"product": {
"name": "communications_offline_mediation_controller",
"product_id": "CSAFPID-1751248",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_offline_mediation_controller:15.0.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_operations_monitor",
"product": {
"name": "communications_operations_monitor",
"product_id": "CSAFPID-93781",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_operations_monitor",
"product": {
"name": "communications_operations_monitor",
"product_id": "CSAFPID-220132",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_operations_monitor:5.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_operations_monitor",
"product": {
"name": "communications_operations_monitor",
"product_id": "CSAFPID-912079",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_operations_monitor:5.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_order_and_service_management",
"product": {
"name": "communications_order_and_service_management",
"product_id": "CSAFPID-224790",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_order_and_service_management",
"product": {
"name": "communications_order_and_service_management",
"product_id": "CSAFPID-221118",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_order_and_service_management",
"product": {
"name": "communications_order_and_service_management",
"product_id": "CSAFPID-1673496",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_performance_intelligence",
"product": {
"name": "communications_performance_intelligence",
"product_id": "CSAFPID-1503591",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_performance_intelligence:10.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_policy_management",
"product": {
"name": "communications_policy_management",
"product_id": "CSAFPID-816789",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_policy_management",
"product": {
"name": "communications_policy_management",
"product_id": "CSAFPID-816790",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_pricing_design_center",
"product": {
"name": "communications_pricing_design_center",
"product_id": "CSAFPID-764738",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_pricing_design_center:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_pricing_design_center",
"product": {
"name": "communications_pricing_design_center",
"product_id": "CSAFPID-816355",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-1503601",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-816359",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.0.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-816358",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.1.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-816357",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.2.8.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-912558",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-1751233",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-1503602",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-1751234",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.1.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-816795",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.0.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-816796",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.1.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_service_catalog_and_design",
"product": {
"name": "communications_service_catalog_and_design",
"product_id": "CSAFPID-816797",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.2.8.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_border_controller",
"product": {
"name": "communications_session_border_controller",
"product_id": "CSAFPID-1503592",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_border_controller",
"product": {
"name": "communications_session_border_controller",
"product_id": "CSAFPID-1503593",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_border_controller",
"product": {
"name": "communications_session_border_controller",
"product_id": "CSAFPID-1672762",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_border_controller",
"product": {
"name": "communications_session_border_controller",
"product_id": "CSAFPID-1503594",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_border_controller",
"product": {
"name": "communications_session_border_controller",
"product_id": "CSAFPID-1503595",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-342804",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-819415",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-819416",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0.2.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_session_report_manager",
"product": {
"name": "communications_session_report_manager",
"product_id": "CSAFPID-816791",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.4.53:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-240600",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-1673382",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:5.5.0-5.5.22:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-1650731",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-1673530",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-1751235",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.1-6.0.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_assurance",
"product": {
"name": "communications_unified_assurance",
"product_id": "CSAFPID-1751296",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.4-6.0.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_inventory_management",
"product": {
"name": "communications_unified_inventory_management",
"product_id": "CSAFPID-764739",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_inventory_management",
"product": {
"name": "communications_unified_inventory_management",
"product_id": "CSAFPID-8984",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_inventory_management",
"product": {
"name": "communications_unified_inventory_management",
"product_id": "CSAFPID-204510",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_inventory_management",
"product": {
"name": "communications_unified_inventory_management",
"product_id": "CSAFPID-204569",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_inventory_management",
"product": {
"name": "communications_unified_inventory_management",
"product_id": "CSAFPID-219826",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_unified_inventory_management",
"product": {
"name": "communications_unified_inventory_management",
"product_id": "CSAFPID-912073",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-1503596",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-1503597",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-1503598",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-1751217",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.11:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-912080",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:14.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-1673481",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:14.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_user_data_repository",
"product": {
"name": "communications_user_data_repository",
"product_id": "CSAFPID-1751258",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_user_data_repository:15.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_webrtc_session_controller",
"product": {
"name": "communications_webrtc_session_controller",
"product_id": "CSAFPID-912554",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-41727",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673530"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-41727",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-41727.json"
}
],
"title": "CVE-2022-41727"
},
{
"cve": "CVE-2023-4408",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-4408",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4408.json"
}
],
"title": "CVE-2023-4408"
},
{
"cve": "CVE-2023-5678",
"cwe": {
"id": "CWE-754",
"name": "Improper Check for Unusual or Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Check for Unusual or Exceptional Conditions",
"title": "CWE-754"
},
{
"category": "other",
"text": "Missing Cryptographic Step",
"title": "CWE-325"
},
{
"category": "other",
"text": "Unchecked Input for Loop Condition",
"title": "CWE-606"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-764237",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-816773",
"CSAFPID-816348",
"CSAFPID-764240",
"CSAFPID-614517",
"CSAFPID-224795",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-342804",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-219776",
"CSAFPID-765242",
"CSAFPID-764739",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-912073",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-912077",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912085",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-5678",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5678.json"
}
],
"title": "CVE-2023-5678"
},
{
"cve": "CVE-2023-5981",
"cwe": {
"id": "CWE-203",
"name": "Observable Discrepancy"
},
"notes": [
{
"category": "other",
"text": "Observable Discrepancy",
"title": "CWE-203"
}
],
"product_status": {
"known_affected": [
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-1751217",
"CSAFPID-1673481"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-5981",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5981.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-1751217",
"CSAFPID-1673481"
]
}
],
"title": "CVE-2023-5981"
},
{
"cve": "CVE-2023-6597",
"cwe": {
"id": "CWE-61",
"name": "UNIX Symbolic Link (Symlink) Following"
},
"notes": [
{
"category": "other",
"text": "UNIX Symbolic Link (Symlink) Following",
"title": "CWE-61"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673395",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1673396",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-1751097"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-6597",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6597.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673395",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1673396",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-1751097"
]
}
],
"title": "CVE-2023-6597"
},
{
"cve": "CVE-2023-7256",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "other",
"text": "Double Free",
"title": "CWE-415"
}
],
"product_status": {
"known_affected": [
"CSAFPID-220132",
"CSAFPID-1751084",
"CSAFPID-912079"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-7256",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-7256.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-220132",
"CSAFPID-1751084",
"CSAFPID-912079"
]
}
],
"title": "CVE-2023-7256"
},
{
"cve": "CVE-2023-29407",
"cwe": {
"id": "CWE-834",
"name": "Excessive Iteration"
},
"notes": [
{
"category": "other",
"text": "Excessive Iteration",
"title": "CWE-834"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673530"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-29407",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29407.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673530"
]
}
],
"title": "CVE-2023-29407"
},
{
"cve": "CVE-2023-29408",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673530",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-29408",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29408.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673530",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
}
],
"title": "CVE-2023-29408"
},
{
"cve": "CVE-2023-40577",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751208",
"CSAFPID-1751209"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-40577",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-40577.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1751208",
"CSAFPID-1751209"
]
}
],
"title": "CVE-2023-40577"
},
{
"cve": "CVE-2023-46218",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"notes": [
{
"category": "other",
"text": "Insertion of Sensitive Information Into Sent Data",
"title": "CWE-201"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-90016",
"CSAFPID-93781",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-224795",
"CSAFPID-342804",
"CSAFPID-611387",
"CSAFPID-611413",
"CSAFPID-614517",
"CSAFPID-764237",
"CSAFPID-764240",
"CSAFPID-764242",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-764826",
"CSAFPID-765242",
"CSAFPID-816348",
"CSAFPID-816773",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-912068",
"CSAFPID-912073",
"CSAFPID-912076",
"CSAFPID-912077",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912085",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-1751211"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-46218",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46218.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-90016",
"CSAFPID-93781",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-224795",
"CSAFPID-342804",
"CSAFPID-611387",
"CSAFPID-611413",
"CSAFPID-614517",
"CSAFPID-764237",
"CSAFPID-764240",
"CSAFPID-764242",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-764826",
"CSAFPID-765242",
"CSAFPID-816348",
"CSAFPID-816773",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-912068",
"CSAFPID-912073",
"CSAFPID-912076",
"CSAFPID-912077",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912085",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-1751211"
]
}
],
"title": "CVE-2023-46218"
},
{
"cve": "CVE-2023-46219",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
}
],
"product_status": {
"known_affected": [
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-912539",
"CSAFPID-816773",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912101",
"CSAFPID-912544",
"CSAFPID-912077",
"CSAFPID-816348",
"CSAFPID-912545",
"CSAFPID-764240",
"CSAFPID-912546",
"CSAFPID-614517",
"CSAFPID-912547",
"CSAFPID-224795",
"CSAFPID-912548",
"CSAFPID-912102",
"CSAFPID-912549",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-912078",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-912553",
"CSAFPID-93781",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-342804",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-765242",
"CSAFPID-912073",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-1751211"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-46219",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46219.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-912539",
"CSAFPID-816773",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912101",
"CSAFPID-912544",
"CSAFPID-912077",
"CSAFPID-816348",
"CSAFPID-912545",
"CSAFPID-764240",
"CSAFPID-912546",
"CSAFPID-614517",
"CSAFPID-912547",
"CSAFPID-224795",
"CSAFPID-912548",
"CSAFPID-912102",
"CSAFPID-912549",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-912078",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-912553",
"CSAFPID-93781",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-342804",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-765242",
"CSAFPID-912073",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-1751211"
]
}
],
"title": "CVE-2023-46219"
},
{
"cve": "CVE-2023-46604",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
}
],
"product_status": {
"known_affected": [
"CSAFPID-94291",
"CSAFPID-40293",
"CSAFPID-1265",
"CSAFPID-1261",
"CSAFPID-1266",
"CSAFPID-8984",
"CSAFPID-764237",
"CSAFPID-764240",
"CSAFPID-224795",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-219776",
"CSAFPID-765242",
"CSAFPID-764739",
"CSAFPID-219826",
"CSAFPID-204510",
"CSAFPID-204563",
"CSAFPID-204569",
"CSAFPID-204622",
"CSAFPID-219803",
"CSAFPID-219838",
"CSAFPID-219909",
"CSAFPID-221118",
"CSAFPID-224790",
"CSAFPID-224793",
"CSAFPID-240600",
"CSAFPID-342793",
"CSAFPID-342803",
"CSAFPID-342804",
"CSAFPID-611387",
"CSAFPID-611413",
"CSAFPID-611595",
"CSAFPID-614517",
"CSAFPID-764242",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764738",
"CSAFPID-816346",
"CSAFPID-816347",
"CSAFPID-816348",
"CSAFPID-816349",
"CSAFPID-816350",
"CSAFPID-816351",
"CSAFPID-816352",
"CSAFPID-816353",
"CSAFPID-816354",
"CSAFPID-816355",
"CSAFPID-816357",
"CSAFPID-816358",
"CSAFPID-816359",
"CSAFPID-816765",
"CSAFPID-816766",
"CSAFPID-816767",
"CSAFPID-816768",
"CSAFPID-816769",
"CSAFPID-816770",
"CSAFPID-816771",
"CSAFPID-816772",
"CSAFPID-816773",
"CSAFPID-816774",
"CSAFPID-816775",
"CSAFPID-816776",
"CSAFPID-816777",
"CSAFPID-816778",
"CSAFPID-816779",
"CSAFPID-816780",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-816783",
"CSAFPID-816784",
"CSAFPID-816785",
"CSAFPID-816786",
"CSAFPID-816787",
"CSAFPID-816788",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-816791",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-816794",
"CSAFPID-816795",
"CSAFPID-816796",
"CSAFPID-816797",
"CSAFPID-912068",
"CSAFPID-912073",
"CSAFPID-912076",
"CSAFPID-912077",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912085",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-1751104"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-46604",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46604.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-94291",
"CSAFPID-40293",
"CSAFPID-1265",
"CSAFPID-1261",
"CSAFPID-1266",
"CSAFPID-8984",
"CSAFPID-764237",
"CSAFPID-764240",
"CSAFPID-224795",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-219776",
"CSAFPID-765242",
"CSAFPID-764739",
"CSAFPID-219826",
"CSAFPID-204510",
"CSAFPID-204563",
"CSAFPID-204569",
"CSAFPID-204622",
"CSAFPID-219803",
"CSAFPID-219838",
"CSAFPID-219909",
"CSAFPID-221118",
"CSAFPID-224790",
"CSAFPID-224793",
"CSAFPID-240600",
"CSAFPID-342793",
"CSAFPID-342803",
"CSAFPID-342804",
"CSAFPID-611387",
"CSAFPID-611413",
"CSAFPID-611595",
"CSAFPID-614517",
"CSAFPID-764242",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764738",
"CSAFPID-816346",
"CSAFPID-816347",
"CSAFPID-816348",
"CSAFPID-816349",
"CSAFPID-816350",
"CSAFPID-816351",
"CSAFPID-816352",
"CSAFPID-816353",
"CSAFPID-816354",
"CSAFPID-816355",
"CSAFPID-816357",
"CSAFPID-816358",
"CSAFPID-816359",
"CSAFPID-816765",
"CSAFPID-816766",
"CSAFPID-816767",
"CSAFPID-816768",
"CSAFPID-816769",
"CSAFPID-816770",
"CSAFPID-816771",
"CSAFPID-816772",
"CSAFPID-816773",
"CSAFPID-816774",
"CSAFPID-816775",
"CSAFPID-816776",
"CSAFPID-816777",
"CSAFPID-816778",
"CSAFPID-816779",
"CSAFPID-816780",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-816783",
"CSAFPID-816784",
"CSAFPID-816785",
"CSAFPID-816786",
"CSAFPID-816787",
"CSAFPID-816788",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-816791",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-816794",
"CSAFPID-816795",
"CSAFPID-816796",
"CSAFPID-816797",
"CSAFPID-912068",
"CSAFPID-912073",
"CSAFPID-912076",
"CSAFPID-912077",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912085",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-1751104"
]
}
],
"title": "CVE-2023-46604"
},
{
"cve": "CVE-2023-50868",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-50868",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-50868.json"
}
],
"title": "CVE-2023-50868"
},
{
"cve": "CVE-2024-0232",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650777",
"CSAFPID-1650778",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-1751218",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-0232",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0232.json"
}
],
"title": "CVE-2024-0232"
},
{
"cve": "CVE-2024-0397",
"product_status": {
"known_affected": [
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-1673530"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-0397",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0397.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-1673530"
]
}
],
"title": "CVE-2024-0397"
},
{
"cve": "CVE-2024-0450",
"cwe": {
"id": "CWE-450",
"name": "Multiple Interpretations of UI Input"
},
"notes": [
{
"category": "other",
"text": "Multiple Interpretations of UI Input",
"title": "CWE-450"
},
{
"category": "other",
"text": "Asymmetric Resource Consumption (Amplification)",
"title": "CWE-405"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-1727475",
"CSAFPID-1751097"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-0450",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0450.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-1727475",
"CSAFPID-1751097"
]
}
],
"title": "CVE-2024-0450"
},
{
"cve": "CVE-2024-1442",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"notes": [
{
"category": "other",
"text": "Improper Privilege Management",
"title": "CWE-269"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673530",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-1442",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1442.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1673530",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
}
],
"title": "CVE-2024-1442"
},
{
"cve": "CVE-2024-2961",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1672762",
"CSAFPID-1672764",
"CSAFPID-1672767",
"CSAFPID-1673396",
"CSAFPID-1673395",
"CSAFPID-1673494",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-1727475",
"CSAFPID-1751097",
"CSAFPID-1751237"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-2961",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2961.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1672762",
"CSAFPID-1672764",
"CSAFPID-1672767",
"CSAFPID-1673396",
"CSAFPID-1673395",
"CSAFPID-1673494",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-1727475",
"CSAFPID-1751097",
"CSAFPID-1751237"
]
}
],
"title": "CVE-2024-2961"
},
{
"cve": "CVE-2024-3596",
"cwe": {
"id": "CWE-924",
"name": "Improper Enforcement of Message Integrity During Transmission in a Communication Channel"
},
"notes": [
{
"category": "other",
"text": "Improper Enforcement of Message Integrity During Transmission in a Communication Channel",
"title": "CWE-924"
},
{
"category": "other",
"text": "Use of Weak Hash",
"title": "CWE-328"
},
{
"category": "other",
"text": "Authentication Bypass by Capture-replay",
"title": "CWE-294"
},
{
"category": "other",
"text": "Use of Password Hash Instead of Password for Authentication",
"title": "CWE-836"
},
{
"category": "other",
"text": "Use of a Broken or Risky Cryptographic Algorithm",
"title": "CWE-327"
},
{
"category": "other",
"text": "User Interface (UI) Misrepresentation of Critical Information",
"title": "CWE-451"
},
{
"category": "other",
"text": "Improper Validation of Integrity Check Value",
"title": "CWE-354"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751090",
"CSAFPID-912079",
"CSAFPID-220132",
"CSAFPID-1751253"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-3596",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-3596.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751090",
"CSAFPID-912079",
"CSAFPID-220132",
"CSAFPID-1751253"
]
}
],
"title": "CVE-2024-3596"
},
{
"cve": "CVE-2024-4030",
"cwe": {
"id": "CWE-276",
"name": "Incorrect Default Permissions"
},
"notes": [
{
"category": "other",
"text": "Incorrect Default Permissions",
"title": "CWE-276"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673530"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-4030",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4030.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673530"
]
}
],
"title": "CVE-2024-4030"
},
{
"cve": "CVE-2024-4032",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"notes": [
{
"category": "other",
"text": "Expected Behavior Violation",
"title": "CWE-440"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673530"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-4032",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4032.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673530"
]
}
],
"title": "CVE-2024-4032"
},
{
"cve": "CVE-2024-5535",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "Dependency on Vulnerable Third-Party Component",
"title": "CWE-1395"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751090",
"CSAFPID-1751253"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-5535",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751090",
"CSAFPID-1751253"
]
}
],
"title": "CVE-2024-5535"
},
{
"cve": "CVE-2024-6119",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "other",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751209"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-6119",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6119.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751209"
]
}
],
"title": "CVE-2024-6119"
},
{
"cve": "CVE-2024-6162",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650752",
"CSAFPID-1650751",
"CSAFPID-1673526",
"CSAFPID-1673399",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-1727475",
"CSAFPID-1751303",
"CSAFPID-1650820",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-6162",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6162.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650752",
"CSAFPID-1650751",
"CSAFPID-1673526",
"CSAFPID-1673399",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-1727475",
"CSAFPID-1751303",
"CSAFPID-1650820",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
}
],
"title": "CVE-2024-6162"
},
{
"cve": "CVE-2024-6232",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673530"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-6232",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6232.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673530"
]
}
],
"title": "CVE-2024-6232"
},
{
"cve": "CVE-2024-7254",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
}
],
"product_status": {
"known_affected": [
"CSAFPID-912549",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1673391",
"CSAFPID-1673394",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1751225",
"CSAFPID-1751233",
"CSAFPID-1673530",
"CSAFPID-1751234",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-7254",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7254.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-912549",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1673391",
"CSAFPID-1673394",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1751225",
"CSAFPID-1751233",
"CSAFPID-1673530",
"CSAFPID-1751234",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
}
],
"title": "CVE-2024-7254"
},
{
"cve": "CVE-2024-7592",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673530",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-7592",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7592.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673530",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
}
],
"title": "CVE-2024-7592"
},
{
"cve": "CVE-2024-7885",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673526",
"CSAFPID-1673399",
"CSAFPID-1751080",
"CSAFPID-1751090",
"CSAFPID-1751079",
"CSAFPID-1751225",
"CSAFPID-1672767",
"CSAFPID-1751241",
"CSAFPID-1751081",
"CSAFPID-1751084",
"CSAFPID-1673393",
"CSAFPID-1751085",
"CSAFPID-1751231"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-7885",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7885.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673526",
"CSAFPID-1673399",
"CSAFPID-1751080",
"CSAFPID-1751090",
"CSAFPID-1751079",
"CSAFPID-1751225",
"CSAFPID-1672767",
"CSAFPID-1751241",
"CSAFPID-1751081",
"CSAFPID-1751084",
"CSAFPID-1673393",
"CSAFPID-1751085",
"CSAFPID-1751231"
]
}
],
"title": "CVE-2024-7885"
},
{
"cve": "CVE-2024-8006",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-220132",
"CSAFPID-1751084",
"CSAFPID-912079"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-8006",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-8006.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-220132",
"CSAFPID-1751084",
"CSAFPID-912079"
]
}
],
"title": "CVE-2024-8006"
},
{
"cve": "CVE-2024-9143",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751253"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-9143",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9143.json"
}
],
"title": "CVE-2024-9143"
},
{
"cve": "CVE-2024-22195",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-764237",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-816773",
"CSAFPID-912077",
"CSAFPID-816348",
"CSAFPID-764240",
"CSAFPID-614517",
"CSAFPID-224795",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-912078",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-342804",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-219776",
"CSAFPID-765242",
"CSAFPID-764739",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-912073",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912085",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-1751225",
"CSAFPID-1751079",
"CSAFPID-1751081",
"CSAFPID-1673393",
"CSAFPID-1751085"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22195",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22195.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-764237",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-816773",
"CSAFPID-912077",
"CSAFPID-816348",
"CSAFPID-764240",
"CSAFPID-614517",
"CSAFPID-224795",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-912078",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-342804",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-219776",
"CSAFPID-765242",
"CSAFPID-764739",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-912073",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912085",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-1751225",
"CSAFPID-1751079",
"CSAFPID-1751081",
"CSAFPID-1673393",
"CSAFPID-1751085"
]
}
],
"title": "CVE-2024-22195"
},
{
"cve": "CVE-2024-24786",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673530",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-24786",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24786.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673530",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
}
],
"title": "CVE-2024-24786"
},
{
"cve": "CVE-2024-24791",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751208",
"CSAFPID-1751209"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-24791",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24791.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751208",
"CSAFPID-1751209"
]
}
],
"title": "CVE-2024-24791"
},
{
"cve": "CVE-2024-25638",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"notes": [
{
"category": "other",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
},
{
"category": "other",
"text": "Acceptance of Extraneous Untrusted Data With Trusted Data",
"title": "CWE-349"
}
],
"product_status": {
"known_affected": [
"CSAFPID-912549",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1751225",
"CSAFPID-1751079",
"CSAFPID-1751229",
"CSAFPID-1751230",
"CSAFPID-1751081",
"CSAFPID-1751084",
"CSAFPID-1673393",
"CSAFPID-1751085",
"CSAFPID-1751231"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-25638",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25638.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.9,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-912549",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1751225",
"CSAFPID-1751079",
"CSAFPID-1751229",
"CSAFPID-1751230",
"CSAFPID-1751081",
"CSAFPID-1751084",
"CSAFPID-1673393",
"CSAFPID-1751085",
"CSAFPID-1751231"
]
}
],
"title": "CVE-2024-25638"
},
{
"cve": "CVE-2024-25710",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-816773",
"CSAFPID-912101",
"CSAFPID-912077",
"CSAFPID-816348",
"CSAFPID-764240",
"CSAFPID-614517",
"CSAFPID-224795",
"CSAFPID-912102",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-912078",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-342804",
"CSAFPID-912080",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-219776",
"CSAFPID-765242",
"CSAFPID-764739",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-912073",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-1727475",
"CSAFPID-1751218"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-25710",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25710.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-912068",
"CSAFPID-912076",
"CSAFPID-611387",
"CSAFPID-816773",
"CSAFPID-912101",
"CSAFPID-912077",
"CSAFPID-816348",
"CSAFPID-764240",
"CSAFPID-614517",
"CSAFPID-224795",
"CSAFPID-912102",
"CSAFPID-764826",
"CSAFPID-90016",
"CSAFPID-912078",
"CSAFPID-611413",
"CSAFPID-764242",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-93781",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-342804",
"CSAFPID-912080",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-219776",
"CSAFPID-765242",
"CSAFPID-764739",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219826",
"CSAFPID-912073",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-1727475",
"CSAFPID-1751218"
]
}
],
"title": "CVE-2024-25710"
},
{
"cve": "CVE-2024-26308",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1670429",
"CSAFPID-1670430",
"CSAFPID-1670431",
"CSAFPID-1670432",
"CSAFPID-1670433",
"CSAFPID-1670434",
"CSAFPID-1670435",
"CSAFPID-1670436",
"CSAFPID-1670437",
"CSAFPID-1670438",
"CSAFPID-1670439",
"CSAFPID-1670440",
"CSAFPID-1670441",
"CSAFPID-1670442",
"CSAFPID-90016",
"CSAFPID-93781",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-224795",
"CSAFPID-342804",
"CSAFPID-611387",
"CSAFPID-611413",
"CSAFPID-614517",
"CSAFPID-764237",
"CSAFPID-764240",
"CSAFPID-764242",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-764826",
"CSAFPID-765242",
"CSAFPID-816348",
"CSAFPID-816773",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-912068",
"CSAFPID-912073",
"CSAFPID-912076",
"CSAFPID-912077",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912085",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-1727475",
"CSAFPID-1751218",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-26308",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1670429",
"CSAFPID-1670430",
"CSAFPID-1670431",
"CSAFPID-1670432",
"CSAFPID-1670433",
"CSAFPID-1670434",
"CSAFPID-1670435",
"CSAFPID-1670436",
"CSAFPID-1670437",
"CSAFPID-1670438",
"CSAFPID-1670439",
"CSAFPID-1670440",
"CSAFPID-1670441",
"CSAFPID-1670442",
"CSAFPID-90016",
"CSAFPID-93781",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-219776",
"CSAFPID-219826",
"CSAFPID-220132",
"CSAFPID-224795",
"CSAFPID-342804",
"CSAFPID-611387",
"CSAFPID-611413",
"CSAFPID-614517",
"CSAFPID-764237",
"CSAFPID-764240",
"CSAFPID-764242",
"CSAFPID-764247",
"CSAFPID-764735",
"CSAFPID-764739",
"CSAFPID-764826",
"CSAFPID-765242",
"CSAFPID-816348",
"CSAFPID-816773",
"CSAFPID-816781",
"CSAFPID-816782",
"CSAFPID-912068",
"CSAFPID-912073",
"CSAFPID-912076",
"CSAFPID-912077",
"CSAFPID-912078",
"CSAFPID-912079",
"CSAFPID-912080",
"CSAFPID-912085",
"CSAFPID-912101",
"CSAFPID-912102",
"CSAFPID-912539",
"CSAFPID-912540",
"CSAFPID-912541",
"CSAFPID-912542",
"CSAFPID-912543",
"CSAFPID-912544",
"CSAFPID-912545",
"CSAFPID-912546",
"CSAFPID-912547",
"CSAFPID-912548",
"CSAFPID-912549",
"CSAFPID-912550",
"CSAFPID-912551",
"CSAFPID-912552",
"CSAFPID-912553",
"CSAFPID-912554",
"CSAFPID-912556",
"CSAFPID-912557",
"CSAFPID-912558",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-1503582",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-1727475",
"CSAFPID-1751218",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
}
],
"title": "CVE-2024-26308"
},
{
"cve": "CVE-2024-27309",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "other",
"text": "Incorrect Authorization",
"title": "CWE-863"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751233",
"CSAFPID-1751234",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-27309",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27309.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1751233",
"CSAFPID-1751234",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
}
],
"title": "CVE-2024-27309"
},
{
"cve": "CVE-2024-28219",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "other",
"text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"title": "CWE-120"
},
{
"category": "other",
"text": "Use of Potentially Dangerous Function",
"title": "CWE-676"
},
{
"category": "other",
"text": "Integer Overflow to Buffer Overflow",
"title": "CWE-680"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751079",
"CSAFPID-1751225",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1751085",
"CSAFPID-912547"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28219",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28219.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751079",
"CSAFPID-1751225",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1751085",
"CSAFPID-912547"
]
}
],
"title": "CVE-2024-28219"
},
{
"cve": "CVE-2024-28834",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Use of a Broken or Risky Cryptographic Algorithm",
"title": "CWE-327"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673481",
"CSAFPID-1751217",
"CSAFPID-1503590"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28834",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28834.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673481",
"CSAFPID-1751217",
"CSAFPID-1503590"
]
}
],
"title": "CVE-2024-28834"
},
{
"cve": "CVE-2024-28835",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"notes": [
{
"category": "other",
"text": "Uncaught Exception",
"title": "CWE-248"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673481",
"CSAFPID-1751217",
"CSAFPID-1503590"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28835",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28835.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673481",
"CSAFPID-1751217",
"CSAFPID-1503590"
]
}
],
"title": "CVE-2024-28835"
},
{
"cve": "CVE-2024-28849",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673414",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-1727475",
"CSAFPID-1751235",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28849",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1673414",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-1727475",
"CSAFPID-1751235",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
}
],
"title": "CVE-2024-28849"
},
{
"cve": "CVE-2024-29025",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650752",
"CSAFPID-1650751",
"CSAFPID-1673494",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-1727475",
"CSAFPID-1751233",
"CSAFPID-1751218",
"CSAFPID-1751234",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29025",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-1650752",
"CSAFPID-1650751",
"CSAFPID-1673494",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1674636",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-1727475",
"CSAFPID-1751233",
"CSAFPID-1751218",
"CSAFPID-1751234",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
}
],
"title": "CVE-2024-29025"
},
{
"cve": "CVE-2024-29131",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650820",
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-1673496",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-1673530"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29131",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29131.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650820",
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-1673496",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-1673530"
]
}
],
"title": "CVE-2024-29131"
},
{
"cve": "CVE-2024-29133",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650820",
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-1673496",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-1673530",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29133",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1650820",
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-1673496",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-1673530",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
}
],
"title": "CVE-2024-29133"
},
{
"cve": "CVE-2024-33599",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
}
],
"product_status": {
"known_affected": [
"CSAFPID-912549",
"CSAFPID-1673396",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1672762",
"CSAFPID-1673395",
"CSAFPID-1672764",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1673494",
"CSAFPID-1751237"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-33599",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33599.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-912549",
"CSAFPID-1673396",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1672762",
"CSAFPID-1673395",
"CSAFPID-1672764",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1673494",
"CSAFPID-1751237"
]
}
],
"title": "CVE-2024-33599"
},
{
"cve": "CVE-2024-33600",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-912549",
"CSAFPID-1673396",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1672762",
"CSAFPID-1673395",
"CSAFPID-1672764",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1673494",
"CSAFPID-1751237"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-33600",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33600.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-912549",
"CSAFPID-1673396",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1672762",
"CSAFPID-1673395",
"CSAFPID-1672764",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1673494",
"CSAFPID-1751237"
]
}
],
"title": "CVE-2024-33600"
},
{
"cve": "CVE-2024-33601",
"cwe": {
"id": "CWE-703",
"name": "Improper Check or Handling of Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Check or Handling of Exceptional Conditions",
"title": "CWE-703"
},
{
"category": "other",
"text": "Reachable Assertion",
"title": "CWE-617"
}
],
"product_status": {
"known_affected": [
"CSAFPID-912549",
"CSAFPID-1673396",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1672762",
"CSAFPID-1673395",
"CSAFPID-1672764",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1673494",
"CSAFPID-1751237"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-33601",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33601.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-912549",
"CSAFPID-1673396",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1672762",
"CSAFPID-1673395",
"CSAFPID-1672764",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1673494",
"CSAFPID-1751237"
]
}
],
"title": "CVE-2024-33601"
},
{
"cve": "CVE-2024-33602",
"cwe": {
"id": "CWE-466",
"name": "Return of Pointer Value Outside of Expected Range"
},
"notes": [
{
"category": "other",
"text": "Return of Pointer Value Outside of Expected Range",
"title": "CWE-466"
},
{
"category": "other",
"text": "Improper Check or Handling of Exceptional Conditions",
"title": "CWE-703"
}
],
"product_status": {
"known_affected": [
"CSAFPID-912549",
"CSAFPID-1673396",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1672762",
"CSAFPID-1673395",
"CSAFPID-1672764",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1673494",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1751237"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-33602",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33602.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-912549",
"CSAFPID-1673396",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-1672762",
"CSAFPID-1673395",
"CSAFPID-1672764",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1673494",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1751237"
]
}
],
"title": "CVE-2024-33602"
},
{
"cve": "CVE-2024-34064",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-1727475",
"CSAFPID-1751238",
"CSAFPID-1751225",
"CSAFPID-1751079",
"CSAFPID-1751081",
"CSAFPID-1673393",
"CSAFPID-1751239",
"CSAFPID-1751082",
"CSAFPID-1751240",
"CSAFPID-1672767",
"CSAFPID-1751241",
"CSAFPID-1673481",
"CSAFPID-1751085"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-34064",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34064.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1635310",
"CSAFPID-1635311",
"CSAFPID-1635312",
"CSAFPID-1635313",
"CSAFPID-1635314",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635317",
"CSAFPID-1635318",
"CSAFPID-1635319",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1635322",
"CSAFPID-1635323",
"CSAFPID-1635324",
"CSAFPID-1635325",
"CSAFPID-1635326",
"CSAFPID-1635327",
"CSAFPID-1635328",
"CSAFPID-1635329",
"CSAFPID-220055",
"CSAFPID-1503577",
"CSAFPID-764237",
"CSAFPID-912085",
"CSAFPID-1503578",
"CSAFPID-1503579",
"CSAFPID-1503580",
"CSAFPID-912101",
"CSAFPID-1503581",
"CSAFPID-1503322",
"CSAFPID-912069",
"CSAFPID-764240",
"CSAFPID-912547",
"CSAFPID-1503582",
"CSAFPID-912549",
"CSAFPID-1503583",
"CSAFPID-1503584",
"CSAFPID-1503585",
"CSAFPID-1503586",
"CSAFPID-1503587",
"CSAFPID-1503588",
"CSAFPID-1503316",
"CSAFPID-1503317",
"CSAFPID-764242",
"CSAFPID-1503589",
"CSAFPID-1503590",
"CSAFPID-220132",
"CSAFPID-912079",
"CSAFPID-1503591",
"CSAFPID-816789",
"CSAFPID-816790",
"CSAFPID-1503592",
"CSAFPID-1503593",
"CSAFPID-1503594",
"CSAFPID-1503595",
"CSAFPID-342804",
"CSAFPID-1503596",
"CSAFPID-1503597",
"CSAFPID-1503598",
"CSAFPID-816792",
"CSAFPID-764247",
"CSAFPID-912556",
"CSAFPID-764735",
"CSAFPID-816793",
"CSAFPID-1503599",
"CSAFPID-1503600",
"CSAFPID-342793",
"CSAFPID-816350",
"CSAFPID-1261",
"CSAFPID-342803",
"CSAFPID-816354",
"CSAFPID-204563",
"CSAFPID-764738",
"CSAFPID-816355",
"CSAFPID-1503601",
"CSAFPID-1503602",
"CSAFPID-240600",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-1727475",
"CSAFPID-1751238",
"CSAFPID-1751225",
"CSAFPID-1751079",
"CSAFPID-1751081",
"CSAFPID-1673393",
"CSAFPID-1751239",
"CSAFPID-1751082",
"CSAFPID-1751240",
"CSAFPID-1672767",
"CSAFPID-1751241",
"CSAFPID-1673481",
"CSAFPID-1751085"
]
}
],
"title": "CVE-2024-34064"
},
{
"cve": "CVE-2024-34750",
"cwe": {
"id": "CWE-755",
"name": "Improper Handling of Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673481",
"CSAFPID-1503596",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1751242",
"CSAFPID-1751243",
"CSAFPID-1751079",
"CSAFPID-1751225",
"CSAFPID-1751085"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-34750",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673481",
"CSAFPID-1503596",
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1751242",
"CSAFPID-1751243",
"CSAFPID-1751079",
"CSAFPID-1751225",
"CSAFPID-1751085"
]
}
],
"title": "CVE-2024-34750"
},
{
"cve": "CVE-2024-35195",
"cwe": {
"id": "CWE-670",
"name": "Always-Incorrect Control Flow Implementation"
},
"notes": [
{
"category": "other",
"text": "Always-Incorrect Control Flow Implementation",
"title": "CWE-670"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751246",
"CSAFPID-1751247",
"CSAFPID-1751248",
"CSAFPID-1673530",
"CSAFPID-1673393",
"CSAFPID-1751239",
"CSAFPID-220132",
"CSAFPID-1751082",
"CSAFPID-1672767",
"CSAFPID-1751241",
"CSAFPID-912079",
"CSAFPID-916906",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-35195",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35195.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1751246",
"CSAFPID-1751247",
"CSAFPID-1751248",
"CSAFPID-1673530",
"CSAFPID-1673393",
"CSAFPID-1751239",
"CSAFPID-220132",
"CSAFPID-1751082",
"CSAFPID-1672767",
"CSAFPID-1751241",
"CSAFPID-912079",
"CSAFPID-916906",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
}
],
"title": "CVE-2024-35195"
},
{
"cve": "CVE-2024-37370",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
}
],
"product_status": {
"known_affected": [
"CSAFPID-912549",
"CSAFPID-1673413",
"CSAFPID-1673414",
"CSAFPID-1673396",
"CSAFPID-1503590",
"CSAFPID-1673393",
"CSAFPID-1673395",
"CSAFPID-1673399",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1673392",
"CSAFPID-1503589",
"CSAFPID-1673415",
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1751237",
"CSAFPID-1751254",
"CSAFPID-1751217",
"CSAFPID-1673481",
"CSAFPID-1751255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37370",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37370.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-912549",
"CSAFPID-1673413",
"CSAFPID-1673414",
"CSAFPID-1673396",
"CSAFPID-1503590",
"CSAFPID-1673393",
"CSAFPID-1673395",
"CSAFPID-1673399",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1673392",
"CSAFPID-1503589",
"CSAFPID-1673415",
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1751237",
"CSAFPID-1751254",
"CSAFPID-1751217",
"CSAFPID-1673481",
"CSAFPID-1751255"
]
}
],
"title": "CVE-2024-37370"
},
{
"cve": "CVE-2024-37371",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
}
],
"product_status": {
"known_affected": [
"CSAFPID-912549",
"CSAFPID-1673413",
"CSAFPID-1673414",
"CSAFPID-1673396",
"CSAFPID-1503590",
"CSAFPID-1673393",
"CSAFPID-1673395",
"CSAFPID-1673399",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1673392",
"CSAFPID-1503589",
"CSAFPID-1673415",
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1751237",
"CSAFPID-1751254",
"CSAFPID-1751217",
"CSAFPID-1673481",
"CSAFPID-1751255",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37371",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37371.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-912549",
"CSAFPID-1673413",
"CSAFPID-1673414",
"CSAFPID-1673396",
"CSAFPID-1503590",
"CSAFPID-1673393",
"CSAFPID-1673395",
"CSAFPID-1673399",
"CSAFPID-1672767",
"CSAFPID-1503585",
"CSAFPID-1673392",
"CSAFPID-1503589",
"CSAFPID-1673415",
"CSAFPID-1673389",
"CSAFPID-1673390",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1751237",
"CSAFPID-1751254",
"CSAFPID-1751217",
"CSAFPID-1673481",
"CSAFPID-1751255",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
}
],
"title": "CVE-2024-37371"
},
{
"cve": "CVE-2024-37891",
"cwe": {
"id": "CWE-669",
"name": "Incorrect Resource Transfer Between Spheres"
},
"notes": [
{
"category": "other",
"text": "Incorrect Resource Transfer Between Spheres",
"title": "CWE-669"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673395",
"CSAFPID-1673396",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1751225",
"CSAFPID-1751254",
"CSAFPID-1673530",
"CSAFPID-1751217",
"CSAFPID-1751255",
"CSAFPID-816790",
"CSAFPID-1751258",
"CSAFPID-1673481",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37891",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673395",
"CSAFPID-1673396",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1751225",
"CSAFPID-1751254",
"CSAFPID-1673530",
"CSAFPID-1751217",
"CSAFPID-1751255",
"CSAFPID-816790",
"CSAFPID-1751258",
"CSAFPID-1673481",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
}
],
"title": "CVE-2024-37891"
},
{
"cve": "CVE-2024-38475",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "other",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
},
{
"category": "other",
"text": "Path Traversal: \u0027.../...//\u0027",
"title": "CWE-35"
},
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Use of Hard-coded Credentials",
"title": "CWE-798"
},
{
"category": "other",
"text": "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
"title": "CWE-338"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-38475",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38475.json"
}
],
"title": "CVE-2024-38475"
},
{
"cve": "CVE-2024-38807",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"notes": [
{
"category": "other",
"text": "Improper Verification of Cryptographic Signature",
"title": "CWE-347"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751090",
"CSAFPID-1751233",
"CSAFPID-1751234",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38807",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38807.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1751090",
"CSAFPID-1751233",
"CSAFPID-1751234",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
}
],
"title": "CVE-2024-38807"
},
{
"cve": "CVE-2024-38809",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673393"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38809",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38809.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-1673393"
]
}
],
"title": "CVE-2024-38809"
},
{
"cve": "CVE-2024-38816",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "other",
"text": "Relative Path Traversal",
"title": "CWE-23"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1751081",
"CSAFPID-1673393",
"CSAFPID-1751079",
"CSAFPID-1751080",
"CSAFPID-1751084",
"CSAFPID-1751085",
"CSAFPID-1751082",
"CSAFPID-1751225"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38816",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38816.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673420",
"CSAFPID-1673421",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1751081",
"CSAFPID-1673393",
"CSAFPID-1751079",
"CSAFPID-1751080",
"CSAFPID-1751084",
"CSAFPID-1751085",
"CSAFPID-1751082",
"CSAFPID-1751225"
]
}
],
"title": "CVE-2024-38816"
},
{
"cve": "CVE-2024-38819",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673393",
"CSAFPID-1751079",
"CSAFPID-1751080",
"CSAFPID-1751081",
"CSAFPID-1751082",
"CSAFPID-1751084",
"CSAFPID-1751085",
"CSAFPID-1751225",
"CSAFPID-1672767",
"CSAFPID-1751241"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38819",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38819.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673393",
"CSAFPID-1751079",
"CSAFPID-1751080",
"CSAFPID-1751081",
"CSAFPID-1751082",
"CSAFPID-1751084",
"CSAFPID-1751085",
"CSAFPID-1751225",
"CSAFPID-1672767",
"CSAFPID-1751241"
]
}
],
"title": "CVE-2024-38819"
},
{
"cve": "CVE-2024-38820",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "other",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751079",
"CSAFPID-1751225",
"CSAFPID-1751081",
"CSAFPID-1751084",
"CSAFPID-1673393",
"CSAFPID-1751080",
"CSAFPID-1751082",
"CSAFPID-1751085",
"CSAFPID-1672767",
"CSAFPID-1751241"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38820",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751079",
"CSAFPID-1751225",
"CSAFPID-1751081",
"CSAFPID-1751084",
"CSAFPID-1673393",
"CSAFPID-1751080",
"CSAFPID-1751082",
"CSAFPID-1751085",
"CSAFPID-1672767",
"CSAFPID-1751241"
]
}
],
"title": "CVE-2024-38820"
},
{
"cve": "CVE-2024-38827",
"cwe": {
"id": "CWE-639",
"name": "Authorization Bypass Through User-Controlled Key"
},
"notes": [
{
"category": "other",
"text": "Authorization Bypass Through User-Controlled Key",
"title": "CWE-639"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751225",
"CSAFPID-1751079",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-1673393",
"CSAFPID-1751085",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38827",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38827.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1751225",
"CSAFPID-1751079",
"CSAFPID-204510",
"CSAFPID-204569",
"CSAFPID-1673393",
"CSAFPID-1751085",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
}
],
"title": "CVE-2024-38827"
},
{
"cve": "CVE-2024-38998",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751225",
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-912073",
"CSAFPID-1751254",
"CSAFPID-1751079",
"CSAFPID-1751242",
"CSAFPID-1751234",
"CSAFPID-1673496",
"CSAFPID-1751233",
"CSAFPID-1751255",
"CSAFPID-1673481",
"CSAFPID-1751085",
"CSAFPID-220132",
"CSAFPID-912079"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38998",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38998.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751225",
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-912073",
"CSAFPID-1751254",
"CSAFPID-1751079",
"CSAFPID-1751242",
"CSAFPID-1751234",
"CSAFPID-1673496",
"CSAFPID-1751233",
"CSAFPID-1751255",
"CSAFPID-1673481",
"CSAFPID-1751085",
"CSAFPID-220132",
"CSAFPID-912079"
]
}
],
"title": "CVE-2024-38998"
},
{
"cve": "CVE-2024-38999",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751225",
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-912073",
"CSAFPID-1751254",
"CSAFPID-1751079",
"CSAFPID-1751242",
"CSAFPID-1751234",
"CSAFPID-1673496",
"CSAFPID-1751233",
"CSAFPID-1751255",
"CSAFPID-1673481",
"CSAFPID-1751085",
"CSAFPID-220132",
"CSAFPID-912079"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38999",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751225",
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-912073",
"CSAFPID-1751254",
"CSAFPID-1751079",
"CSAFPID-1751242",
"CSAFPID-1751234",
"CSAFPID-1673496",
"CSAFPID-1751233",
"CSAFPID-1751255",
"CSAFPID-1673481",
"CSAFPID-1751085",
"CSAFPID-220132",
"CSAFPID-912079"
]
}
],
"title": "CVE-2024-38999"
},
{
"cve": "CVE-2024-41817",
"cwe": {
"id": "CWE-427",
"name": "Uncontrolled Search Path Element"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Search Path Element",
"title": "CWE-427"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673382",
"CSAFPID-1650731",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-220132",
"CSAFPID-912079"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-41817",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41817.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673382",
"CSAFPID-1650731",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-220132",
"CSAFPID-912079"
]
}
],
"title": "CVE-2024-41817"
},
{
"cve": "CVE-2024-45490",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "other",
"text": "Incorrect Calculation of Buffer Size",
"title": "CWE-131"
},
{
"category": "other",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673382",
"CSAFPID-1673399",
"CSAFPID-1650731",
"CSAFPID-1673517",
"CSAFPID-1673396",
"CSAFPID-1673414",
"CSAFPID-1503590"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45490",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45490.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673382",
"CSAFPID-1673399",
"CSAFPID-1650731",
"CSAFPID-1673517",
"CSAFPID-1673396",
"CSAFPID-1673414",
"CSAFPID-1503590"
]
}
],
"title": "CVE-2024-45490"
},
{
"cve": "CVE-2024-45491",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673382",
"CSAFPID-1673399",
"CSAFPID-1650731",
"CSAFPID-1673517",
"CSAFPID-1673396",
"CSAFPID-1673414",
"CSAFPID-1503590"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45491",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45491.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673382",
"CSAFPID-1673399",
"CSAFPID-1650731",
"CSAFPID-1673517",
"CSAFPID-1673396",
"CSAFPID-1673414",
"CSAFPID-1503590"
]
}
],
"title": "CVE-2024-45491"
},
{
"cve": "CVE-2024-45492",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673382",
"CSAFPID-1673399",
"CSAFPID-1650731",
"CSAFPID-1673517",
"CSAFPID-1673396",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1673414",
"CSAFPID-1503590"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45492",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673382",
"CSAFPID-1673399",
"CSAFPID-1650731",
"CSAFPID-1673517",
"CSAFPID-1673396",
"CSAFPID-1674617",
"CSAFPID-1674618",
"CSAFPID-1674619",
"CSAFPID-1674620",
"CSAFPID-1674621",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1674624",
"CSAFPID-1674625",
"CSAFPID-1674626",
"CSAFPID-1674627",
"CSAFPID-1674628",
"CSAFPID-1635305",
"CSAFPID-1635306",
"CSAFPID-1635307",
"CSAFPID-1635308",
"CSAFPID-1635309",
"CSAFPID-1670434",
"CSAFPID-1674629",
"CSAFPID-1635315",
"CSAFPID-1635316",
"CSAFPID-1635318",
"CSAFPID-1674630",
"CSAFPID-1674631",
"CSAFPID-1674632",
"CSAFPID-1674633",
"CSAFPID-1674634",
"CSAFPID-1674635",
"CSAFPID-1635323",
"CSAFPID-1674636",
"CSAFPID-1635324",
"CSAFPID-1674637",
"CSAFPID-1674638",
"CSAFPID-1674639",
"CSAFPID-1674640",
"CSAFPID-1674641",
"CSAFPID-1674642",
"CSAFPID-1635320",
"CSAFPID-1635321",
"CSAFPID-1674643",
"CSAFPID-1674644",
"CSAFPID-1674645",
"CSAFPID-1674646",
"CSAFPID-1673414",
"CSAFPID-1503590"
]
}
],
"title": "CVE-2024-45492"
},
{
"cve": "CVE-2024-47535",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751233",
"CSAFPID-1751234",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47535",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47535.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751233",
"CSAFPID-1751234",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
}
],
"title": "CVE-2024-47535"
},
{
"cve": "CVE-2024-47554",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751292",
"CSAFPID-1751234",
"CSAFPID-1751294",
"CSAFPID-1751233",
"CSAFPID-1751295",
"CSAFPID-1751296",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47554",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47554.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751292",
"CSAFPID-1751234",
"CSAFPID-1751294",
"CSAFPID-1751233",
"CSAFPID-1751295",
"CSAFPID-1751296",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
}
],
"title": "CVE-2024-47554"
},
{
"cve": "CVE-2024-47561",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751296",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47561",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751296",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
}
],
"title": "CVE-2024-47561"
},
{
"cve": "CVE-2024-47803",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"notes": [
{
"category": "other",
"text": "Generation of Error Message Containing Sensitive Information",
"title": "CWE-209"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751079",
"CSAFPID-1751225",
"CSAFPID-1672767",
"CSAFPID-1751300",
"CSAFPID-1751241",
"CSAFPID-1751081",
"CSAFPID-1751084",
"CSAFPID-1673393",
"CSAFPID-1751085"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47803",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47803.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1751079",
"CSAFPID-1751225",
"CSAFPID-1672767",
"CSAFPID-1751300",
"CSAFPID-1751241",
"CSAFPID-1751081",
"CSAFPID-1751084",
"CSAFPID-1673393",
"CSAFPID-1751085"
]
}
],
"title": "CVE-2024-47803"
},
{
"cve": "CVE-2024-47804",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"notes": [
{
"category": "other",
"text": "Incorrect Authorization",
"title": "CWE-863"
},
{
"category": "other",
"text": "Insufficient Granularity of Access Control",
"title": "CWE-1220"
},
{
"category": "other",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751225",
"CSAFPID-1751079",
"CSAFPID-1672767",
"CSAFPID-1751300",
"CSAFPID-1751241",
"CSAFPID-1751081",
"CSAFPID-1751084",
"CSAFPID-1673393",
"CSAFPID-1751085"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47804",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47804.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1751225",
"CSAFPID-1751079",
"CSAFPID-1672767",
"CSAFPID-1751300",
"CSAFPID-1751241",
"CSAFPID-1751081",
"CSAFPID-1751084",
"CSAFPID-1673393",
"CSAFPID-1751085"
]
}
],
"title": "CVE-2024-47804"
},
{
"cve": "CVE-2024-49766",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751208",
"CSAFPID-1751246",
"CSAFPID-1751209"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-49766",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-49766.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751208",
"CSAFPID-1751246",
"CSAFPID-1751209"
]
}
],
"title": "CVE-2024-49766"
},
{
"cve": "CVE-2024-49767",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751208",
"CSAFPID-1751080",
"CSAFPID-1751079",
"CSAFPID-1751225",
"CSAFPID-1751082",
"CSAFPID-1751300",
"CSAFPID-1751246",
"CSAFPID-1751209",
"CSAFPID-1673393",
"CSAFPID-1751085",
"CSAFPID-1751231"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-49767",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-49767.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751208",
"CSAFPID-1751080",
"CSAFPID-1751079",
"CSAFPID-1751225",
"CSAFPID-1751082",
"CSAFPID-1751300",
"CSAFPID-1751246",
"CSAFPID-1751209",
"CSAFPID-1673393",
"CSAFPID-1751085",
"CSAFPID-1751231"
]
}
],
"title": "CVE-2024-49767"
},
{
"cve": "CVE-2024-50379",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "other",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816790"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-50379",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50379.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816790"
]
}
],
"title": "CVE-2024-50379"
},
{
"cve": "CVE-2024-50602",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Improper Check for Unusual or Exceptional Conditions",
"title": "CWE-754"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751225",
"CSAFPID-1751079",
"CSAFPID-1751082",
"CSAFPID-1751085"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-50602",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50602.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751225",
"CSAFPID-1751079",
"CSAFPID-1751082",
"CSAFPID-1751085"
]
}
],
"title": "CVE-2024-50602"
},
{
"cve": "CVE-2024-53677",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "other",
"text": "Unrestricted Upload of File with Dangerous Type",
"title": "CWE-434"
},
{
"category": "other",
"text": "Files or Directories Accessible to External Parties",
"title": "CWE-552"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816790"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-53677",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-53677.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816790"
]
}
],
"title": "CVE-2024-53677"
},
{
"cve": "CVE-2024-54677",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816790"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-54677",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-54677.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816790"
]
}
],
"title": "CVE-2024-54677"
},
{
"cve": "CVE-2024-56337",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "other",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816790"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-56337",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56337.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816790"
]
}
],
"title": "CVE-2024-56337"
},
{
"cve": "CVE-2025-21542",
"product_status": {
"known_affected": [
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-1673496",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21542",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21542.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-1673496",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
}
],
"title": "CVE-2025-21542"
},
{
"cve": "CVE-2025-21544",
"product_status": {
"known_affected": [
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-1673496",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21544",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21544.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-1673496",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
}
],
"title": "CVE-2025-21544"
},
{
"cve": "CVE-2025-21554",
"product_status": {
"known_affected": [
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-1673496",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21554",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21554.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-224790",
"CSAFPID-221118",
"CSAFPID-1673496",
"CSAFPID-1751377",
"CSAFPID-1751378",
"CSAFPID-1751379",
"CSAFPID-1751380",
"CSAFPID-1751381",
"CSAFPID-1751382",
"CSAFPID-1751383",
"CSAFPID-1674619",
"CSAFPID-1674622",
"CSAFPID-1674623",
"CSAFPID-1751384",
"CSAFPID-1751385",
"CSAFPID-1751386"
]
}
],
"title": "CVE-2025-21554"
}
]
}
ncsc-2025-0330
Vulnerability from csaf_ncscnl
Published
2025-10-23 13:20
Modified
2025-10-23 13:20
Summary
Kwetsbaarheden verholpen in Oracle Communications producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft meerdere kwetsbaarheden verholpen in zijn Communications producten, waaronder de Unified Assurance en Cloud Native Core.
Interpretaties
De kwetsbaarheden in de Oracle Communications producten stellen kwaadwillenden in staat om ongeautoriseerde toegang te verkrijgen, wat kan leiden tot gedeeltelijke of volledige Denial-of-Service (DoS) aanvallen. Specifiek kunnen aanvallers met netwerktoegang de systemen compromitteren, wat resulteert in ongeautoriseerde toegang tot gevoelige gegevens. De CVSS-scores van deze kwetsbaarheden variëren van 3.1 tot 9.8, wat wijst op een breed scala aan risico's, van beperkte tot ernstige impact op de vertrouwelijkheid, integriteit en beschikbaarheid van de systemen.
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden in zijn Communications producten te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-20
Improper Input Validation
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-23
Relative Path Traversal
CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE-121
Stack-based Buffer Overflow
CWE-122
Heap-based Buffer Overflow
CWE-124
Buffer Underwrite ('Buffer Underflow')
CWE-125
Out-of-bounds Read
CWE-129
Improper Validation of Array Index
CWE-130
Improper Handling of Length Parameter Inconsistency
CWE-147
Improper Neutralization of Input Terminators
CWE-190
Integer Overflow or Wraparound
CWE-197
Numeric Truncation Error
CWE-241
Improper Handling of Unexpected Data Type
CWE-252
Unchecked Return Value
CWE-253
Incorrect Check of Function Return Value
CWE-284
Improper Access Control
CWE-287
Improper Authentication
CWE-290
Authentication Bypass by Spoofing
CWE-328
Use of Weak Hash
CWE-385
Covert Timing Channel
CWE-390
Detection of Error Condition Without Action
CWE-400
Uncontrolled Resource Consumption
CWE-404
Improper Resource Shutdown or Release
CWE-407
Inefficient Algorithmic Complexity
CWE-409
Improper Handling of Highly Compressed Data (Data Amplification)
CWE-415
Double Free
CWE-416
Use After Free
CWE-426
Untrusted Search Path
CWE-440
Expected Behavior Violation
CWE-444
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CWE-476
NULL Pointer Dereference
CWE-674
Uncontrolled Recursion
CWE-697
Incorrect Comparison
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-787
Out-of-bounds Write
CWE-789
Memory Allocation with Excessive Size Value
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CWE-918
Server-Side Request Forgery (SSRF)
CWE-937
CWE-937
CWE-1035
CWE-1035
CWE-1284
Improper Validation of Specified Quantity in Input
CWE-1333
Inefficient Regular Expression Complexity
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft meerdere kwetsbaarheden verholpen in zijn Communications producten, waaronder de Unified Assurance en Cloud Native Core.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden in de Oracle Communications producten stellen kwaadwillenden in staat om ongeautoriseerde toegang te verkrijgen, wat kan leiden tot gedeeltelijke of volledige Denial-of-Service (DoS) aanvallen. Specifiek kunnen aanvallers met netwerktoegang de systemen compromitteren, wat resulteert in ongeautoriseerde toegang tot gevoelige gegevens. De CVSS-scores van deze kwetsbaarheden vari\u00ebren van 3.1 tot 9.8, wat wijst op een breed scala aan risico\u0027s, van beperkte tot ernstige impact op de vertrouwelijkheid, integriteit en beschikbaarheid van de systemen.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden in zijn Communications producten te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Relative Path Traversal",
"title": "CWE-23"
},
{
"category": "general",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "general",
"text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"title": "CWE-120"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "general",
"text": "Buffer Underwrite (\u0027Buffer Underflow\u0027)",
"title": "CWE-124"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Improper Validation of Array Index",
"title": "CWE-129"
},
{
"category": "general",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
},
{
"category": "general",
"text": "Improper Neutralization of Input Terminators",
"title": "CWE-147"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "Numeric Truncation Error",
"title": "CWE-197"
},
{
"category": "general",
"text": "Improper Handling of Unexpected Data Type",
"title": "CWE-241"
},
{
"category": "general",
"text": "Unchecked Return Value",
"title": "CWE-252"
},
{
"category": "general",
"text": "Incorrect Check of Function Return Value",
"title": "CWE-253"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Improper Authentication",
"title": "CWE-287"
},
{
"category": "general",
"text": "Authentication Bypass by Spoofing",
"title": "CWE-290"
},
{
"category": "general",
"text": "Use of Weak Hash",
"title": "CWE-328"
},
{
"category": "general",
"text": "Covert Timing Channel",
"title": "CWE-385"
},
{
"category": "general",
"text": "Detection of Error Condition Without Action",
"title": "CWE-390"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Inefficient Algorithmic Complexity",
"title": "CWE-407"
},
{
"category": "general",
"text": "Improper Handling of Highly Compressed Data (Data Amplification)",
"title": "CWE-409"
},
{
"category": "general",
"text": "Double Free",
"title": "CWE-415"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "Untrusted Search Path",
"title": "CWE-426"
},
{
"category": "general",
"text": "Expected Behavior Violation",
"title": "CWE-440"
},
{
"category": "general",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "Incorrect Comparison",
"title": "CWE-697"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Memory Allocation with Excessive Size Value",
"title": "CWE-789"
},
{
"category": "general",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
},
{
"category": "general",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "general",
"text": "CWE-937",
"title": "CWE-937"
},
{
"category": "general",
"text": "CWE-1035",
"title": "CWE-1035"
},
{
"category": "general",
"text": "Improper Validation of Specified Quantity in Input",
"title": "CWE-1284"
},
{
"category": "general",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference",
"url": "https://www.oracle.com/security-alerts/cpuoct2025.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Communications producten",
"tracking": {
"current_release_date": "2025-10-23T13:20:15.363063Z",
"generator": {
"date": "2025-08-04T16:30:00Z",
"engine": {
"name": "V.A.",
"version": "1.3"
}
},
"id": "NCSC-2025-0330",
"initial_release_date": "2025-10-23T13:20:15.363063Z",
"revision_history": [
{
"date": "2025-10-23T13:20:15.363063Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-1"
}
}
],
"category": "product_name",
"name": "Communications Cloud Native Core Console"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-2"
}
}
],
"category": "product_name",
"name": "Management Cloud Engine"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-3"
}
}
],
"category": "product_name",
"name": "Oracle Communications Billing and Revenue Management"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-4"
}
}
],
"category": "product_name",
"name": "Oracle Communications Calendar Server"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-5"
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Automated Test Suite"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-6"
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Binding Support Function"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-7"
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Certificate Management"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-8"
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core DBTier"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-9"
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Network Function Cloud Native Environment"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-10"
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Network Repository Function"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-11"
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Network Slice Selection Function"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-12"
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Policy"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-13"
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Security Edge Protection Proxy"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-14"
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Service Communication Proxy"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-15"
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Unified Data Repository"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-16"
}
}
],
"category": "product_name",
"name": "Oracle Communications Converged Charging System"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-17"
}
}
],
"category": "product_name",
"name": "Oracle Communications Convergence"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-18"
}
}
],
"category": "product_name",
"name": "Oracle Communications Convergent Charging Controller"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-19"
}
}
],
"category": "product_name",
"name": "Oracle Communications Diameter Signaling Router"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-20"
}
}
],
"category": "product_name",
"name": "Oracle Communications EAGLE Element Management System"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-21"
}
}
],
"category": "product_name",
"name": "Oracle Communications EAGLE LNP Application Processor"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-22"
}
}
],
"category": "product_name",
"name": "Oracle Communications LSMS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-23"
}
}
],
"category": "product_name",
"name": "Oracle Communications Messaging Server"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-24"
}
}
],
"category": "product_name",
"name": "Oracle Communications Network Analytics Data Director"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-25"
}
}
],
"category": "product_name",
"name": "Oracle Communications Network Charging and Control"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-26"
}
}
],
"category": "product_name",
"name": "Oracle Communications Network Integrity"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-27"
}
}
],
"category": "product_name",
"name": "Oracle Communications Offline Mediation Controller"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-28"
}
}
],
"category": "product_name",
"name": "Oracle Communications Operations Monitor"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-29"
}
}
],
"category": "product_name",
"name": "Oracle Communications Order and Service Management"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-30"
}
}
],
"category": "product_name",
"name": "Oracle Communications Pricing Design Center"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-31"
}
}
],
"category": "product_name",
"name": "Oracle Communications Service Catalog and Design"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-32"
}
}
],
"category": "product_name",
"name": "Oracle Communications Session Border Controller"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-33"
}
}
],
"category": "product_name",
"name": "Oracle Communications Unified Assurance"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-34"
}
}
],
"category": "product_name",
"name": "Oracle Communications Unified Inventory Management"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-35"
}
}
],
"category": "product_name",
"name": "Oracle Enterprise Communications Broker"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-36"
}
}
],
"category": "product_name",
"name": "Oracle Enterprise Operations Monitor"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-26555",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "description",
"text": "Recent updates address vulnerabilities in NTP 4.2.8p17 and Oracle products, including CVE-2023-26555 related to malformed RT-11 dates and various security issues in Oracle Communications and Database systems.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-26555 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-26555.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2023-26555"
},
{
"cve": "CVE-2024-7254",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "description",
"text": "Multiple vulnerabilities across various Oracle, IBM, and Protobuf products could lead to Denial of Service and unauthorized access, with significant risks identified in versions of Oracle Communications, MySQL Connector/J, and IBM WebSphere.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-7254 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-7254.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2024-7254"
},
{
"cve": "CVE-2024-8006",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "description",
"text": "Multiple vulnerabilities in Oracle Communications products and the libpcap library allow high-privileged attackers to cause denial of service and NULL pointer dereference issues, with CVSS scores of 4.4 for the former.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-8006 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-8006.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2024-8006"
},
{
"cve": "CVE-2024-12133",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Algorithmic Complexity",
"title": "CWE-407"
},
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "description",
"text": "Multiple vulnerabilities affecting Oracle Communications EAGLE LNP Application Processor, Oracle Communications Cloud Native Core Policy, and libtasn1 could lead to denial of service attacks, with CVSS scores of 5.3 for some products.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-12133 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-12133.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2024-12133"
},
{
"cve": "CVE-2024-28182",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Detection of Error Condition Without Action",
"title": "CWE-390"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "description",
"text": "Multiple vulnerabilities across Oracle MySQL, Oracle Communications, and nghttp2 products allow remote attackers to exploit confidentiality, integrity, and availability, with varying damage ratings from medium to high.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28182 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-28182.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2024-28182"
},
{
"cve": "CVE-2024-35164",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"notes": [
{
"category": "other",
"text": "Improper Validation of Array Index",
"title": "CWE-129"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle Communications Unified Assurance and Apache Guacamole could allow high-privileged attackers to compromise systems and execute arbitrary code, respectively.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-35164 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-35164.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2024-35164"
},
{
"cve": "CVE-2024-37371",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
},
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "Multiple vulnerabilities across Oracle products, including Communications and MySQL, as well as MIT Kerberos 5, allow for unauthorized access, denial of service, and other malicious activities, with CVSS scores reaching 9.1.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37371 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-37371.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2024-37371"
},
{
"cve": "CVE-2024-47554",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "description",
"text": "Multiple vulnerabilities across Oracle Middleware, Documaker, and Apache Commons IO components allow unauthenticated attackers to exploit denial of service risks, with CVSS scores ranging from 4.3 to 7.5.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47554 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-47554.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2024-47554"
},
{
"cve": "CVE-2024-50609",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "description",
"text": "Fluent Bit 3.1.9 has a vulnerability allowing remote Denial of Service attacks via a zero-length packet, while Oracle Communications Unified Assurance versions 6.1.0-6.1.1 can be exploited by high-privileged attackers for complete Denial of Service.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-50609 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-50609.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2024-50609"
},
{
"cve": "CVE-2024-51504",
"cwe": {
"id": "CWE-290",
"name": "Authentication Bypass by Spoofing"
},
"notes": [
{
"category": "other",
"text": "Authentication Bypass by Spoofing",
"title": "CWE-290"
},
{
"category": "description",
"text": "Recent vulnerabilities in Apache ZooKeeper and Oracle Communications Unified Assurance expose systems to authentication bypass and unauthorized access, allowing attackers to execute commands and access critical data.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-51504 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-51504.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2024-51504"
},
{
"cve": "CVE-2024-57699",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "description",
"text": "Multiple security vulnerabilities across various Oracle products and the Netplex Json-smart library can lead to Denial of Service (DoS) due to stack exhaustion and other exploits, affecting versions 2.5.0 to 2.5.1 and specific Oracle software.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-57699 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-57699.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2024-57699"
},
{
"cve": "CVE-2025-1948",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "description",
"text": "Eclipse Jetty versions 12.0.0 to 12.0.16 are vulnerable to OutOfMemoryError and denial of service attacks due to improper validation of the SETTINGS_MAX_HEADER_LIST_SIZE parameter, affecting various products including Oracle Communications EAGLE and NetApp.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-1948 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-1948.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-1948"
},
{
"cve": "CVE-2025-3576",
"cwe": {
"id": "CWE-328",
"name": "Use of Weak Hash"
},
"notes": [
{
"category": "other",
"text": "Use of Weak Hash",
"title": "CWE-328"
},
{
"category": "description",
"text": "Recent vulnerabilities in krb5 and MIT Kerberos implementations allow for message spoofing via MD5 checksum weaknesses, while Oracle Communications Network Analytics Data Director is susceptible to unauthorized data manipulation through SSH access.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-3576 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-3576.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-3576"
},
{
"cve": "CVE-2025-4373",
"cwe": {
"id": "CWE-124",
"name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)"
},
"notes": [
{
"category": "other",
"text": "Buffer Underwrite (\u0027Buffer Underflow\u0027)",
"title": "CWE-124"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle Communications Cloud Native Core and glib2 involve unauthorized access risks and buffer overflow issues, affecting multiple products with varying severity levels.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-4373 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-4373.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L/E:U",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-4373"
},
{
"cve": "CVE-2025-4517",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "description",
"text": "Recent updates to Python versions 3.6 through 3.13.5 address multiple security vulnerabilities, particularly in the tarfile module, while enhancing various functionalities and resolving issues related to memory management and IPv6 handling.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-4517 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-4517.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-4517"
},
{
"cve": "CVE-2025-4802",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"notes": [
{
"category": "other",
"text": "Untrusted Search Path",
"title": "CWE-426"
},
{
"category": "description",
"text": "Vulnerabilities in Oracle Communications Cloud Native Core and glibc allow unauthenticated access and privilege escalation, with CVSS scores of 7.8, affecting confidentiality, integrity, and availability.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-4802 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-4802.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-4802"
},
{
"cve": "CVE-2025-5115",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "description",
"text": "The \u0027MadeYouReset\u0027 vulnerability in HTTP/2 affects certain Jetty versions, allowing denial of service through malformed control frames, while additional vulnerabilities exist in Oracle Communications and SAP Commerce Cloud.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-5115 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-5115.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-5115"
},
{
"cve": "CVE-2025-5318",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle MySQL Workbench and the libssh library expose sensitive data and allow unauthorized access, with CVSS scores indicating moderate severity.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-5318 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-5318.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-5318"
},
{
"cve": "CVE-2025-5399",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "description",
"text": "Multiple vulnerabilities in Oracle MySQL Server and Cluster, along with libcurl\u0027s WebSocket code, allow for various denial of service attacks, with CVSS scores ranging from 4.3 to 7.5.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-5399 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-5399.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-5399"
},
{
"cve": "CVE-2025-5889",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "description",
"text": "The juliangruber brace-expansion library has a vulnerability in versions up to 4.0.0 affecting the expand function, while Oracle Communications Unified Assurance versions 6.1.0-6.1.1 are susceptible to a partial denial of service by low-privileged attackers.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-5889 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-5889.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-5889"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"notes": [
{
"category": "other",
"text": "Numeric Truncation Error",
"title": "CWE-197"
},
{
"category": "description",
"text": "Critical vulnerabilities in Oracle Communications Cloud Native Core and SQLite versions prior to 3.50.2 expose systems to severe risks, including memory corruption and integer truncation issues.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-6965 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-6965.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-6965"
},
{
"cve": "CVE-2025-7339",
"cwe": {
"id": "CWE-241",
"name": "Improper Handling of Unexpected Data Type"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Unexpected Data Type",
"title": "CWE-241"
},
{
"category": "description",
"text": "Oracle Communications Unified Assurance has a vulnerability allowing unauthorized data access, while the on-headers middleware for Node.js has a bug affecting response header modifications in versions prior to 1.1.0.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-7339 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-7339.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-7339"
},
{
"cve": "CVE-2025-7425",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle Communications Cloud Native Core and libxslt expose systems to unauthorized access and memory corruption, with significant impacts on integrity and availability.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-7425 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-7425.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-7425"
},
{
"cve": "CVE-2025-7962",
"cwe": {
"id": "CWE-147",
"name": "Improper Neutralization of Input Terminators"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input Terminators",
"title": "CWE-147"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle Communications Cloud Native Core Console and Jakarta Mail versions 2.0.2 and 2.2 expose systems to significant risks, including unauthorized access and SMTP Injection attacks.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-7962 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-7962.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-7962"
},
{
"cve": "CVE-2025-8058",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "other",
"text": "Double Free",
"title": "CWE-415"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle Enterprise Operations Monitor and GNU C library versions 2.4 to 2.41 expose systems to potential unauthorized access, memory corruption, and denial of service risks.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:H/SC:L/SI:L/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-8058 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-8058.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-8058"
},
{
"cve": "CVE-2025-8916",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "other",
"text": "CWE-1035",
"title": "CWE-1035"
},
{
"category": "other",
"text": "CWE-937",
"title": "CWE-937"
},
{
"category": "description",
"text": "Bouncy Castle for Java and BCPKIX FIPS have a vulnerability allowing excessive resource allocation, while Oracle Communications Cloud Native Core Certificate Management and certain NetApp products face denial of service risks.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-8916 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-8916.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-8916"
},
{
"cve": "CVE-2025-9086",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "The curl update 8.14.1 addresses security vulnerabilities, including out-of-bounds reads, proxy cache poisoning, and a bug allowing insecure sites to override secure cookies, alongside a denial of service vulnerability in Oracle Communications Unified Inventory Management.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-9086 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-9086.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-9086"
},
{
"cve": "CVE-2025-25724",
"cwe": {
"id": "CWE-252",
"name": "Unchecked Return Value"
},
"notes": [
{
"category": "other",
"text": "Unchecked Return Value",
"title": "CWE-252"
},
{
"category": "description",
"text": "Multiple vulnerabilities have been identified in Oracle Communications Network Analytics Data Director and the libarchive component, affecting system integrity and availability, with CVSS scores indicating significant risks.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-25724 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-25724.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-25724"
},
{
"cve": "CVE-2025-27210",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "description",
"text": "Node.js versions 20.x, 22.x, and 24.x have an incomplete fix for CVE-2025-23084 affecting Windows device names and the `path.join` API, while Oracle Communications\u0027 Cloud Native Environment has a non-exploitable Security-in-Depth issue.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27210 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-27210.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-27210"
},
{
"cve": "CVE-2025-27533",
"cwe": {
"id": "CWE-789",
"name": "Memory Allocation with Excessive Size Value"
},
"notes": [
{
"category": "other",
"text": "Memory Allocation with Excessive Size Value",
"title": "CWE-789"
},
{
"category": "description",
"text": "Multiple vulnerabilities across Apache ActiveMQ and Oracle products allow for denial of service attacks due to improper validation and excessive memory allocation, affecting various versions and configurations.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:D/RE:M/U:Red",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27533 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-27533.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-27533"
},
{
"cve": "CVE-2025-27553",
"cwe": {
"id": "CWE-23",
"name": "Relative Path Traversal"
},
"notes": [
{
"category": "other",
"text": "Relative Path Traversal",
"title": "CWE-23"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle Middleware and Apache Commons VFS expose critical data and allow unauthorized file access, with significant risks associated with their exploitation.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27553 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-27553.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-27553"
},
{
"cve": "CVE-2025-27587",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"notes": [
{
"category": "other",
"text": "Covert Timing Channel",
"title": "CWE-385"
},
{
"category": "description",
"text": "OpenSSL versions 3.0.0 to 3.3.2 on PowerPC are vulnerable to a Minerva attack, while Oracle Communications Cloud Native Core Certificate Management 25.1.200 has a critical data access vulnerability, and OpenSSL 3 has addressed timing side channel issues.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27587 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-27587.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-27587"
},
{
"cve": "CVE-2025-27817",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "description",
"text": "Multiple vulnerabilities across Apache Kafka and Oracle applications allow unauthorized access to sensitive data, with notable SSRF risks and CVSS scores of 7.5 for Oracle products.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27817 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-27817.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-27817"
},
{
"cve": "CVE-2025-32415",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"notes": [
{
"category": "other",
"text": "Improper Validation of Specified Quantity in Input",
"title": "CWE-1284"
},
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "Multiple vulnerabilities have been identified in Oracle Java SE and libxml2, allowing for potential system compromise and denial of service, with CVSS scores of 7.5 for several issues.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-32415 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-32415.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-32415"
},
{
"cve": "CVE-2025-32728",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"notes": [
{
"category": "other",
"text": "Expected Behavior Violation",
"title": "CWE-440"
},
{
"category": "description",
"text": "Multiple vulnerabilities across Oracle Enterprise Communications Broker, OpenSSH, and HP-UX Secure Shell daemon could lead to unauthorized data access and system compromise, with varying CVSS scores and exploitation potential.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-32728 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-32728.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-32728"
},
{
"cve": "CVE-2025-32990",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle Communications Unified Inventory Management and GnuTLS\u0027s certtool expose systems to denial-of-service and unauthorized data access, with significant integrity impacts and a CVSS score of 8.2 for Oracle\u0027s flaw.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-32990 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-32990.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-32990"
},
{
"cve": "CVE-2025-48734",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "description",
"text": "Recent updates to Apache Commons BeanUtils address multiple vulnerabilities, including arbitrary code execution risks and unauthorized access to Java enum properties, affecting versions prior to 1.11.0 and 2.0.0-M2.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-48734 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48734.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-48734"
},
{
"cve": "CVE-2025-48924",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle WebLogic Server and Apache Commons Lang versions expose systems to denial of service risks, including an uncontrolled recursion flaw leading to StackOverflowErrors.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-48924 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48924.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-48924"
},
{
"cve": "CVE-2025-48976",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "description",
"text": "Multiple vulnerabilities affecting Oracle Application Testing Suite and Apache Commons FileUpload, including DoS risks due to insufficient multipart header limits, have been identified, with CVSS scores reaching 7.5.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-48976 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48976.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-48976"
},
{
"cve": "CVE-2025-48989",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "description",
"text": "Recent updates for Apache Tomcat versions 9, 10, and 11 address the \u0027MadeYouReset\u0027 DoS vulnerability in HTTP/2, along with various enhancements to components like Catalina and Coyote.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-48989 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48989.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-48989"
},
{
"cve": "CVE-2025-49796",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "Recent updates for libxml2 address multiple vulnerabilities, including heap use after free and type confusion, which could lead to denial of service or crashes, alongside an Oracle vulnerability allowing unauthorized data access.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-49796 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-49796.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-49796"
},
{
"cve": "CVE-2025-52999",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "description",
"text": "Oracle Communications Unified Assurance has a vulnerability allowing denial of service, while jackson-core versions prior to 2.15.0 can cause StackoverflowError with deeply nested data, now mitigated in version 2.15.0.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-52999 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-52999.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-52999"
},
{
"cve": "CVE-2025-53547",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "description",
"text": "Helm v3.18.4 addresses a critical vulnerability allowing local code execution through crafted `Chart.yaml` and symlinked `Chart.lock` files during dependency updates, alongside an Oracle Communications flaw with a CVSS score of 8.6.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-53547 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-53547.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-53547"
},
{
"cve": "CVE-2025-53643",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "other",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle Communications Operations Monitor and aiohttp could allow unauthorized access and data manipulation, with significant integrity impacts and request smuggling risks in affected versions.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-53643 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-53643.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-53643"
},
{
"cve": "CVE-2025-53864",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle GoldenGate and Connect2id Nimbus JOSE + JWT expose systems to denial of service attacks, with CVSS scores indicating significant availability impacts due to issues with deeply nested JSON objects.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-53864 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-53864.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-53864"
},
{
"cve": "CVE-2025-54090",
"cwe": {
"id": "CWE-253",
"name": "Incorrect Check of Function Return Value"
},
"notes": [
{
"category": "other",
"text": "Incorrect Check of Function Return Value",
"title": "CWE-253"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle Communications Cloud Native Core Automated Test Suite and Apache HTTP Server 2.4.64 expose systems to unauthorized data access and potential denial of service, with a CVSS score of 6.3 for the Oracle issue.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-54090 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-54090.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-54090"
},
{
"cve": "CVE-2025-55163",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "other",
"text": "CWE-1035",
"title": "CWE-1035"
},
{
"category": "other",
"text": "CWE-937",
"title": "CWE-937"
},
{
"category": "description",
"text": "Recent updates to Netty address critical vulnerabilities, including the \u0027MadeYouReset\u0027 DDoS attack in HTTP/2, which can lead to denial of service through resource exhaustion in various affected versions.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55163 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55163.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-55163"
},
{
"cve": "CVE-2025-57803",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "description",
"text": "ImageMagick has addressed critical vulnerabilities in its BMP encoder, including a 32-bit integer overflow leading to heap corruption and potential code execution, alongside other security enhancements.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-57803 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-57803.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-57803"
},
{
"cve": "CVE-2025-58057",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Highly Compressed Data (Data Amplification)",
"title": "CWE-409"
},
{
"category": "other",
"text": "CWE-1035",
"title": "CWE-1035"
},
{
"category": "other",
"text": "CWE-937",
"title": "CWE-937"
},
{
"category": "description",
"text": "Multiple vulnerabilities in decompressing decoders, including `BrotliDecoder`, and components of Oracle and HPE products can lead to denial of service through excessive buffer allocation and malformed HTTP/2 frames.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-58057 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58057.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-58057"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat (CVE-2025-59375) allows excessive memory allocations from crafted XML input, affecting versions prior to 2.7.2, while a Security-in-Depth issue exists in Oracle Database Server\u0027s Perl component but is not exploitable.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59375 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59375.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-59375"
}
]
}
ncsc-2025-0123
Vulnerability from csaf_ncscnl
Published
2025-04-16 08:37
Modified
2025-04-16 08:37
Summary
Kwetsbaarheden verholpen in Oracle Database Producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in diverse Oracle Database Producten en subsystemen, zoals Oracle Server, NoSQL, TimesTen, Secure Backup en Essbase.
Interpretaties
De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om een Denial-of-Service te veroorzaken of om ongeautoriseerde toegang te verkrijgen tot gevoelige gegevens en gegevens te manipuleren. Subcomponenten als de RDBMS Listener, Java VM, en andere componenten zijn specifiek kwetsbaar, met CVSS-scores variërend van 5.3 tot 7.5, wat duidt op een gematigd tot hoog risico.
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-385
Covert Timing Channel
CWE-347
Improper Verification of Cryptographic Signature
CWE-1286
Improper Validation of Syntactic Correctness of Input
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-400
Uncontrolled Resource Consumption
CWE-502
Deserialization of Untrusted Data
CWE-918
Server-Side Request Forgery (SSRF)
CWE-787
Out-of-bounds Write
CWE-20
Improper Input Validation
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-44
Path Equivalence: 'file.name' (Internal Dot)
CWE-226
Sensitive Information in Resource Not Removed Before Reuse
CWE-706
Use of Incorrectly-Resolved Name or Reference
CWE-669
Incorrect Resource Transfer Between Spheres
CWE-755
Improper Handling of Exceptional Conditions
CWE-178
Improper Handling of Case Sensitivity
CWE-193
Off-by-one Error
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
CWE-444
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CWE-523
Unprotected Transport of Credentials
CWE-190
Integer Overflow or Wraparound
CWE-614
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
CWE-285
Improper Authorization
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-284
Improper Access Control
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-476
NULL Pointer Dereference
CWE-459
Incomplete Cleanup
CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-674
Uncontrolled Recursion
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-122
Heap-based Buffer Overflow
CWE-121
Stack-based Buffer Overflow
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE-269
Improper Privilege Management
CWE-287
Improper Authentication
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft kwetsbaarheden verholpen in diverse Oracle Database Producten en subsystemen, zoals Oracle Server, NoSQL, TimesTen, Secure Backup en Essbase.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om een Denial-of-Service te veroorzaken of om ongeautoriseerde toegang te verkrijgen tot gevoelige gegevens en gegevens te manipuleren. Subcomponenten als de RDBMS Listener, Java VM, en andere componenten zijn specifiek kwetsbaar, met CVSS-scores vari\u00ebrend van 5.3 tot 7.5, wat duidt op een gematigd tot hoog risico.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Covert Timing Channel",
"title": "CWE-385"
},
{
"category": "general",
"text": "Improper Verification of Cryptographic Signature",
"title": "CWE-347"
},
{
"category": "general",
"text": "Improper Validation of Syntactic Correctness of Input",
"title": "CWE-1286"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "general",
"text": "Path Equivalence: \u0027file.name\u0027 (Internal Dot)",
"title": "CWE-44"
},
{
"category": "general",
"text": "Sensitive Information in Resource Not Removed Before Reuse",
"title": "CWE-226"
},
{
"category": "general",
"text": "Use of Incorrectly-Resolved Name or Reference",
"title": "CWE-706"
},
{
"category": "general",
"text": "Incorrect Resource Transfer Between Spheres",
"title": "CWE-669"
},
{
"category": "general",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "general",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
},
{
"category": "general",
"text": "Off-by-one Error",
"title": "CWE-193"
},
{
"category": "general",
"text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"title": "CWE-601"
},
{
"category": "general",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
},
{
"category": "general",
"text": "Unprotected Transport of Credentials",
"title": "CWE-523"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute",
"title": "CWE-614"
},
{
"category": "general",
"text": "Improper Authorization",
"title": "CWE-285"
},
{
"category": "general",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Incomplete Cleanup",
"title": "CWE-459"
},
{
"category": "general",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"title": "CWE-74"
},
{
"category": "general",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"title": "CWE-120"
},
{
"category": "general",
"text": "Improper Privilege Management",
"title": "CWE-269"
},
{
"category": "general",
"text": "Improper Authentication",
"title": "CWE-287"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - cveprojectv5; nvd; oracle",
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Database Producten",
"tracking": {
"current_release_date": "2025-04-16T08:37:39.412900Z",
"generator": {
"date": "2025-02-25T15:15:00Z",
"engine": {
"name": "V.A.",
"version": "1.0"
}
},
"id": "NCSC-2025-0123",
"initial_release_date": "2025-04-16T08:37:39.412900Z",
"revision_history": [
{
"date": "2025-04-16T08:37:39.412900Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/22.1",
"product": {
"name": "vers:unknown/22.1",
"product_id": "CSAFPID-1304603"
}
}
],
"category": "product_name",
"name": "Database Server"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/13.5.0.0",
"product": {
"name": "vers:unknown/13.5.0.0",
"product_id": "CSAFPID-1201359"
}
}
],
"category": "product_name",
"name": "Enterprise Manager for Oracle Database"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003e=19.1.0.0.0|\u003c=19.26.0.0.250219",
"product": {
"name": "vers:unknown/\u003e=19.1.0.0.0|\u003c=19.26.0.0.250219",
"product_id": "CSAFPID-2698376"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/\u003e=21.3|\u003c=21.17",
"product": {
"name": "vers:unknown/\u003e=21.3|\u003c=21.17",
"product_id": "CSAFPID-2698377"
}
}
],
"category": "product_name",
"name": "GoldenGate"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/23.1",
"product": {
"name": "vers:oracle/23.1",
"product_id": "CSAFPID-1238473"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/2.0",
"product": {
"name": "vers:unknown/2.0",
"product_id": "CSAFPID-1237753"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/20.2",
"product": {
"name": "vers:unknown/20.2",
"product_id": "CSAFPID-1238475"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/23.1",
"product": {
"name": "vers:unknown/23.1",
"product_id": "CSAFPID-1296375"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/none",
"product": {
"name": "vers:unknown/none",
"product_id": "CSAFPID-1237603"
}
}
],
"category": "product_name",
"name": "Big Data Spatial and Graph"
}
],
"category": "product_family",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=19.3|\u003c=19.22",
"product": {
"name": "vers:oracle/\u003e=19.3|\u003c=19.22",
"product_id": "CSAFPID-1145825"
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=21.3|\u003c=21.13",
"product": {
"name": "vers:oracle/\u003e=21.3|\u003c=21.13",
"product_id": "CSAFPID-1145826"
}
}
],
"category": "product_name",
"name": "Oracle Database Server"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=19.3|\u003c=19.26",
"product": {
"name": "vers:oracle/\u003e=19.3|\u003c=19.26",
"product_id": "CSAFPID-2698969",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=21.3|\u003c=21.17",
"product": {
"name": "vers:oracle/\u003e=21.3|\u003c=21.17",
"product_id": "CSAFPID-2698968",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=21.4|\u003c=21.16",
"product": {
"name": "vers:oracle/\u003e=21.4|\u003c=21.16",
"product_id": "CSAFPID-1839905",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=23.4|\u003c=23.7",
"product": {
"name": "vers:oracle/\u003e=23.4|\u003c=23.7",
"product_id": "CSAFPID-2698934",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Database Server"
}
],
"category": "product_family",
"name": "Oracle Database Server"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/13.5.0.0",
"product": {
"name": "vers:oracle/13.5.0.0",
"product_id": "CSAFPID-1144644"
}
}
],
"category": "product_name",
"name": "Oracle Enterprise Manager for Oracle Database"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/1.5.0",
"product": {
"name": "vers:oracle/1.5.0",
"product_id": "CSAFPID-2699002",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/1.6.0",
"product": {
"name": "vers:oracle/1.6.0",
"product_id": "CSAFPID-2699003",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/1.6.1",
"product": {
"name": "vers:oracle/1.6.1",
"product_id": "CSAFPID-2699004",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle NoSQL Database"
}
],
"category": "product_family",
"name": "Oracle NoSQL Database"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=22.1.1.1.0|\u003c=22.1.1.30.0",
"product": {
"name": "vers:oracle/\u003e=22.1.1.1.0|\u003c=22.1.1.30.0",
"product_id": "CSAFPID-2699053",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle TimesTen In-Memory Database"
}
],
"category": "product_family",
"name": "Oracle TimesTen In-Memory Database"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/25.1.0",
"product": {
"name": "vers:oracle/25.1.0",
"product_id": "CSAFPID-2698932",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/25.2.0",
"product": {
"name": "vers:oracle/25.2.0",
"product_id": "CSAFPID-2698931",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=23.8.0|\u003c=23.11.0",
"product": {
"name": "vers:oracle/\u003e=23.8.0|\u003c=23.11.0",
"product_id": "CSAFPID-2698930",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=24.1.0|\u003c=24.11.0",
"product": {
"name": "vers:oracle/\u003e=24.1.0|\u003c=24.11.0",
"product_id": "CSAFPID-2698933",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Autonomous Health Framework"
}
],
"category": "product_family",
"name": "Oracle Autonomous Health Framework"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/21.7.1.0.0",
"product": {
"name": "vers:oracle/21.7.1.0.0",
"product_id": "CSAFPID-2698943",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Essbase"
}
],
"category": "product_family",
"name": "Oracle Essbase"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.10",
"product": {
"name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.10",
"product_id": "CSAFPID-2698949",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "GoldenGate Stream Analytics"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.26.0.0.250219",
"product": {
"name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.26.0.0.250219",
"product_id": "CSAFPID-2698941",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=21.3|\u003c=21.17",
"product": {
"name": "vers:oracle/\u003e=21.3|\u003c=21.17",
"product_id": "CSAFPID-2698942",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=23.4|\u003c=23.7",
"product": {
"name": "vers:oracle/\u003e=23.4|\u003c=23.7",
"product_id": "CSAFPID-2699022",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle GoldenGate"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.18",
"product": {
"name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.18",
"product_id": "CSAFPID-1839977",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=21.3.0.0.0|\u003c=21.16.0.0.0",
"product": {
"name": "vers:oracle/\u003e=21.3.0.0.0|\u003c=21.16.0.0.0",
"product_id": "CSAFPID-1840034",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=23.4|\u003c=23.6",
"product": {
"name": "vers:oracle/\u003e=23.4|\u003c=23.6",
"product_id": "CSAFPID-1840035",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle GoldenGate Big Data and Application Adapters"
}
],
"category": "product_family",
"name": "Oracle GoldenGate"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.7",
"product": {
"name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.7",
"product_id": "CSAFPID-1144602"
}
}
],
"category": "product_name",
"name": "Oracle GoldenGate Stream Analytics"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/\u003c23.1",
"product": {
"name": "vers:oracle/\u003c23.1",
"product_id": "CSAFPID-1145800"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/2.0",
"product": {
"name": "vers:unknown/2.0",
"product_id": "CSAFPID-356315",
"product_identification_helper": {
"cpe": "cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:unknown/23.1",
"product": {
"name": "vers:unknown/23.1",
"product_id": "CSAFPID-356152"
}
}
],
"category": "product_name",
"name": "Big Data Spatial and Graph"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/23.4.3",
"product": {
"name": "vers:oracle/23.4.3",
"product_id": "CSAFPID-2699065",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.3.0",
"product": {
"name": "vers:oracle/24.3.0",
"product_id": "CSAFPID-2699066",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/23.4.4",
"product": {
"name": "vers:oracle/23.4.4",
"product_id": "CSAFPID-1840017",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.4.0",
"product": {
"name": "vers:oracle/24.4.0",
"product_id": "CSAFPID-1840013",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Graph Server and Client"
}
],
"category": "product_family",
"name": "Oracle Graph Server and Client"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/\u003c=22.4.7",
"product": {
"name": "vers:oracle/\u003c=22.4.7",
"product_id": "CSAFPID-1145419",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003c=23.4.2",
"product": {
"name": "vers:oracle/\u003c=23.4.2",
"product_id": "CSAFPID-1145421",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003c=24.1.0",
"product": {
"name": "vers:oracle/\u003c=24.1.0",
"product_id": "CSAFPID-1145422",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Graph Server and Client"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/3.0.6",
"product": {
"name": "vers:oracle/3.0.6",
"product_id": "CSAFPID-1145420",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Big Data Spatial and Graph"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/12.1.0.1",
"product": {
"name": "vers:oracle/12.1.0.1",
"product_id": "CSAFPID-2699109",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/12.1.0.2",
"product": {
"name": "vers:oracle/12.1.0.2",
"product_id": "CSAFPID-2699107",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/12.1.0.3",
"product": {
"name": "vers:oracle/12.1.0.3",
"product_id": "CSAFPID-2699106",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/18.1.0.0",
"product": {
"name": "vers:oracle/18.1.0.0",
"product_id": "CSAFPID-2699110",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/18.1.0.1",
"product": {
"name": "vers:oracle/18.1.0.1",
"product_id": "CSAFPID-2698972",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/18.1.0.2",
"product": {
"name": "vers:oracle/18.1.0.2",
"product_id": "CSAFPID-2699108",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Secure Backup"
}
],
"category": "product_family",
"name": "Oracle Secure Backup"
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:semver/19.3|\u003c=19.26",
"product": {
"name": "vers:semver/19.3|\u003c=19.26",
"product_id": "CSAFPID-2698485"
}
},
{
"category": "product_version_range",
"name": "vers:semver/21.3|\u003c=21.17",
"product": {
"name": "vers:semver/21.3|\u003c=21.17",
"product_id": "CSAFPID-2698486"
}
},
{
"category": "product_version_range",
"name": "vers:semver/23.4|\u003c=23.7",
"product": {
"name": "vers:semver/23.4|\u003c=23.7",
"product_id": "CSAFPID-2698487"
}
}
],
"category": "product_name",
"name": "Oracle Database Server"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:semver/12.1.0.1",
"product": {
"name": "vers:semver/12.1.0.1",
"product_id": "CSAFPID-2698463"
}
},
{
"category": "product_version_range",
"name": "vers:semver/12.1.0.2",
"product": {
"name": "vers:semver/12.1.0.2",
"product_id": "CSAFPID-2698464"
}
},
{
"category": "product_version_range",
"name": "vers:semver/12.1.0.3",
"product": {
"name": "vers:semver/12.1.0.3",
"product_id": "CSAFPID-2698465"
}
},
{
"category": "product_version_range",
"name": "vers:semver/18.1.0.0",
"product": {
"name": "vers:semver/18.1.0.0",
"product_id": "CSAFPID-2698466"
}
},
{
"category": "product_version_range",
"name": "vers:semver/18.1.0.1",
"product": {
"name": "vers:semver/18.1.0.1",
"product_id": "CSAFPID-2698467"
}
},
{
"category": "product_version_range",
"name": "vers:semver/18.1.0.2",
"product": {
"name": "vers:semver/18.1.0.2",
"product_id": "CSAFPID-2698468"
}
}
],
"category": "product_name",
"name": "Oracle Secure Backup"
}
],
"category": "vendor",
"name": "Oracle Corporation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-1935",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "other",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-1935",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-1935.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2020-1935"
},
{
"cve": "CVE-2020-1938",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"notes": [
{
"category": "other",
"text": "Improper Authorization",
"title": "CWE-285"
},
{
"category": "other",
"text": "Improper Privilege Management",
"title": "CWE-269"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-1938",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-1938.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2020-1938"
},
{
"cve": "CVE-2020-9484",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-9484",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-9484.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2020-9484"
},
{
"cve": "CVE-2020-11996",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-11996",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-11996.json"
}
],
"title": "CVE-2020-11996"
},
{
"cve": "CVE-2020-13935",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-13935",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-13935.json"
}
],
"title": "CVE-2020-13935"
},
{
"cve": "CVE-2020-13943",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-13943",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-13943.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2020-13943"
},
{
"cve": "CVE-2020-36843",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"notes": [
{
"category": "other",
"text": "Improper Verification of Cryptographic Signature",
"title": "CWE-347"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-36843",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-36843.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2020-36843"
},
{
"cve": "CVE-2021-24122",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-24122",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-24122.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2021-24122"
},
{
"cve": "CVE-2021-25122",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-25122",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-25122.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2021-25122"
},
{
"cve": "CVE-2021-25329",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-25329",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-25329.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2021-25329"
},
{
"cve": "CVE-2021-30640",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "other",
"text": "Improper Authentication",
"title": "CWE-287"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-30640",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-30640.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2021-30640"
},
{
"cve": "CVE-2021-33037",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "other",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-33037",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-33037.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2021-33037"
},
{
"cve": "CVE-2021-41079",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-41079",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-41079.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2021-41079"
},
{
"cve": "CVE-2021-41184",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-41184",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-41184.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2021-41184"
},
{
"cve": "CVE-2021-42575",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-42575",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-42575.json"
}
],
"title": "CVE-2021-42575"
},
{
"cve": "CVE-2021-43980",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-43980",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-43980.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2021-43980"
},
{
"cve": "CVE-2022-3786",
"cwe": {
"id": "CWE-193",
"name": "Off-by-one Error"
},
"notes": [
{
"category": "other",
"text": "Off-by-one Error",
"title": "CWE-193"
},
{
"category": "other",
"text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"title": "CWE-120"
},
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-3786",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-3786.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2022-3786"
},
{
"cve": "CVE-2022-25762",
"cwe": {
"id": "CWE-226",
"name": "Sensitive Information in Resource Not Removed Before Reuse"
},
"notes": [
{
"category": "other",
"text": "Sensitive Information in Resource Not Removed Before Reuse",
"title": "CWE-226"
},
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-25762",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-25762.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2022-25762"
},
{
"cve": "CVE-2022-42252",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "other",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-42252",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42252.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2022-42252"
},
{
"cve": "CVE-2023-28708",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Unprotected Transport of Credentials",
"title": "CWE-523"
},
{
"category": "other",
"text": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute",
"title": "CWE-614"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-28708",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28708.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2023-28708"
},
{
"cve": "CVE-2023-34053",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-34053",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-34053.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2023-34053"
},
{
"cve": "CVE-2023-41080",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"notes": [
{
"category": "other",
"text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"title": "CWE-601"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-41080",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-41080.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2023-41080"
},
{
"cve": "CVE-2023-42795",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"notes": [
{
"category": "other",
"text": "Incomplete Cleanup",
"title": "CWE-459"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-42795",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-42795.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2023-42795"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-44487",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-45648",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-45648",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45648.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2023-45648"
},
{
"cve": "CVE-2023-46589",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "other",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-46589",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46589.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2023-46589"
},
{
"cve": "CVE-2024-6763",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"notes": [
{
"category": "other",
"text": "Improper Validation of Syntactic Correctness of Input",
"title": "CWE-1286"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-6763",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6763.json"
}
],
"title": "CVE-2024-6763"
},
{
"cve": "CVE-2024-8176",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-8176",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-8176.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-8176"
},
{
"cve": "CVE-2024-8184",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-8184",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-8184.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-8184"
},
{
"cve": "CVE-2024-9143",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-9143",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9143.json"
}
],
"title": "CVE-2024-9143"
},
{
"cve": "CVE-2024-11053",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-11053",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11053.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-11053"
},
{
"cve": "CVE-2024-11233",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-11233",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11233.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-11233"
},
{
"cve": "CVE-2024-11234",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
},
{
"category": "other",
"text": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"title": "CWE-74"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-11234",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11234.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-11234"
},
{
"cve": "CVE-2024-11236",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-11236",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11236.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-11236"
},
{
"cve": "CVE-2024-13176",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"notes": [
{
"category": "other",
"text": "Covert Timing Channel",
"title": "CWE-385"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-13176",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-13176.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-13176"
},
{
"cve": "CVE-2024-23672",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"notes": [
{
"category": "other",
"text": "Incomplete Cleanup",
"title": "CWE-459"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-23672",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23672.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-23672"
},
{
"cve": "CVE-2024-24549",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-24549",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-24549"
},
{
"cve": "CVE-2024-36114",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-36114",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36114.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-36114"
},
{
"cve": "CVE-2024-37891",
"cwe": {
"id": "CWE-669",
"name": "Incorrect Resource Transfer Between Spheres"
},
"notes": [
{
"category": "other",
"text": "Incorrect Resource Transfer Between Spheres",
"title": "CWE-669"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37891",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-37891"
},
{
"cve": "CVE-2024-38819",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38819",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38819.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-38819"
},
{
"cve": "CVE-2024-38820",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "other",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38820",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-38820"
},
{
"cve": "CVE-2024-38999",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38999",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-38999"
},
{
"cve": "CVE-2024-39338",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-39338",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39338.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-39338"
},
{
"cve": "CVE-2024-47554",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47554",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47554.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-47554"
},
{
"cve": "CVE-2024-47561",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47561",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-47561"
},
{
"cve": "CVE-2024-53382",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-53382",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-53382.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-53382"
},
{
"cve": "CVE-2024-57699",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-57699",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-57699.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-57699"
},
{
"cve": "CVE-2025-21578",
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21578",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21578.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2025-21578"
},
{
"cve": "CVE-2025-24813",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "other",
"text": "Path Equivalence: \u0027file.name\u0027 (Internal Dot)",
"title": "CWE-44"
},
{
"category": "other",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
},
{
"category": "other",
"text": "Use of Incorrectly-Resolved Name or Reference",
"title": "CWE-706"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24813",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24813.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2025-24813"
},
{
"cve": "CVE-2025-24970",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24970",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24970.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2025-24970"
},
{
"cve": "CVE-2025-25193",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-25193",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-25193.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2025-25193"
},
{
"cve": "CVE-2025-26791",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26791",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26791.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2025-26791"
},
{
"cve": "CVE-2025-30694",
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30694",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30694.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2025-30694"
},
{
"cve": "CVE-2025-30701",
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30701",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30701.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2025-30701"
},
{
"cve": "CVE-2025-30702",
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30702",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30702.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2025-30702"
},
{
"cve": "CVE-2025-30733",
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30733",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30733.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2025-30733"
},
{
"cve": "CVE-2025-30736",
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30736",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30736.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2025-30736"
}
]
}
ncsc-2025-0128
Vulnerability from csaf_ncscnl
Published
2025-04-16 15:01
Modified
2025-04-16 15:01
Summary
Kwetsbaarheden verholpen in Oracle Fusion Middleware
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft meerdere kwetsbaarheden verholpen in verschillende producten, waaronder de Utilities Application Framework, WebLogic Server, en Fusion Middleware.
Interpretaties
De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om toegang te krijgen tot kritieke gegevens, Denial-of-Service (DoS) te veroorzaken, en in sommige gevallen zelfs volledige controle over systemen te verkrijgen. Kwaadwillenden kunnen deze kwetsbaarheden misbruiken door speciaal vervaardigde verzoeken te sturen of door gebruik te maken van onveilige configuraties in de getroffen producten.
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-1336
Improper Neutralization of Special Elements Used in a Template Engine
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CWE-754
Improper Check for Unusual or Exceptional Conditions
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE-400
Uncontrolled Resource Consumption
CWE-502
Deserialization of Untrusted Data
CWE-674
Uncontrolled Recursion
CWE-611
Improper Restriction of XML External Entity Reference
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-121
Stack-based Buffer Overflow
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-20
Improper Input Validation
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft meerdere kwetsbaarheden verholpen in verschillende producten, waaronder de Utilities Application Framework, WebLogic Server, en Fusion Middleware.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om toegang te krijgen tot kritieke gegevens, Denial-of-Service (DoS) te veroorzaken, en in sommige gevallen zelfs volledige controle over systemen te verkrijgen. Kwaadwillenden kunnen deze kwetsbaarheden misbruiken door speciaal vervaardigde verzoeken te sturen of door gebruik te maken van onveilige configuraties in de getroffen producten.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements Used in a Template Engine",
"title": "CWE-1336"
},
{
"category": "general",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "general",
"text": "Improper Check for Unusual or Exceptional Conditions",
"title": "CWE-754"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Inclusion of Functionality from Untrusted Control Sphere",
"title": "CWE-829"
},
{
"category": "general",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - cveprojectv5; nvd; oracle",
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Fusion Middleware",
"tracking": {
"current_release_date": "2025-04-16T15:01:24.587426Z",
"generator": {
"date": "2025-02-25T15:15:00Z",
"engine": {
"name": "V.A.",
"version": "1.0"
}
},
"id": "NCSC-2025-0128",
"initial_release_date": "2025-04-16T15:01:24.587426Z",
"revision_history": [
{
"date": "2025-04-16T15:01:24.587426Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/12.2.1.4.0",
"product": {
"name": "vers:oracle/12.2.1.4.0",
"product_id": "CSAFPID-2699078",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:access_manager:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Access Manager"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/12.2.1.4.0",
"product": {
"name": "vers:oracle/12.2.1.4.0",
"product_id": "CSAFPID-1839842",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/14.1.2.0.0",
"product": {
"name": "vers:oracle/14.1.2.0.0",
"product_id": "CSAFPID-2698989",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_process_management_suite:14.1.2.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Business Process Management Suite"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/12.2.1.4.0",
"product": {
"name": "vers:oracle/12.2.1.4.0",
"product_id": "CSAFPID-1839864",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/14.1.2.0.0",
"product": {
"name": "vers:oracle/14.1.2.0.0",
"product_id": "CSAFPID-2698967",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:http_server:14.1.2.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle HTTP Server"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/12.2.1.4.0",
"product": {
"name": "vers:oracle/12.2.1.4.0",
"product_id": "CSAFPID-1839938",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/14.1.2.0.0",
"product": {
"name": "vers:oracle/14.1.2.0.0",
"product_id": "CSAFPID-2699074",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:managed_file_transfer:14.1.2.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Managed File Transfer"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/12.2.1.4.0",
"product": {
"name": "vers:oracle/12.2.1.4.0",
"product_id": "CSAFPID-2698998",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:soa_suite:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/14.1.2.0.0",
"product": {
"name": "vers:oracle/14.1.2.0.0",
"product_id": "CSAFPID-2698997",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:soa_suite:14.1.2.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle SOA Suite"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/12.2.1.4.0",
"product": {
"name": "vers:oracle/12.2.1.4.0",
"product_id": "CSAFPID-1839896",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/14.1.1.0.0",
"product": {
"name": "vers:oracle/14.1.1.0.0",
"product_id": "CSAFPID-1839897",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/14.1.2.0.0",
"product": {
"name": "vers:oracle/14.1.2.0.0",
"product_id": "CSAFPID-1840030",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:weblogic_server:14.1.2.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle WebLogic Server"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/8.5.7",
"product": {
"name": "vers:oracle/8.5.7",
"product_id": "CSAFPID-1839872",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:outside_in_technology:8.5.7:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Outside In Technology"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/12.2.1.4.0",
"product": {
"name": "vers:oracle/12.2.1.4.0",
"product_id": "CSAFPID-1840014",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:coherence:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/14.1.1.0.0",
"product": {
"name": "vers:oracle/14.1.1.0.0",
"product_id": "CSAFPID-1839982",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:coherence:14.1.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/14.1.2.0.0",
"product": {
"name": "vers:oracle/14.1.2.0.0",
"product_id": "CSAFPID-2699125",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:coherence:14.1.2.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Coherence"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/12.2.1.4.0",
"product": {
"name": "vers:oracle/12.2.1.4.0",
"product_id": "CSAFPID-1839988",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Fusion Middleware MapViewer"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/12.2.1.4.0",
"product": {
"name": "vers:oracle/12.2.1.4.0",
"product_id": "CSAFPID-2698948",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle JDeveloper"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/14.1.1.0.0",
"product": {
"name": "vers:oracle/14.1.1.0.0",
"product_id": "CSAFPID-2699057",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:webcenter_forms_recognition:14.1.1.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle WebCenter Forms Recognition"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/12.2.1.4.0",
"product": {
"name": "vers:oracle/12.2.1.4.0",
"product_id": "CSAFPID-1840006",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle WebCenter Portal"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/12.2.1.4.0",
"product": {
"name": "vers:oracle/12.2.1.4.0",
"product_id": "CSAFPID-2698985",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Data Integrator"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/12.2.1.4.0",
"product": {
"name": "vers:oracle/12.2.1.4.0",
"product_id": "CSAFPID-1840028",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/14.1.2.0.0",
"product": {
"name": "vers:oracle/14.1.2.0.0",
"product_id": "CSAFPID-2699064",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_activity_monitoring:14.1.2.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Business Activity Monitoring"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/12.2.1.4.0",
"product": {
"name": "vers:oracle/12.2.1.4.0",
"product_id": "CSAFPID-2699044",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:service_bus:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Service Bus"
}
],
"category": "product_family",
"name": "Oracle Fusion Middleware"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/12.2.1.4.0",
"product": {
"name": "vers:unknown/12.2.1.4.0",
"product_id": "CSAFPID-1213401"
}
}
],
"category": "product_name",
"name": "Managed File Transfer"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/12.2.1.3.0",
"product": {
"name": "vers:unknown/12.2.1.3.0",
"product_id": "CSAFPID-1536644"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/12.2.1.4.0",
"product": {
"name": "vers:unknown/12.2.1.4.0",
"product_id": "CSAFPID-1536288"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/14.1.1.0.0",
"product": {
"name": "vers:unknown/14.1.1.0.0",
"product_id": "CSAFPID-1536278"
}
}
],
"category": "product_name",
"name": "Weblogic Server"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/8.5.7",
"product": {
"name": "vers:unknown/8.5.7",
"product_id": "CSAFPID-1233360"
}
}
],
"category": "product_name",
"name": "Outside In Technology"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/12.2.1.4.0",
"product": {
"name": "vers:unknown/12.2.1.4.0",
"product_id": "CSAFPID-1210435"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/14.1.1.0.0",
"product": {
"name": "vers:unknown/14.1.1.0.0",
"product_id": "CSAFPID-1210304"
}
}
],
"category": "product_name",
"name": "Coherence"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/12.2.1.4.0",
"product": {
"name": "vers:unknown/12.2.1.4.0",
"product_id": "CSAFPID-1247956"
}
}
],
"category": "product_name",
"name": "Jdeveloper (Application)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/12.2.1.3.0",
"product": {
"name": "vers:unknown/12.2.1.3.0",
"product_id": "CSAFPID-1214253"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/12.2.1.4.0",
"product": {
"name": "vers:unknown/12.2.1.4.0",
"product_id": "CSAFPID-1232894"
}
}
],
"category": "product_name",
"name": "WebCenter Portal"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/12.2.1.4.0",
"product": {
"name": "vers:unknown/12.2.1.4.0",
"product_id": "CSAFPID-1201529"
}
}
],
"category": "product_name",
"name": "Data Integrator"
}
],
"category": "product_family",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/12.2.1.4.0",
"product": {
"name": "vers:oracle/12.2.1.4.0",
"product_id": "CSAFPID-1144680",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/14.1.1.0.0",
"product": {
"name": "vers:oracle/14.1.1.0.0",
"product_id": "CSAFPID-1144604",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle WebLogic Server"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/12.2.1.4.0",
"product": {
"name": "vers:unknown/12.2.1.4.0",
"product_id": "CSAFPID-39413",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:coherence:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:unknown/14.1.1.0.0",
"product": {
"name": "vers:unknown/14.1.1.0.0",
"product_id": "CSAFPID-39412",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:coherence:14.1.1.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Coherence"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/12.2.1.3.0",
"product": {
"name": "vers:oracle/12.2.1.3.0",
"product_id": "CSAFPID-1144910"
}
},
{
"category": "product_version_range",
"name": "vers:oracle/12.2.1.4.0",
"product": {
"name": "vers:oracle/12.2.1.4.0",
"product_id": "CSAFPID-1144911",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle WebCenter Portal"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/12.2.1.3.0",
"product": {
"name": "vers:unknown/12.2.1.3.0",
"product_id": "CSAFPID-317201",
"product_identification_helper": {
"cpe": "cpe:2.3:a:ibm:oracle_webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:unknown/12.2.1.4.0",
"product": {
"name": "vers:unknown/12.2.1.4.0",
"product_id": "CSAFPID-307786",
"product_identification_helper": {
"cpe": "cpe:2.3:a:ibm:oracle_webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "WebCenter Portal"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-13936",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "other",
"text": "Improper Neutralization of Special Elements Used in a Template Engine",
"title": "CWE-1336"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-13936",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-13936.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
}
],
"title": "CVE-2020-13936"
},
{
"cve": "CVE-2020-25649",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-25649",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-25649.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
}
],
"title": "CVE-2020-25649"
},
{
"cve": "CVE-2023-26464",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-26464",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26464.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
}
],
"title": "CVE-2023-26464"
},
{
"cve": "CVE-2024-7254",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-7254",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7254.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
}
],
"title": "CVE-2024-7254"
},
{
"cve": "CVE-2024-9143",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-9143",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9143.json"
}
],
"title": "CVE-2024-9143"
},
{
"cve": "CVE-2024-11053",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-11053",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11053.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
}
],
"title": "CVE-2024-11053"
},
{
"cve": "CVE-2024-11612",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-11612",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11612.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
}
],
"title": "CVE-2024-11612"
},
{
"cve": "CVE-2024-25710",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-25710",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25710.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
}
],
"title": "CVE-2024-25710"
},
{
"cve": "CVE-2024-28168",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28168",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28168.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
}
],
"title": "CVE-2024-28168"
},
{
"cve": "CVE-2024-29857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29857",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29857.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
}
],
"title": "CVE-2024-29857"
},
{
"cve": "CVE-2024-38476",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Inclusion of Functionality from Untrusted Control Sphere",
"title": "CWE-829"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38476",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38476.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
}
],
"title": "CVE-2024-38476"
},
{
"cve": "CVE-2024-40896",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40896",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40896.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
}
],
"title": "CVE-2024-40896"
},
{
"cve": "CVE-2024-47072",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47072",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47072.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
}
],
"title": "CVE-2024-47072"
},
{
"cve": "CVE-2024-47554",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47554",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47554.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
}
],
"title": "CVE-2024-47554"
},
{
"cve": "CVE-2024-47561",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47561",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
}
],
"title": "CVE-2024-47561"
},
{
"cve": "CVE-2024-50602",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Improper Check for Unusual or Exceptional Conditions",
"title": "CWE-754"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-50602",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50602.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
}
],
"title": "CVE-2024-50602"
},
{
"cve": "CVE-2024-52046",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-52046",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52046.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
}
],
"title": "CVE-2024-52046"
},
{
"cve": "CVE-2024-56337",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "other",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-56337",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56337.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
}
],
"title": "CVE-2024-56337"
},
{
"cve": "CVE-2025-23184",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-23184",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23184.json"
}
],
"title": "CVE-2025-23184"
},
{
"cve": "CVE-2025-24970",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24970",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24970.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
}
],
"title": "CVE-2025-24970"
},
{
"cve": "CVE-2025-27363",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27363",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27363.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C/CR:H/IR:H/AR:H/MAV:N/MAC:L/MPR:N/MUI:N/MS:U/MC:H/MI:H/MA:H",
"version": "3.1"
},
"products": [
"CSAFPID-2699078",
"CSAFPID-1839842",
"CSAFPID-2698989",
"CSAFPID-1839864",
"CSAFPID-2698967",
"CSAFPID-1213401",
"CSAFPID-1839938",
"CSAFPID-2699074",
"CSAFPID-2698998",
"CSAFPID-2698997",
"CSAFPID-1144680",
"CSAFPID-1839896",
"CSAFPID-1144604",
"CSAFPID-1839897",
"CSAFPID-1536644",
"CSAFPID-1840030",
"CSAFPID-1536288",
"CSAFPID-1536278",
"CSAFPID-1839872",
"CSAFPID-1233360",
"CSAFPID-39413",
"CSAFPID-1210435",
"CSAFPID-1210304",
"CSAFPID-39412",
"CSAFPID-1840014",
"CSAFPID-1839982",
"CSAFPID-2699125",
"CSAFPID-1839988",
"CSAFPID-1247956",
"CSAFPID-2698948",
"CSAFPID-2699057",
"CSAFPID-1144910",
"CSAFPID-1840006",
"CSAFPID-1144911",
"CSAFPID-1214253",
"CSAFPID-317201",
"CSAFPID-1232894",
"CSAFPID-307786",
"CSAFPID-1201529",
"CSAFPID-2698985",
"CSAFPID-1840028",
"CSAFPID-2699064",
"CSAFPID-2699044"
]
}
],
"title": "CVE-2025-27363"
}
]
}
ncsc-2025-0329
Vulnerability from csaf_ncscnl
Published
2025-10-23 07:20
Modified
2025-10-23 07:20
Summary
Kwetsbaarheden verholpen in Oracle Commerce
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in verschillende subcomponenten van Oracle Commerce producten, waaronder Oracle Middleware Common Libraries, Oracle Documaker, Oracle WebCenter Forms Recognition, Oracle WebLogic Server, en Oracle Application Testing Suite.
Interpretaties
De kwetsbaarheden stellen ongeauthenticeerde aanvallers in staat om gedeeltelijke of volledige Denial of Service (DoS) te veroorzaken, met CVSS-scores variërend van 2.7 tot 7.5. Dit kan leiden tot systeemuitval en ongeoorloofde toegang tot gegevens. Aanvallers kunnen deze kwetsbaarheden misbruiken door specifieke verzoeken te sturen die de systemen overbelasten of door gebruik te maken van onbetrouwbare invoer. De kwetsbaarheden zijn aangetroffen in verschillende versies van de betrokken producten, wat de impact vergroot.
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-20
Improper Input Validation
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-400
Uncontrolled Resource Consumption
CWE-404
Improper Resource Shutdown or Release
CWE-674
Uncontrolled Recursion
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-937
CWE-937
CWE-1035
CWE-1035
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft kwetsbaarheden verholpen in verschillende subcomponenten van Oracle Commerce producten, waaronder Oracle Middleware Common Libraries, Oracle Documaker, Oracle WebCenter Forms Recognition, Oracle WebLogic Server, en Oracle Application Testing Suite.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden stellen ongeauthenticeerde aanvallers in staat om gedeeltelijke of volledige Denial of Service (DoS) te veroorzaken, met CVSS-scores vari\u00ebrend van 2.7 tot 7.5. Dit kan leiden tot systeemuitval en ongeoorloofde toegang tot gegevens. Aanvallers kunnen deze kwetsbaarheden misbruiken door specifieke verzoeken te sturen die de systemen overbelasten of door gebruik te maken van onbetrouwbare invoer. De kwetsbaarheden zijn aangetroffen in verschillende versies van de betrokken producten, wat de impact vergroot.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "CWE-937",
"title": "CWE-937"
},
{
"category": "general",
"text": "CWE-1035",
"title": "CWE-1035"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference",
"url": "https://www.oracle.com/docs/tech/security-alerts/cpuoct2025csaf.json"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Commerce",
"tracking": {
"current_release_date": "2025-10-23T07:20:51.213314Z",
"generator": {
"date": "2025-08-04T16:30:00Z",
"engine": {
"name": "V.A.",
"version": "1.3"
}
},
"id": "NCSC-2025-0329",
"initial_release_date": "2025-10-23T07:20:51.213314Z",
"revision_history": [
{
"date": "2025-10-23T07:20:51.213314Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-1"
}
}
],
"category": "product_name",
"name": "Commerce"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-2"
}
}
],
"category": "product_name",
"name": "Oracle Commerce Guided Search"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-3"
}
}
],
"category": "product_name",
"name": "Oracle Commerce Platform"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-47554",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "description",
"text": "Multiple vulnerabilities across Oracle Middleware, Documaker, and Apache Commons IO components allow unauthenticated attackers to exploit denial of service risks, with CVSS scores ranging from 4.3 to 7.5.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47554 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-47554.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3"
]
}
],
"title": "CVE-2024-47554"
},
{
"cve": "CVE-2024-57699",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "description",
"text": "Multiple security vulnerabilities across various Oracle products and the Netplex Json-smart library can lead to Denial of Service (DoS) due to stack exhaustion and other exploits, affecting versions 2.5.0 to 2.5.1 and specific Oracle software.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-57699 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-57699.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3"
]
}
],
"title": "CVE-2024-57699"
},
{
"cve": "CVE-2025-22233",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "description",
"text": "CVE-2024-38820 identifies a vulnerability in the Spring Framework affecting multiple versions, while a separate issue in the Oracle Commerce Platform\u0027s Dynamo Application Framework allows low-privileged attackers to manipulate data.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-22233 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-22233.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3"
]
}
],
"title": "CVE-2025-22233"
},
{
"cve": "CVE-2025-48795",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle WebCenter Forms Recognition and Apache CXF expose systems to data compromise and denial of service risks, with CVSS scores indicating significant impacts on confidentiality, integrity, and availability.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-48795 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48795.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3"
]
}
],
"title": "CVE-2025-48795"
},
{
"cve": "CVE-2025-48924",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle WebLogic Server and Apache Commons Lang versions expose systems to denial of service risks, including an uncontrolled recursion flaw leading to StackOverflowErrors.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-48924 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48924.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3"
]
}
],
"title": "CVE-2025-48924"
},
{
"cve": "CVE-2025-48976",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "description",
"text": "Multiple vulnerabilities affecting Oracle Application Testing Suite and Apache Commons FileUpload, including DoS risks due to insufficient multipart header limits, have been identified, with CVSS scores reaching 7.5.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-48976 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48976.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3"
]
}
],
"title": "CVE-2025-48976"
},
{
"cve": "CVE-2025-48989",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "description",
"text": "Recent updates for Apache Tomcat versions 9, 10, and 11 address the \u0027MadeYouReset\u0027 DoS vulnerability in HTTP/2, along with various enhancements to components like Catalina and Coyote.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-48989 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48989.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3"
]
}
],
"title": "CVE-2025-48989"
},
{
"cve": "CVE-2025-55163",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "other",
"text": "CWE-1035",
"title": "CWE-1035"
},
{
"category": "other",
"text": "CWE-937",
"title": "CWE-937"
},
{
"category": "description",
"text": "Recent updates to Netty address critical vulnerabilities, including the \u0027MadeYouReset\u0027 DDoS attack in HTTP/2, which can lead to denial of service through resource exhaustion in various affected versions.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55163 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55163.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3"
]
}
],
"title": "CVE-2025-55163"
}
]
}
ncsc-2025-0127
Vulnerability from csaf_ncscnl
Published
2025-04-16 15:00
Modified
2025-04-16 15:00
Summary
Kwetsbaarheden verholpen in Oracle Financial Services
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in verschillende Financial Services producten
Interpretaties
De kwetsbaarheden stellen niet-geauthenticeerde kwaadwillenden in staat om via HTTP toegang te krijgen tot kritieke gegevens, wat kan leiden tot ongeautoriseerde gegevenstoegang en andere beveiligingsrisico's. Kwaadwillenden kunnen ook gebruik maken van misconfiguraties en kwetsbaarheden in de software om privilege-escalatie, denial-of-service en remote code execution uit te voeren.
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-670
Always-Incorrect Control Flow Implementation
CWE-676
Use of Potentially Dangerous Function
CWE-921
Storage of Sensitive Data in a Mechanism without Access Control
CWE-922
Insecure Storage of Sensitive Information
CWE-669
Incorrect Resource Transfer Between Spheres
CWE-178
Improper Handling of Case Sensitivity
CWE-303
Incorrect Implementation of Authentication Algorithm
CWE-732
Incorrect Permission Assignment for Critical Resource
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CWE-680
Integer Overflow to Buffer Overflow
CWE-639
Authorization Bypass Through User-Controlled Key
CWE-404
Improper Resource Shutdown or Release
CWE-284
Improper Access Control
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-400
Uncontrolled Resource Consumption
CWE-502
Deserialization of Untrusted Data
CWE-674
Uncontrolled Recursion
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-611
Improper Restriction of XML External Entity Reference
CWE-121
Stack-based Buffer Overflow
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE-20
Improper Input Validation
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft kwetsbaarheden verholpen in verschillende Financial Services producten",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden stellen niet-geauthenticeerde kwaadwillenden in staat om via HTTP toegang te krijgen tot kritieke gegevens, wat kan leiden tot ongeautoriseerde gegevenstoegang en andere beveiligingsrisico\u0027s. Kwaadwillenden kunnen ook gebruik maken van misconfiguraties en kwetsbaarheden in de software om privilege-escalatie, denial-of-service en remote code execution uit te voeren.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Always-Incorrect Control Flow Implementation",
"title": "CWE-670"
},
{
"category": "general",
"text": "Use of Potentially Dangerous Function",
"title": "CWE-676"
},
{
"category": "general",
"text": "Storage of Sensitive Data in a Mechanism without Access Control",
"title": "CWE-921"
},
{
"category": "general",
"text": "Insecure Storage of Sensitive Information",
"title": "CWE-922"
},
{
"category": "general",
"text": "Incorrect Resource Transfer Between Spheres",
"title": "CWE-669"
},
{
"category": "general",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
},
{
"category": "general",
"text": "Incorrect Implementation of Authentication Algorithm",
"title": "CWE-303"
},
{
"category": "general",
"text": "Incorrect Permission Assignment for Critical Resource",
"title": "CWE-732"
},
{
"category": "general",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "general",
"text": "Integer Overflow to Buffer Overflow",
"title": "CWE-680"
},
{
"category": "general",
"text": "Authorization Bypass Through User-Controlled Key",
"title": "CWE-639"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"title": "CWE-120"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - cveprojectv5; nvd; oracle",
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Financial Services",
"tracking": {
"current_release_date": "2025-04-16T15:00:12.952979Z",
"generator": {
"date": "2025-02-25T15:15:00Z",
"engine": {
"name": "V.A.",
"version": "1.0"
}
},
"id": "NCSC-2025-0127",
"initial_release_date": "2025-04-16T15:00:12.952979Z",
"revision_history": [
{
"date": "2025-04-16T15:00:12.952979Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/8.1.2.7.0",
"product": {
"name": "vers:unknown/8.1.2.7.0",
"product_id": "CSAFPID-2698335"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/8.1.3.0",
"product": {
"name": "vers:unknown/8.1.3.0",
"product_id": "CSAFPID-1838588"
}
}
],
"category": "product_name",
"name": "Financial Services Model Management and Governance"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/8.0.7.8",
"product": {
"name": "vers:unknown/8.0.7.8",
"product_id": "CSAFPID-1838570"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/8.0.8.6",
"product": {
"name": "vers:unknown/8.0.8.6",
"product_id": "CSAFPID-1838583"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/8.1.1.4",
"product": {
"name": "vers:unknown/8.1.1.4",
"product_id": "CSAFPID-2698354"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/8.1.2.5",
"product": {
"name": "vers:unknown/8.1.2.5",
"product_id": "CSAFPID-1838577"
}
}
],
"category": "product_name",
"name": "Financial Services Analytical Applications Infrastructure"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/8.0.8.1",
"product": {
"name": "vers:unknown/8.0.8.1",
"product_id": "CSAFPID-1199519"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/8.1.2.7",
"product": {
"name": "vers:unknown/8.1.2.7",
"product_id": "CSAFPID-1838573"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/8.1.2.8",
"product": {
"name": "vers:unknown/8.1.2.8",
"product_id": "CSAFPID-1838574"
}
}
],
"category": "product_name",
"name": "Financial Services Behavior Detection Platform"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/14.7.0.7.0",
"product": {
"name": "vers:unknown/14.7.0.7.0",
"product_id": "CSAFPID-2698380"
}
}
],
"category": "product_name",
"name": "Banking Liquidity Management"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/8.1.2.6",
"product": {
"name": "vers:unknown/8.1.2.6",
"product_id": "CSAFPID-1838589"
}
}
],
"category": "product_name",
"name": "Financial Services Compliance Studio"
}
],
"category": "product_family",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/8.1.2.6",
"product": {
"name": "vers:oracle/8.1.2.6",
"product_id": "CSAFPID-1839860",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/8.1.2.7",
"product": {
"name": "vers:oracle/8.1.2.7",
"product_id": "CSAFPID-1839857",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/8.1.2.7.0",
"product": {
"name": "vers:oracle/8.1.2.7.0",
"product_id": "CSAFPID-2699019",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/8.1.3.0",
"product": {
"name": "vers:oracle/8.1.3.0",
"product_id": "CSAFPID-1839858",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Financial Services Model Management and Governance"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/21.1.0.0.0",
"product": {
"name": "vers:oracle/21.1.0.0.0",
"product_id": "CSAFPID-2698953",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/22.1.0.0.0",
"product": {
"name": "vers:oracle/22.1.0.0.0",
"product_id": "CSAFPID-2698951",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/22.2.0.0.0",
"product": {
"name": "vers:oracle/22.2.0.0.0",
"product_id": "CSAFPID-2698952",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Banking APIs"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/21.1.0.0.0",
"product": {
"name": "vers:oracle/21.1.0.0.0",
"product_id": "CSAFPID-2698992",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/22.1.0.0.0",
"product": {
"name": "vers:oracle/22.1.0.0.0",
"product_id": "CSAFPID-2698990",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/22.2.0.0.0",
"product": {
"name": "vers:oracle/22.2.0.0.0",
"product_id": "CSAFPID-2698994",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Banking Digital Experience"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/8.0.7.8",
"product": {
"name": "vers:oracle/8.0.7.8",
"product_id": "CSAFPID-1839976",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/8.0.8.6",
"product": {
"name": "vers:oracle/8.0.8.6",
"product_id": "CSAFPID-1839966",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/8.1.1.4",
"product": {
"name": "vers:oracle/8.1.1.4",
"product_id": "CSAFPID-2699017",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/8.1.2.5",
"product": {
"name": "vers:oracle/8.1.2.5",
"product_id": "CSAFPID-1839974",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Financial Services Analytical Applications Infrastructure"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/5.1.0.0.0",
"product": {
"name": "vers:oracle/5.1.0.0.0",
"product_id": "CSAFPID-2699099",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/6.1.0.0.0",
"product": {
"name": "vers:oracle/6.1.0.0.0",
"product_id": "CSAFPID-2699100",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/7.0.0.0.0",
"product": {
"name": "vers:oracle/7.0.0.0.0",
"product_id": "CSAFPID-2699101",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=2.9.0.0.0|\u003c=7.0.0.0.0",
"product": {
"name": "vers:oracle/\u003e=2.9.0.0.0|\u003c=7.0.0.0.0",
"product_id": "CSAFPID-1839884",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Financial Services Revenue Management and Billing"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=14.4.0.0.0|\u003c=14.7.0.0.0",
"product": {
"name": "vers:oracle/\u003e=14.4.0.0.0|\u003c=14.7.0.0.0",
"product_id": "CSAFPID-1839866",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=14.5.0.0.0|\u003c=14.7.0.0.0",
"product": {
"name": "vers:oracle/\u003e=14.5.0.0.0|\u003c=14.7.0.0.0",
"product_id": "CSAFPID-2698995",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Banking Corporate Lending Process Management"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=14.5.0.0.0|\u003c=14.7.0.0.0",
"product": {
"name": "vers:oracle/\u003e=14.5.0.0.0|\u003c=14.7.0.0.0",
"product_id": "CSAFPID-1839867",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Banking Origination"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/8.0.8.1",
"product": {
"name": "vers:oracle/8.0.8.1",
"product_id": "CSAFPID-1839881",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/8.1.2.7",
"product": {
"name": "vers:oracle/8.1.2.7",
"product_id": "CSAFPID-1839880",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/8.1.2.8",
"product": {
"name": "vers:oracle/8.1.2.8",
"product_id": "CSAFPID-1839882",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/8.1.2.9",
"product": {
"name": "vers:oracle/8.1.2.9",
"product_id": "CSAFPID-2698954",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Financial Services Behavior Detection Platform"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/8.0.8",
"product": {
"name": "vers:oracle/8.0.8",
"product_id": "CSAFPID-1839878",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/14.7.0.7.0",
"product": {
"name": "vers:oracle/14.7.0.7.0",
"product_id": "CSAFPID-2698938",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/14.7.5.0.0",
"product": {
"name": "vers:oracle/14.7.5.0.0",
"product_id": "CSAFPID-1839923",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Banking Liquidity Management"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/8.1.2.6",
"product": {
"name": "vers:oracle/8.1.2.6",
"product_id": "CSAFPID-1839871",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/8.1.2.9",
"product": {
"name": "vers:oracle/8.1.2.9",
"product_id": "CSAFPID-2699005",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Financial Services Compliance Studio"
}
],
"category": "product_family",
"name": "Oracle Financial Services Applications"
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:semver/5.1.0.0.0",
"product": {
"name": "vers:semver/5.1.0.0.0",
"product_id": "CSAFPID-2698450"
}
},
{
"category": "product_version_range",
"name": "vers:semver/6.1.0.0.0",
"product": {
"name": "vers:semver/6.1.0.0.0",
"product_id": "CSAFPID-2698451"
}
},
{
"category": "product_version_range",
"name": "vers:semver/7.0.0.0.0",
"product": {
"name": "vers:semver/7.0.0.0.0",
"product_id": "CSAFPID-2698452"
}
}
],
"category": "product_name",
"name": "Oracle Financial Services Revenue Management and Billing"
}
],
"category": "vendor",
"name": "Oracle Corporation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-28170",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-28170",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-28170.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2021-28170"
},
{
"cve": "CVE-2023-39410",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-39410",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39410.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2023-39410"
},
{
"cve": "CVE-2023-49582",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"notes": [
{
"category": "other",
"text": "Incorrect Permission Assignment for Critical Resource",
"title": "CWE-732"
},
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-49582",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49582.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2023-49582"
},
{
"cve": "CVE-2024-5206",
"cwe": {
"id": "CWE-921",
"name": "Storage of Sensitive Data in a Mechanism without Access Control"
},
"notes": [
{
"category": "other",
"text": "Storage of Sensitive Data in a Mechanism without Access Control",
"title": "CWE-921"
},
{
"category": "other",
"text": "Insecure Storage of Sensitive Information",
"title": "CWE-922"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-5206",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5206.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2024-5206"
},
{
"cve": "CVE-2024-28168",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28168",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28168.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2024-28168"
},
{
"cve": "CVE-2024-28219",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "other",
"text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"title": "CWE-120"
},
{
"category": "other",
"text": "Use of Potentially Dangerous Function",
"title": "CWE-676"
},
{
"category": "other",
"text": "Integer Overflow to Buffer Overflow",
"title": "CWE-680"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28219",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28219.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2024-28219"
},
{
"cve": "CVE-2024-35195",
"cwe": {
"id": "CWE-670",
"name": "Always-Incorrect Control Flow Implementation"
},
"notes": [
{
"category": "other",
"text": "Always-Incorrect Control Flow Implementation",
"title": "CWE-670"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-35195",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35195.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2024-35195"
},
{
"cve": "CVE-2024-37891",
"cwe": {
"id": "CWE-669",
"name": "Incorrect Resource Transfer Between Spheres"
},
"notes": [
{
"category": "other",
"text": "Incorrect Resource Transfer Between Spheres",
"title": "CWE-669"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37891",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2024-37891"
},
{
"cve": "CVE-2024-38819",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38819",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38819.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2024-38819"
},
{
"cve": "CVE-2024-38820",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "other",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38820",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2024-38820"
},
{
"cve": "CVE-2024-38827",
"cwe": {
"id": "CWE-639",
"name": "Authorization Bypass Through User-Controlled Key"
},
"notes": [
{
"category": "other",
"text": "Authorization Bypass Through User-Controlled Key",
"title": "CWE-639"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38827",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38827.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2024-38827"
},
{
"cve": "CVE-2024-47072",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47072",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47072.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2024-47072"
},
{
"cve": "CVE-2024-47554",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47554",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47554.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2024-47554"
},
{
"cve": "CVE-2024-56128",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"notes": [
{
"category": "other",
"text": "Incorrect Implementation of Authentication Algorithm",
"title": "CWE-303"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-56128",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56128.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2024-56128"
},
{
"cve": "CVE-2024-56337",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "other",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-56337",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56337.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2024-56337"
},
{
"cve": "CVE-2024-57699",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-57699",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-57699.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2024-57699"
},
{
"cve": "CVE-2025-21573",
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21573",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21573.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2025-21573"
},
{
"cve": "CVE-2025-23184",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-23184",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23184.json"
}
],
"title": "CVE-2025-23184"
},
{
"cve": "CVE-2025-24970",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24970",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24970.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2698335",
"CSAFPID-1838588",
"CSAFPID-1839860",
"CSAFPID-1839857",
"CSAFPID-2699019",
"CSAFPID-1839858",
"CSAFPID-2698953",
"CSAFPID-2698951",
"CSAFPID-2698952",
"CSAFPID-2698992",
"CSAFPID-2698990",
"CSAFPID-2698994",
"CSAFPID-1838570",
"CSAFPID-1838583",
"CSAFPID-2698354",
"CSAFPID-1839976",
"CSAFPID-1838577",
"CSAFPID-1839966",
"CSAFPID-2699017",
"CSAFPID-1839974",
"CSAFPID-2699099",
"CSAFPID-2699100",
"CSAFPID-2699101",
"CSAFPID-1839884",
"CSAFPID-2698450",
"CSAFPID-2698451",
"CSAFPID-2698452",
"CSAFPID-1839866",
"CSAFPID-2698995",
"CSAFPID-1839867",
"CSAFPID-1199519",
"CSAFPID-1838573",
"CSAFPID-1838574",
"CSAFPID-1839881",
"CSAFPID-1839880",
"CSAFPID-1839882",
"CSAFPID-2698954",
"CSAFPID-1839878",
"CSAFPID-2698380",
"CSAFPID-2698938",
"CSAFPID-1839923",
"CSAFPID-1838589",
"CSAFPID-1839871",
"CSAFPID-2699005"
]
}
],
"title": "CVE-2025-24970"
}
]
}
ncsc-2025-0020
Vulnerability from csaf_ncscnl
Published
2025-01-22 13:30
Modified
2025-01-22 13:30
Summary
Kwetsbaarheden verholpen in Oracle Database producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in diverse database producten en subsystemen, zoals de Core Database, Graal, Application Express, GoldenGate en REST data.
Interpretaties
De kwetsbaarheden bevinden zich in verschillende componenten van de Oracle Database, waaronder de Data Mining component en de Java VM. Deze kwetsbaarheden stellen laaggeprivilegieerde geauthenticeerde gebruikers in staat om het systeem te compromitteren, wat kan leiden tot ongeautoriseerde toegang en gegevensmanipulatie. De Java VM-kwetsbaarheid kan ook leiden tot ongeautoriseerde wijzigingen van gegevens.
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-391
Unchecked Error Condition
CWE-115
Misinterpretation of Input
CWE-466
Return of Pointer Value Outside of Expected Range
CWE-222
Truncation of Security-relevant Information
CWE-131
Incorrect Calculation of Buffer Size
CWE-1287
Improper Validation of Specified Type of Input
CWE-922
Insecure Storage of Sensitive Information
CWE-191
Integer Underflow (Wrap or Wraparound)
CWE-1220
Insufficient Granularity of Access Control
CWE-776
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
CWE-178
Improper Handling of Case Sensitivity
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CWE-440
Expected Behavior Violation
CWE-1286
Improper Validation of Syntactic Correctness of Input
CWE-703
Improper Check or Handling of Exceptional Conditions
CWE-617
Reachable Assertion
CWE-427
Uncontrolled Search Path Element
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
CWE-288
Authentication Bypass Using an Alternate Path or Channel
CWE-354
Improper Validation of Integrity Check Value
CWE-190
Integer Overflow or Wraparound
CWE-404
Improper Resource Shutdown or Release
CWE-284
Improper Access Control
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-1333
Inefficient Regular Expression Complexity
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-476
NULL Pointer Dereference
CWE-757
Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')
CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-502
Deserialization of Untrusted Data
CWE-674
Uncontrolled Recursion
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-611
Improper Restriction of XML External Entity Reference
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-122
Heap-based Buffer Overflow
CWE-121
Stack-based Buffer Overflow
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-20
Improper Input Validation
CWE-276
Incorrect Default Permissions
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft kwetsbaarheden verholpen in diverse database producten en subsystemen, zoals de Core Database, Graal, Application Express, GoldenGate en REST data.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden bevinden zich in verschillende componenten van de Oracle Database, waaronder de Data Mining component en de Java VM. Deze kwetsbaarheden stellen laaggeprivilegieerde geauthenticeerde gebruikers in staat om het systeem te compromitteren, wat kan leiden tot ongeautoriseerde toegang en gegevensmanipulatie. De Java VM-kwetsbaarheid kan ook leiden tot ongeautoriseerde wijzigingen van gegevens.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Unchecked Error Condition",
"title": "CWE-391"
},
{
"category": "general",
"text": "Misinterpretation of Input",
"title": "CWE-115"
},
{
"category": "general",
"text": "Return of Pointer Value Outside of Expected Range",
"title": "CWE-466"
},
{
"category": "general",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
},
{
"category": "general",
"text": "Incorrect Calculation of Buffer Size",
"title": "CWE-131"
},
{
"category": "general",
"text": "Improper Validation of Specified Type of Input",
"title": "CWE-1287"
},
{
"category": "general",
"text": "Insecure Storage of Sensitive Information",
"title": "CWE-922"
},
{
"category": "general",
"text": "Integer Underflow (Wrap or Wraparound)",
"title": "CWE-191"
},
{
"category": "general",
"text": "Insufficient Granularity of Access Control",
"title": "CWE-1220"
},
{
"category": "general",
"text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
"title": "CWE-776"
},
{
"category": "general",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
},
{
"category": "general",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "general",
"text": "Expected Behavior Violation",
"title": "CWE-440"
},
{
"category": "general",
"text": "Improper Validation of Syntactic Correctness of Input",
"title": "CWE-1286"
},
{
"category": "general",
"text": "Improper Check or Handling of Exceptional Conditions",
"title": "CWE-703"
},
{
"category": "general",
"text": "Reachable Assertion",
"title": "CWE-617"
},
{
"category": "general",
"text": "Uncontrolled Search Path Element",
"title": "CWE-427"
},
{
"category": "general",
"text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"title": "CWE-601"
},
{
"category": "general",
"text": "Authentication Bypass Using an Alternate Path or Channel",
"title": "CWE-288"
},
{
"category": "general",
"text": "Improper Validation of Integrity Check Value",
"title": "CWE-354"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "general",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027)",
"title": "CWE-757"
},
{
"category": "general",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Incorrect Default Permissions",
"title": "CWE-276"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - cveprojectv5; nvd; oracle",
"url": "https://www.oracle.com/security-alerts/cpujan2025.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Database producten",
"tracking": {
"current_release_date": "2025-01-22T13:30:16.354373Z",
"id": "NCSC-2025-0020",
"initial_release_date": "2025-01-22T13:30:16.354373Z",
"revision_history": [
{
"date": "2025-01-22T13:30:16.354373Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "graal_development_kit_for_micronaut",
"product": {
"name": "graal_development_kit_for_micronaut",
"product_id": "CSAFPID-1751216",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graal_development_kit_for_micronaut:23.5-23.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_data_mining",
"product": {
"name": "database_-_data_mining",
"product_id": "CSAFPID-1751200",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_data_mining:19.3-19.25:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_data_mining",
"product": {
"name": "database_-_data_mining",
"product_id": "CSAFPID-1751199",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_data_mining:21.3-21.16:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_migration_assistant_for_unicode",
"product": {
"name": "database_migration_assistant_for_unicode",
"product_id": "CSAFPID-1751212",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_migration_assistant_for_unicode:19.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_server",
"product": {
"name": "database_server",
"product_id": "CSAFPID-1503604",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_server:_java_vm___23.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_graalvm_multilingual_engine",
"product": {
"name": "database_-_graalvm_multilingual_engine",
"product_id": "CSAFPID-1751223",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_graalvm_multilingual_engine:21.4-21.16:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_graalvm_multilingual_engine",
"product": {
"name": "database_-_graalvm_multilingual_engine",
"product_id": "CSAFPID-1751224",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_graalvm_multilingual_engine:23.5-23.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "application_express",
"product": {
"name": "application_express",
"product_id": "CSAFPID-1503575",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "application_express",
"product": {
"name": "application_express",
"product_id": "CSAFPID-1673188",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:application_express:24.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-342816",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_big_data_and_application_adapters",
"product": {
"name": "goldengate_big_data_and_application_adapters",
"product_id": "CSAFPID-816845",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_big_data_and_application_adapters",
"product": {
"name": "goldengate_big_data_and_application_adapters",
"product_id": "CSAFPID-1650825",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_big_data_and_application_adapters",
"product": {
"name": "goldengate_big_data_and_application_adapters",
"product_id": "CSAFPID-1751298",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_big_data_and_application_adapters",
"product": {
"name": "goldengate_big_data_and_application_adapters",
"product_id": "CSAFPID-1751299",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1650767",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.23.0.0.240716:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-485902",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:19.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1503736",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:19.23.0.0.240716:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1503739",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:21.14:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1751093",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:21.16:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1751094",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:23.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1751095",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:23.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1751204",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:23.4-23.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1503738",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:21.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1751203",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:21.3-21.16:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1650765",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:21.3-21.14:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "rest_data_services",
"product": {
"name": "rest_data_services",
"product_id": "CSAFPID-711746",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:rest_data_services:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "rest_data_services",
"product": {
"name": "rest_data_services",
"product_id": "CSAFPID-1751305",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:rest_data_services:24.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "rest_data_services",
"product": {
"name": "rest_data_services",
"product_id": "CSAFPID-1751304",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:rest_data_services:24.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "secure_backup",
"product": {
"name": "secure_backup",
"product_id": "CSAFPID-667692",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "secure_backup",
"product": {
"name": "secure_backup",
"product_id": "CSAFPID-345049",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "secure_backup",
"product": {
"name": "secure_backup",
"product_id": "CSAFPID-611417",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "secure_backup",
"product": {
"name": "secure_backup",
"product_id": "CSAFPID-1673422",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:19.1.0.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-38998",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503575",
"CSAFPID-1673188",
"CSAFPID-1751204",
"CSAFPID-1751203"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38998",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38998.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1503575",
"CSAFPID-1673188",
"CSAFPID-1751204",
"CSAFPID-1751203"
]
}
],
"title": "CVE-2024-38998"
},
{
"cve": "CVE-2024-38999",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503575",
"CSAFPID-1673188",
"CSAFPID-1751204",
"CSAFPID-1751203"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38999",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1503575",
"CSAFPID-1673188",
"CSAFPID-1751204",
"CSAFPID-1751203"
]
}
],
"title": "CVE-2024-38999"
},
{
"cve": "CVE-2024-45490",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "other",
"text": "Incorrect Calculation of Buffer Size",
"title": "CWE-131"
},
{
"category": "other",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-45490",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45490.json"
}
],
"title": "CVE-2024-45490"
},
{
"cve": "CVE-2024-45491",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-45491",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45491.json"
}
],
"title": "CVE-2024-45491"
},
{
"cve": "CVE-2024-45492",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-45492",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json"
}
],
"title": "CVE-2024-45492"
},
{
"cve": "CVE-2024-45772",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-45772",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45772.json"
}
],
"title": "CVE-2024-45772"
},
{
"cve": "CVE-2024-47554",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-47554",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47554.json"
}
],
"title": "CVE-2024-47554"
},
{
"cve": "CVE-2024-47561",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650825",
"CSAFPID-1751298",
"CSAFPID-1751299"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47561",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650825",
"CSAFPID-1751298",
"CSAFPID-1751299"
]
}
],
"title": "CVE-2024-47561"
},
{
"cve": "CVE-2024-50379",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "other",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-50379",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50379.json"
}
],
"title": "CVE-2024-50379"
},
{
"cve": "CVE-2024-52316",
"cwe": {
"id": "CWE-391",
"name": "Unchecked Error Condition"
},
"notes": [
{
"category": "other",
"text": "Unchecked Error Condition",
"title": "CWE-391"
},
{
"category": "other",
"text": "Authentication Bypass Using an Alternate Path or Channel",
"title": "CWE-288"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-52316",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52316.json"
}
],
"title": "CVE-2024-52316"
},
{
"cve": "CVE-2024-54677",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-54677",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-54677.json"
}
],
"title": "CVE-2024-54677"
},
{
"cve": "CVE-2024-56337",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "other",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-56337",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56337.json"
}
],
"title": "CVE-2024-56337"
},
{
"cve": "CVE-2025-21553",
"references": [
{
"category": "self",
"summary": "CVE-2025-21553",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21553.json"
}
],
"title": "CVE-2025-21553"
},
{
"cve": "CVE-2025-21557",
"product_status": {
"known_affected": [
"CSAFPID-1503575",
"CSAFPID-1673188"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21557",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21557.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1503575",
"CSAFPID-1673188"
]
}
],
"title": "CVE-2025-21557"
},
{
"cve": "CVE-2022-26345",
"cwe": {
"id": "CWE-427",
"name": "Uncontrolled Search Path Element"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Search Path Element",
"title": "CWE-427"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751199",
"CSAFPID-1751200"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-26345",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-26345.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751199",
"CSAFPID-1751200"
]
}
],
"title": "CVE-2022-26345"
},
{
"cve": "CVE-2023-27043",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2023-27043",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-27043.json"
}
],
"title": "CVE-2023-27043"
},
{
"cve": "CVE-2023-36730",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751203",
"CSAFPID-1751204"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-36730",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36730.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751203",
"CSAFPID-1751204"
]
}
],
"title": "CVE-2023-36730"
},
{
"cve": "CVE-2023-36785",
"cwe": {
"id": "CWE-191",
"name": "Integer Underflow (Wrap or Wraparound)"
},
"notes": [
{
"category": "other",
"text": "Integer Underflow (Wrap or Wraparound)",
"title": "CWE-191"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751203",
"CSAFPID-1751204"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-36785",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36785.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751203",
"CSAFPID-1751204"
]
}
],
"title": "CVE-2023-36785"
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"notes": [
{
"category": "other",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
},
{
"category": "other",
"text": "Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027)",
"title": "CWE-757"
},
{
"category": "other",
"text": "Improper Validation of Integrity Check Value",
"title": "CWE-354"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650765",
"CSAFPID-1650767",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-711746",
"CSAFPID-816845",
"CSAFPID-1503575",
"CSAFPID-1503604",
"CSAFPID-1751212"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-48795",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650765",
"CSAFPID-1650767",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-711746",
"CSAFPID-816845",
"CSAFPID-1503575",
"CSAFPID-1503604",
"CSAFPID-1751212"
]
}
],
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-342816",
"CSAFPID-1503575",
"CSAFPID-1503604",
"CSAFPID-816845",
"CSAFPID-711746",
"CSAFPID-1751216"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-52428",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52428.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-342816",
"CSAFPID-1503575",
"CSAFPID-1503604",
"CSAFPID-816845",
"CSAFPID-711746",
"CSAFPID-1751216"
]
}
],
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-2961",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503575",
"CSAFPID-1503604",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-711746"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-2961",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2961.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1503575",
"CSAFPID-1503604",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-711746"
]
}
],
"title": "CVE-2024-2961"
},
{
"cve": "CVE-2024-4030",
"cwe": {
"id": "CWE-276",
"name": "Incorrect Default Permissions"
},
"notes": [
{
"category": "other",
"text": "Incorrect Default Permissions",
"title": "CWE-276"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-4030",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4030.json"
}
],
"title": "CVE-2024-4030"
},
{
"cve": "CVE-2024-4032",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"notes": [
{
"category": "other",
"text": "Expected Behavior Violation",
"title": "CWE-440"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-4032",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4032.json"
}
],
"title": "CVE-2024-4032"
},
{
"cve": "CVE-2024-6232",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-6232",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6232.json"
}
],
"title": "CVE-2024-6232"
},
{
"cve": "CVE-2024-6763",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"notes": [
{
"category": "other",
"text": "Improper Validation of Syntactic Correctness of Input",
"title": "CWE-1286"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751304",
"CSAFPID-1751305"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-6763",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6763.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1751304",
"CSAFPID-1751305"
]
}
],
"title": "CVE-2024-6763"
},
{
"cve": "CVE-2024-6923",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "other",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-6923",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6923.json"
}
],
"title": "CVE-2024-6923"
},
{
"cve": "CVE-2024-7254",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-7254",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7254.json"
}
],
"title": "CVE-2024-7254"
},
{
"cve": "CVE-2024-7592",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-7592",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7592.json"
}
],
"title": "CVE-2024-7592"
},
{
"cve": "CVE-2024-8088",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-8088",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-8088.json"
}
],
"title": "CVE-2024-8088"
},
{
"cve": "CVE-2024-8927",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "other",
"text": "Insufficient Granularity of Access Control",
"title": "CWE-1220"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-8927",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-8927.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-8927"
},
{
"cve": "CVE-2024-11053",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-11053",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11053.json"
}
],
"title": "CVE-2024-11053"
},
{
"cve": "CVE-2024-21211",
"cwe": {
"id": "CWE-922",
"name": "Insecure Storage of Sensitive Information"
},
"notes": [
{
"category": "other",
"text": "Insecure Storage of Sensitive Information",
"title": "CWE-922"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1751223",
"CSAFPID-1751224"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21211",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21211.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1751223",
"CSAFPID-1751224"
]
}
],
"title": "CVE-2024-21211"
},
{
"cve": "CVE-2024-22262",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"notes": [
{
"category": "other",
"text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"title": "CWE-601"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650825",
"CSAFPID-1503575",
"CSAFPID-1503604",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-711746"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22262",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22262.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1650825",
"CSAFPID-1503575",
"CSAFPID-1503604",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-711746"
]
}
],
"title": "CVE-2024-22262"
},
{
"cve": "CVE-2024-24789",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Improper Validation of Specified Type of Input",
"title": "CWE-1287"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-24789",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24789.json"
}
],
"title": "CVE-2024-24789"
},
{
"cve": "CVE-2024-24790",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "other",
"text": "Misinterpretation of Input",
"title": "CWE-115"
},
{
"category": "other",
"text": "Improper Validation of Specified Type of Input",
"title": "CWE-1287"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-24790",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24790.json"
}
],
"title": "CVE-2024-24790"
},
{
"cve": "CVE-2024-24791",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-24791",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24791.json"
}
],
"title": "CVE-2024-24791"
},
{
"cve": "CVE-2024-28757",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "other",
"text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
"title": "CWE-776"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503575",
"CSAFPID-1503604",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-711746"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28757",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28757.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1503575",
"CSAFPID-1503604",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-711746"
]
}
],
"title": "CVE-2024-28757"
},
{
"cve": "CVE-2024-33599",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-33599",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33599.json"
}
],
"title": "CVE-2024-33599"
},
{
"cve": "CVE-2024-33600",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-33600",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33600.json"
}
],
"title": "CVE-2024-33600"
},
{
"cve": "CVE-2024-33601",
"cwe": {
"id": "CWE-703",
"name": "Improper Check or Handling of Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Check or Handling of Exceptional Conditions",
"title": "CWE-703"
},
{
"category": "other",
"text": "Reachable Assertion",
"title": "CWE-617"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-33601",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33601.json"
}
],
"title": "CVE-2024-33601"
},
{
"cve": "CVE-2024-33602",
"cwe": {
"id": "CWE-466",
"name": "Return of Pointer Value Outside of Expected Range"
},
"notes": [
{
"category": "other",
"text": "Return of Pointer Value Outside of Expected Range",
"title": "CWE-466"
},
{
"category": "other",
"text": "Improper Check or Handling of Exceptional Conditions",
"title": "CWE-703"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-33602",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33602.json"
}
],
"title": "CVE-2024-33602"
},
{
"cve": "CVE-2024-38819",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650825"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38819",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38819.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1650825"
]
}
],
"title": "CVE-2024-38819"
},
{
"cve": "CVE-2024-38820",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "other",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650825"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38820",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650825"
]
}
],
"title": "CVE-2024-38820"
}
]
}
suse-su-2024:3596-1
Vulnerability from csaf_suse
Published
2024-10-11 08:38
Modified
2024-10-11 08:38
Summary
Security update for apache-commons-io
Notes
Title of the patch
Security update for apache-commons-io
Description of the patch
This update for apache-commons-io fixes the following issues:
Upgrade to 2.17.0:
- CVE-2024-47554: Fixed untrusted input to XmlStreamReader can lead to uncontrolled resource consumption (bsc#1231298)
Other changes:
- https://commons.apache.org/proper/commons-io/changes-report.html#a2.17.0
Patchnames
SUSE-2024-3596,SUSE-SLE-SDK-12-SP5-2024-3596,SUSE-SLE-SERVER-12-SP5-2024-3596
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for apache-commons-io",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for apache-commons-io fixes the following issues:\n\nUpgrade to 2.17.0:\n\n- CVE-2024-47554: Fixed untrusted input to XmlStreamReader can lead to uncontrolled resource consumption (bsc#1231298)\n\nOther changes:\n- https://commons.apache.org/proper/commons-io/changes-report.html#a2.17.0\n \n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-3596,SUSE-SLE-SDK-12-SP5-2024-3596,SUSE-SLE-SERVER-12-SP5-2024-3596",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_3596-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:3596-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243596-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:3596-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-October/037218.html"
},
{
"category": "self",
"summary": "SUSE Bug 1231298",
"url": "https://bugzilla.suse.com/1231298"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47554 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47554/"
}
],
"title": "Security update for apache-commons-io",
"tracking": {
"current_release_date": "2024-10-11T08:38:55Z",
"generator": {
"date": "2024-10-11T08:38:55Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:3596-1",
"initial_release_date": "2024-10-11T08:38:55Z",
"revision_history": [
{
"date": "2024-10-11T08:38:55Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "apache-commons-io-2.17.0-11.3.1.noarch",
"product": {
"name": "apache-commons-io-2.17.0-11.3.1.noarch",
"product_id": "apache-commons-io-2.17.0-11.3.1.noarch"
}
},
{
"category": "product_version",
"name": "apache-commons-io-javadoc-2.17.0-11.3.1.noarch",
"product": {
"name": "apache-commons-io-javadoc-2.17.0-11.3.1.noarch",
"product_id": "apache-commons-io-javadoc-2.17.0-11.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-io-2.17.0-11.3.1.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:apache-commons-io-2.17.0-11.3.1.noarch"
},
"product_reference": "apache-commons-io-2.17.0-11.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-io-2.17.0-11.3.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:apache-commons-io-2.17.0-11.3.1.noarch"
},
"product_reference": "apache-commons-io-2.17.0-11.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-io-2.17.0-11.3.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache-commons-io-2.17.0-11.3.1.noarch"
},
"product_reference": "apache-commons-io-2.17.0-11.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-47554",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47554"
}
],
"notes": [
{
"category": "general",
"text": "Uncontrolled Resource Consumption vulnerability in Apache Commons IO.\n\nThe org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input.\n\n\nThis issue affects Apache Commons IO: from 2.0 before 2.14.0.\n\nUsers are recommended to upgrade to version 2.14.0 or later, which fixes the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:apache-commons-io-2.17.0-11.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache-commons-io-2.17.0-11.3.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache-commons-io-2.17.0-11.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47554",
"url": "https://www.suse.com/security/cve/CVE-2024-47554"
},
{
"category": "external",
"summary": "SUSE Bug 1231298 for CVE-2024-47554",
"url": "https://bugzilla.suse.com/1231298"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:apache-commons-io-2.17.0-11.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache-commons-io-2.17.0-11.3.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache-commons-io-2.17.0-11.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:apache-commons-io-2.17.0-11.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache-commons-io-2.17.0-11.3.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache-commons-io-2.17.0-11.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-11T08:38:55Z",
"details": "moderate"
}
],
"title": "CVE-2024-47554"
}
]
}
rhsa-2025:2416
Vulnerability from csaf_redhat
Published
2025-03-05 20:59
Modified
2025-10-24 13:21
Summary
Red Hat Security Advisory: Streams for Apache Kafka 2.9.0 release and security update
Notes
Topic
Streams for Apache Kafka 2.9.0 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Streams for Apache Kafka, based on the Apache Kafka project, offers a distributed
backbone that allows microservices and other applications to share data with
extremely high throughput and extremely low latency.
This release of Red Hat Streams for Apache Kafka 2.9.0 serves as a replacement for Red Hat Streams for Apache Kafka 2.8.0, and includes security and bug fixes, and enhancements.
Security Fix(es):
* Cruise Control:cio.netty:netty-common:4.1.115.Final-redhat [amq-st-2] "(CVE-2023-52428)"
* Cruise Control:com.nimbusds:nimbus-jose-jwt:9.37.2.redhat [amq-st-2] "(CVE-2024-47535)"
* Cruise Control:org.apache.kafka:kafka-clients:3.5.2.redhat+ [amq-st-2] "(CVE-2024-31141)"
* Cruise Control:io:commons-io:2.15.1.redhat+ [amq-st-2] "(CVE-2024-47554)"
* Cruise Control:org.eclipse.jetty:jetty-server:9.4.56.v20240826-redhat+ [amq-st-2] "(CVE-2024-8184)"
* Cruise Control:org.eclipse.jetty/jetty-server: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks [amq-st-2] "(CVE-2024-8184)"
* Kafka Exporter:golang-github-danielqsj-kafka_exporter: Golang FIPS zeroed buffer [amq-st-2] "(CVE-2024-9355)"
* Kafka Exporter:golang-github-danielqsj-kafka_exporter: net/http: Denial of service due to improper 100-continue handling in net/http [amq-st-2] "(CVE-2024-24791)"
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Streams for Apache Kafka 2.9.0 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Streams for Apache Kafka, based on the Apache Kafka project, offers a distributed\nbackbone that allows microservices and other applications to share data with\nextremely high throughput and extremely low latency.\n\nThis release of Red Hat Streams for Apache Kafka 2.9.0 serves as a replacement for Red Hat Streams for Apache Kafka 2.8.0, and includes security and bug fixes, and enhancements.\n\nSecurity Fix(es):\n* Cruise Control:cio.netty:netty-common:4.1.115.Final-redhat [amq-st-2] \"(CVE-2023-52428)\"\n\n* Cruise Control:com.nimbusds:nimbus-jose-jwt:9.37.2.redhat [amq-st-2] \"(CVE-2024-47535)\"\n\n* Cruise Control:org.apache.kafka:kafka-clients:3.5.2.redhat+ [amq-st-2] \"(CVE-2024-31141)\"\n\n* Cruise Control:io:commons-io:2.15.1.redhat+ [amq-st-2] \"(CVE-2024-47554)\"\n\n* Cruise Control:org.eclipse.jetty:jetty-server:9.4.56.v20240826-redhat+ [amq-st-2] \"(CVE-2024-8184)\"\n\n* Cruise Control:org.eclipse.jetty/jetty-server: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks [amq-st-2] \"(CVE-2024-8184)\"\n\n* Kafka Exporter:golang-github-danielqsj-kafka_exporter: Golang FIPS zeroed buffer [amq-st-2] \"(CVE-2024-9355)\"\n\n* Kafka Exporter:golang-github-danielqsj-kafka_exporter: net/http: Denial of service due to improper 100-continue handling in net/http [amq-st-2] \"(CVE-2024-24791)\"",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:2416",
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2295310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295310"
},
{
"category": "external",
"summary": "2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "2315719",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315719"
},
{
"category": "external",
"summary": "2316271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316271"
},
{
"category": "external",
"summary": "2318564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318564"
},
{
"category": "external",
"summary": "2325538",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325538"
},
{
"category": "external",
"summary": "2327264",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2327264"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_2416.json"
}
],
"title": "Red Hat Security Advisory: Streams for Apache Kafka 2.9.0 release and security update",
"tracking": {
"current_release_date": "2025-10-24T13:21:59+00:00",
"generator": {
"date": "2025-10-24T13:21:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.10"
}
},
"id": "RHSA-2025:2416",
"initial_release_date": "2025-03-05T20:59:06+00:00",
"revision_history": [
{
"date": "2025-03-05T20:59:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-03-05T20:59:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-24T13:21:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Streams for Apache Kafka 2.9.0",
"product": {
"name": "Streams for Apache Kafka 2.9.0",
"product_id": "Streams for Apache Kafka 2.9.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_streams:2"
}
}
}
],
"category": "product_family",
"name": "Streams for Apache Kafka"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-09-04T17:02:58.468000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309764"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Nimbus Jose JWT package. By crafting a JWE with an excessively large p2c value, an attacker can trigger significant resource consumption during decryption, potentially leading to application slowdown or unavailability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52428"
},
{
"category": "external",
"summary": "RHBZ#2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
}
],
"release_date": "2024-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-05T20:59:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service"
},
{
"cve": "CVE-2024-8184",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-10-14T16:01:01.239238+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2318564"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jetty\u0027s ThreadLimitHandler.getRemote(). This flaw allows unauthorized users to cause remote denial of service (DoS) attacks. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as moderate rather than important because it requires specific conditions to be met, including continuous, crafted requests that deliberately target memory allocation to exhaust resources. While it can cause a denial of service, it does not lead to direct compromise of sensitive data, unauthorized access, or code execution.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-400: Uncontrolled Resource Consumption vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat restricts access to all platform information by default, granting access only after successful hard token-based multi-factor authentication (MFA) and enforcing least privilege to ensure only authorized roles can execute or modify code. The environment employs malicious code protections, including IDS/IPS and antimalware tools to detect threats and monitor resource usage, helping prevent uncontrolled consumption that could lead to system failure. Additional safeguards, such as web application firewalls and load-balancing strategies, protect against resource exhaustion and performance degradation. Event logs are centrally collected, correlated, and analyzed to support monitoring, alerting, and retention, aiding in the detection of abnormal behavior and potential denial-of-service (DoS) conditions. Static code analysis and peer reviews enforce strong input validation and error handling, reducing the likelihood of input-based DoS attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8184"
},
{
"category": "external",
"summary": "RHBZ#2318564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318564"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8184",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8184"
},
{
"category": "external",
"summary": "https://github.com/jetty/jetty.project/pull/11723",
"url": "https://github.com/jetty/jetty.project/pull/11723"
},
{
"category": "external",
"summary": "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq",
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq"
},
{
"category": "external",
"summary": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30",
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30"
}
],
"release_date": "2024-10-14T15:09:37.861000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-05T20:59:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks"
},
{
"acknowledgments": [
{
"names": [
"David Benoit"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2024-9355",
"cwe": {
"id": "CWE-457",
"name": "Use of Uninitialized Variable"
},
"discovery_date": "2024-09-30T17:51:17.811000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2315719"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted computed hmac sum to an untrusted input sum if an attacker can send a zeroed buffer in place of a pre-computed sum.\u00a0 It is also possible to force a derived key to be all zeros instead of an unpredictable value.\u00a0 This may have follow-on implications for the Go TLS stack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-fips: Golang FIPS zeroed buffer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is specific to the Go language and only affects the test code in cri-o and conmon, not the production code. Since both projects use Go exclusively for testing purposes, this issue does not impact their production environment. Therefore, cri-o and conmon are not affected by this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-9355"
},
{
"category": "external",
"summary": "RHBZ#2315719",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315719"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-9355",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9355"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-9355",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9355"
},
{
"category": "external",
"summary": "https://github.com/golang-fips/openssl/pull/198",
"url": "https://github.com/golang-fips/openssl/pull/198"
}
],
"release_date": "2024-09-30T20:53:42.833000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-05T20:59:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang-fips: Golang FIPS zeroed buffer"
},
{
"cve": "CVE-2024-24791",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-07-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295310"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go. The net/http module mishandles specific server responses from HTTP/1.1 client requests. This issue may render a connection invalid and cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/http: Denial of service due to improper 100-continue handling in net/http",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "An attacker would need to control a malicious server and induce a client to connect to it, requiring some amount of preparation outside of the attacker\u0027s control. This reduces the severity score of this flaw to Moderate.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-20: Improper Input Validation vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat enforces the principle of least functionality, ensuring that only essential features, services, and ports are enabled. This minimizes the number of components that could be affected by input validation vulnerabilities. Security testing and evaluation standards are implemented within the environment to rigorously test input validation mechanisms during the development lifecycle, while static code analysis identifies potential input validation vulnerabilities by default. Process isolation ensures that processes handling potentially malicious or unvalidated inputs run in isolated environments by separating execution domains for each process. Malicious code protections, such as IPS/IDS and antimalware solutions, help detect and mitigate malicious payloads stemming from input validation vulnerabilities. Finally, robust input validation and error-handling mechanisms ensure all user inputs are thoroughly validated, preventing improperly validated inputs from causing system instability, exposing sensitive data, or escalating risks further.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24791"
},
{
"category": "external",
"summary": "RHBZ#2295310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295310"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791"
},
{
"category": "external",
"summary": "https://go.dev/cl/591255",
"url": "https://go.dev/cl/591255"
},
{
"category": "external",
"summary": "https://go.dev/issue/67555",
"url": "https://go.dev/issue/67555"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ",
"url": "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ"
}
],
"release_date": "2024-07-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-05T20:59:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net/http: Denial of service due to improper 100-continue handling in net/http"
},
{
"cve": "CVE-2024-31141",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"discovery_date": "2024-11-19T09:00:35.857468+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2327264"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Kafka Clients. Apache Kafka Clients accepts configuration data for customizing behavior and includes ConfigProvider plugins to manipulate these configurations. Apache Kafka also provides FileConfigProvider, DirectoryConfigProvider, and EnvVarConfigProvider implementations, which include the ability to read from disk or environment variables. In applications where an untrusted party can specify Apache Kafka Clients configurations, attackers may use these ConfigProviders to read arbitrary contents of the disk and environment variables.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kafka-clients: privilege escalation to filesystem read-access via automatic ConfigProvider",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-269: Improper Privilege Management or CWE-552: Files or Directories Accessible to External Parties vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces strict Role-Based Access Control (RBAC), network segmentation, and pod security policies that significantly limit external access pathways. Access to the platform is granted only after successful hard token, multi-factor authentication (MFA), which is coupled with least privilege principles to ensure that only authorized roles and users can execute or manipulate code. Additionally, process isolation ensures that processes running in one container or namespace cannot access files or directories belonging to another, even if file permissions are misconfigured.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-31141"
},
{
"category": "external",
"summary": "RHBZ#2327264",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2327264"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-31141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-31141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-31141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31141"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/9whdzfr0zwdhr364604w5ssnzmg4v2lv",
"url": "https://lists.apache.org/thread/9whdzfr0zwdhr364604w5ssnzmg4v2lv"
}
],
"release_date": "2024-11-19T08:40:50.695000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-05T20:59:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kafka-clients: privilege escalation to filesystem read-access via automatic ConfigProvider"
},
{
"cve": "CVE-2024-47535",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-11-12T16:01:18.772613+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2325538"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. An unsafe reading of the environment file could potentially cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crashes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: Denial of Service attack on windows app using Netty",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-400: Uncontrolled Resource Consumption vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat restricts access to all platform information by default, granting access only after successful hard token-based multi-factor authentication (MFA) and enforcing least privilege to ensure only authorized roles can execute or modify code. The environment employs malicious code protections, including IDS/IPS and antimalware tools to detect threats and monitor resource usage, helping prevent uncontrolled consumption that could lead to system failure. Additional safeguards, such as web application firewalls and load-balancing strategies, protect against resource exhaustion and performance degradation. Event logs are centrally collected, correlated, and analyzed to support monitoring, alerting, and retention, aiding in the detection of abnormal behavior and potential denial-of-service (DoS) conditions. Static code analysis and peer reviews enforce strong input validation and error handling, reducing the likelihood of input-based DoS attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47535"
},
{
"category": "external",
"summary": "RHBZ#2325538",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325538"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47535",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47535"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3",
"url": "https://github.com/netty/netty/commit/fbf7a704a82e7449b48bd0bbb679f5661c6d61a3"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-xq3w-v528-46rv"
}
],
"release_date": "2024-11-12T15:50:08.334000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-05T20:59:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty: Denial of Service attack on windows app using Netty"
},
{
"cve": "CVE-2024-47554",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-10-03T12:00:40.921058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2316271"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Apache Commons IO component in the org.apache.commons.io.input.XmlStreamReader class. Excessive CPU resource consumption can lead to a denial of service when an untrusted input is processed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-400: Uncontrolled Resource Consumption vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat restricts access to all platform information by default, granting access only after successful hard token-based multi-factor authentication (MFA) and enforcing least privilege to ensure only authorized roles can execute or modify code. The environment employs malicious code protections, including IDS/IPS and antimalware tools to detect threats and monitor resource usage, helping prevent uncontrolled consumption that could lead to system failure. Additional safeguards, such as web application firewalls and load-balancing strategies, protect against resource exhaustion and performance degradation. Event logs are centrally collected, correlated, and analyzed to support monitoring, alerting, and retention, aiding in the detection of abnormal behavior and potential denial-of-service (DoS) conditions. Static code analysis and peer reviews enforce strong input validation and error handling, reducing the likelihood of input-based DoS attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47554"
},
{
"category": "external",
"summary": "RHBZ#2316271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316271"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47554",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47554"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1",
"url": "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1"
}
],
"release_date": "2024-10-03T11:32:48.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-05T20:59:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader"
}
]
}
rhsa-2024:9571
Vulnerability from csaf_redhat
Published
2024-11-13 16:21
Modified
2025-10-29 12:12
Summary
Red Hat Security Advisory: Streams for Apache Kafka 2.8.0 release and security update
Notes
Topic
Streams for Apache Kafka 2.8.0 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Streams for Apache Kafka, based on the Apache Kafka project, offers a distributed
backbone that allows microservices and other applications to share data with
extremely high throughput and extremely low latency.
This release of Red Hat AMQ Streams 2.8.0 serves as a replacement for Red Hat
AMQ Streams 2.7.0, and includes security and bug fixes, and enhancements.
Security Fix(es):
* Zookeeper, Kafka, Cruise Control: org.eclipse.jetty/jetty-server: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks [amq-st-2]
"(CVE-2024-8184)"
* Zookeeper, Kafka : org.eclipse.jetty/jetty-servlets: Jetty DOS vulnerability on DosFilter [amq-st-2] "(CVE-2024-9823)"
* Zookeeper, Kafka, Drain Cleaner, Cruise Control: Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader "(CVE-2024-47554)"
* Kafka: (com.google.protobuf:protobuf-java@3.23.4). Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users "(CVE-2024-7254)"
"Drain Cleaner: Awaiting Analysis(CVE-2024-29025)"
* Kroxylicoius: When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server's hostname, resulting in an insecure connection. For a successful attack to be performed, the attacker needs to perform a Man-in-the-Middle attack or compromise any external systems, such as DNS or network routing configuration. "(CVE-2024-8285)"
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Streams for Apache Kafka 2.8.0 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Streams for Apache Kafka, based on the Apache Kafka project, offers a distributed\nbackbone that allows microservices and other applications to share data with\nextremely high throughput and extremely low latency.\n\nThis release of Red Hat AMQ Streams 2.8.0 serves as a replacement for Red Hat\nAMQ Streams 2.7.0, and includes security and bug fixes, and enhancements.\n\nSecurity Fix(es):\n* Zookeeper, Kafka, Cruise Control: org.eclipse.jetty/jetty-server: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks [amq-st-2] \n\"(CVE-2024-8184)\"\n\n* Zookeeper, Kafka : org.eclipse.jetty/jetty-servlets: Jetty DOS vulnerability on DosFilter [amq-st-2] \"(CVE-2024-9823)\"\n\n* Zookeeper, Kafka, Drain Cleaner, Cruise Control: Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader \"(CVE-2024-47554)\"\n\n* Kafka: (com.google.protobuf:protobuf-java@3.23.4). Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users \"(CVE-2024-7254)\"\n\n\"Drain Cleaner: Awaiting Analysis(CVE-2024-29025)\"\n\n* Kroxylicoius: When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server\u0027s hostname, resulting in an insecure connection. For a successful attack to be performed, the attacker needs to perform a Man-in-the-Middle attack or compromise any external systems, such as DNS or network routing configuration. \"(CVE-2024-8285)\"",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:9571",
"url": "https://access.redhat.com/errata/RHSA-2024:9571"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2272907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907"
},
{
"category": "external",
"summary": "2308606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308606"
},
{
"category": "external",
"summary": "2313454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313454"
},
{
"category": "external",
"summary": "2316271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316271"
},
{
"category": "external",
"summary": "2318564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318564"
},
{
"category": "external",
"summary": "2318565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318565"
},
{
"category": "external",
"summary": "ASUI-91",
"url": "https://issues.redhat.com/browse/ASUI-91"
},
{
"category": "external",
"summary": "ENTMQST-2632",
"url": "https://issues.redhat.com/browse/ENTMQST-2632"
},
{
"category": "external",
"summary": "ENTMQST-3288",
"url": "https://issues.redhat.com/browse/ENTMQST-3288"
},
{
"category": "external",
"summary": "ENTMQST-4019",
"url": "https://issues.redhat.com/browse/ENTMQST-4019"
},
{
"category": "external",
"summary": "ENTMQST-5199",
"url": "https://issues.redhat.com/browse/ENTMQST-5199"
},
{
"category": "external",
"summary": "ENTMQST-5669",
"url": "https://issues.redhat.com/browse/ENTMQST-5669"
},
{
"category": "external",
"summary": "ENTMQST-5674",
"url": "https://issues.redhat.com/browse/ENTMQST-5674"
},
{
"category": "external",
"summary": "ENTMQST-5740",
"url": "https://issues.redhat.com/browse/ENTMQST-5740"
},
{
"category": "external",
"summary": "ENTMQST-5789",
"url": "https://issues.redhat.com/browse/ENTMQST-5789"
},
{
"category": "external",
"summary": "ENTMQST-5843",
"url": "https://issues.redhat.com/browse/ENTMQST-5843"
},
{
"category": "external",
"summary": "ENTMQST-5850",
"url": "https://issues.redhat.com/browse/ENTMQST-5850"
},
{
"category": "external",
"summary": "ENTMQST-5863",
"url": "https://issues.redhat.com/browse/ENTMQST-5863"
},
{
"category": "external",
"summary": "ENTMQST-5865",
"url": "https://issues.redhat.com/browse/ENTMQST-5865"
},
{
"category": "external",
"summary": "ENTMQST-5915",
"url": "https://issues.redhat.com/browse/ENTMQST-5915"
},
{
"category": "external",
"summary": "ENTMQST-6028",
"url": "https://issues.redhat.com/browse/ENTMQST-6028"
},
{
"category": "external",
"summary": "ENTMQST-6032",
"url": "https://issues.redhat.com/browse/ENTMQST-6032"
},
{
"category": "external",
"summary": "ENTMQST-6129",
"url": "https://issues.redhat.com/browse/ENTMQST-6129"
},
{
"category": "external",
"summary": "ENTMQST-6183",
"url": "https://issues.redhat.com/browse/ENTMQST-6183"
},
{
"category": "external",
"summary": "ENTMQST-6205",
"url": "https://issues.redhat.com/browse/ENTMQST-6205"
},
{
"category": "external",
"summary": "ENTMQST-6225",
"url": "https://issues.redhat.com/browse/ENTMQST-6225"
},
{
"category": "external",
"summary": "ENTMQST-6341",
"url": "https://issues.redhat.com/browse/ENTMQST-6341"
},
{
"category": "external",
"summary": "ENTMQST-6421",
"url": "https://issues.redhat.com/browse/ENTMQST-6421"
},
{
"category": "external",
"summary": "ENTMQST-6422",
"url": "https://issues.redhat.com/browse/ENTMQST-6422"
},
{
"category": "external",
"summary": "ENTMQSTPR-43",
"url": "https://issues.redhat.com/browse/ENTMQSTPR-43"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9571.json"
}
],
"title": "Red Hat Security Advisory: Streams for Apache Kafka 2.8.0 release and security update",
"tracking": {
"current_release_date": "2025-10-29T12:12:26+00:00",
"generator": {
"date": "2025-10-29T12:12:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.10"
}
},
"id": "RHSA-2024:9571",
"initial_release_date": "2024-11-13T16:21:03+00:00",
"revision_history": [
{
"date": "2024-11-13T16:21:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-13T16:21:03+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-29T12:12:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Streams for Apache Kafka 2.8.0",
"product": {
"name": "Streams for Apache Kafka 2.8.0",
"product_id": "Streams for Apache Kafka 2.8.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_streams:2"
}
}
}
],
"category": "product_family",
"name": "Streams for Apache Kafka"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-7254",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-09-19T01:20:29.981665+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2313454"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Protocol Buffers (protobuf). This issue can allows an attacker to cause a StackOverflow via parsing untrusted Protocol Buffers data containing arbitrarily nested SGROUP tags, leading to unbounded recursion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "protobuf: StackOverflow vulnerability in Protocol Buffers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue represents a significant severity risk because unbounded recursion in Protocol Buffers parsing can be exploited to trigger stack overflows, leading to Denial of Service (DoS). When parsers, such as `DiscardUnknownFieldsParser` or the Java Protobuf Lite parser, encounter arbitrarily nested groups or deeply recursive map fields, the lack of recursion depth limits can result in uncontrolled stack growth. Attackers can craft malicious protobuf messages that deliberately exceed the stack\u0027s capacity, causing the application to crash or become unresponsive.\n\nThe protobuf package as shipped in RHEL does not include the affected java or kotlin bindings, therefore RHEL is Not Affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.8.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-7254"
},
{
"category": "external",
"summary": "RHBZ#2313454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7254",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7254"
},
{
"category": "external",
"summary": "https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa",
"url": "https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa"
}
],
"release_date": "2024-09-19T01:15:10.963000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T16:21:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "protobuf: StackOverflow vulnerability in Protocol Buffers"
},
{
"cve": "CVE-2024-8184",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-10-14T16:01:01.239238+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2318564"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jetty\u0027s ThreadLimitHandler.getRemote(). This flaw allows unauthorized users to cause remote denial of service (DoS) attacks. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as moderate rather than important because it requires specific conditions to be met, including continuous, crafted requests that deliberately target memory allocation to exhaust resources. While it can cause a denial of service, it does not lead to direct compromise of sensitive data, unauthorized access, or code execution.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-400: Uncontrolled Resource Consumption vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat restricts access to all platform information by default, granting access only after successful hard token-based multi-factor authentication (MFA) and enforcing least privilege to ensure only authorized roles can execute or modify code. The environment employs malicious code protections, including IDS/IPS and antimalware tools to detect threats and monitor resource usage, helping prevent uncontrolled consumption that could lead to system failure. Additional safeguards, such as web application firewalls and load-balancing strategies, protect against resource exhaustion and performance degradation. Event logs are centrally collected, correlated, and analyzed to support monitoring, alerting, and retention, aiding in the detection of abnormal behavior and potential denial-of-service (DoS) conditions. Static code analysis and peer reviews enforce strong input validation and error handling, reducing the likelihood of input-based DoS attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.8.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8184"
},
{
"category": "external",
"summary": "RHBZ#2318564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318564"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8184",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8184"
},
{
"category": "external",
"summary": "https://github.com/jetty/jetty.project/pull/11723",
"url": "https://github.com/jetty/jetty.project/pull/11723"
},
{
"category": "external",
"summary": "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq",
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq"
},
{
"category": "external",
"summary": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30",
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30"
}
],
"release_date": "2024-10-14T15:09:37.861000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T16:21:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks"
},
{
"cve": "CVE-2024-8285",
"cwe": {
"id": "CWE-297",
"name": "Improper Validation of Certificate with Host Mismatch"
},
"discovery_date": "2024-08-29T22:39:10.882000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308606"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Kroxylicious. When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server\u0027s hostname, resulting in an insecure connection. For a successful attack to be performed, the attacker needs to perform a Man-in-the-Middle attack or compromise any external systems, such as DNS or network routing configuration. This issue is considered a high complexity attack, with additional high privileges required, as the attack would need access to the Kroxylicious configuration or a peer system. The result of a successful attack impacts both data integrity and confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kroxylicious: Missing upstream Kafka TLS hostname verification",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat have considered this vulnerability as a \u0027Moderate\u0027 severity given the complexity and the permission level required to perform a successful attacker.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.8.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8285"
},
{
"category": "external",
"summary": "RHBZ#2308606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8285",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8285"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8285",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8285"
}
],
"release_date": "2024-08-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T16:21:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kroxylicious: Missing upstream Kafka TLS hostname verification"
},
{
"cve": "CVE-2024-9823",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-10-14T16:01:06.545771+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2318565"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jetty. The DosFilter can be exploited remotely by unauthorized users to trigger an out-of-memory condition by repeatedly sending specially crafted requests. This issue may cause a crash, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.eclipse.jetty:jetty-servlets: jetty: Jetty DOS vulnerability on DosFilter",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-400: Uncontrolled Resource Consumption vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat restricts access to all platform information by default, granting access only after successful hard token-based multi-factor authentication (MFA) and enforcing least privilege to ensure only authorized roles can execute or modify code. The environment employs malicious code protections, including IDS/IPS and antimalware tools to detect threats and monitor resource usage, helping prevent uncontrolled consumption that could lead to system failure. Additional safeguards, such as web application firewalls and load-balancing strategies, protect against resource exhaustion and performance degradation. Event logs are centrally collected, correlated, and analyzed to support monitoring, alerting, and retention, aiding in the detection of abnormal behavior and potential denial-of-service (DoS) conditions. Static code analysis and peer reviews enforce strong input validation and error handling, reducing the likelihood of input-based DoS attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.8.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-9823"
},
{
"category": "external",
"summary": "RHBZ#2318565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318565"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-9823",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9823"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-9823",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9823"
},
{
"category": "external",
"summary": "https://github.com/jetty/jetty.project/issues/1256",
"url": "https://github.com/jetty/jetty.project/issues/1256"
},
{
"category": "external",
"summary": "https://github.com/jetty/jetty.project/security/advisories/GHSA-7hcf-ppf8-5w5h",
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-7hcf-ppf8-5w5h"
},
{
"category": "external",
"summary": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/39",
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/39"
}
],
"release_date": "2024-10-14T15:03:02.293000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T16:21:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.eclipse.jetty:jetty-servlets: jetty: Jetty DOS vulnerability on DosFilter"
},
{
"cve": "CVE-2024-29025",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2272907"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the io.netty:netty-codec-http package. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling issues due to the accumulation of data in the HttpPostRequestDecoder. The decoder cumulates bytes in the undecodedChunk buffer until it can decode a field, allowing data to accumulate without limits. This flaw allows an attacker to cause a denial of service by sending a chunked post consisting of many small fields that will be accumulated in the bodyListHttpData list.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http: Allocation of Resources Without Limits or Throttling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in io.netty:netty-codec-http, allowing for Allocation of Resources Without Limits or Throttling issues, is assessed as moderate severity due to its potential impact on system availability and performance. By exploiting the flaw in HttpPostRequestDecoder, an attacker can craft chunked POST requests with numerous small fields, causing excessive accumulation of data in memory buffers. This unrestricted accumulation can lead to significant memory consumption on the server, potentially exhausting available resources and resulting in denial of service (DoS) conditions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.8.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29025"
},
{
"category": "external",
"summary": "RHBZ#2272907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025"
},
{
"category": "external",
"summary": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3",
"url": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c",
"url": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812",
"url": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812"
}
],
"release_date": "2024-03-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T16:21:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec-http: Allocation of Resources Without Limits or Throttling"
},
{
"cve": "CVE-2024-47554",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-10-03T12:00:40.921058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2316271"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Apache Commons IO component in the org.apache.commons.io.input.XmlStreamReader class. Excessive CPU resource consumption can lead to a denial of service when an untrusted input is processed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-400: Uncontrolled Resource Consumption vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat restricts access to all platform information by default, granting access only after successful hard token-based multi-factor authentication (MFA) and enforcing least privilege to ensure only authorized roles can execute or modify code. The environment employs malicious code protections, including IDS/IPS and antimalware tools to detect threats and monitor resource usage, helping prevent uncontrolled consumption that could lead to system failure. Additional safeguards, such as web application firewalls and load-balancing strategies, protect against resource exhaustion and performance degradation. Event logs are centrally collected, correlated, and analyzed to support monitoring, alerting, and retention, aiding in the detection of abnormal behavior and potential denial-of-service (DoS) conditions. Static code analysis and peer reviews enforce strong input validation and error handling, reducing the likelihood of input-based DoS attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.8.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47554"
},
{
"category": "external",
"summary": "RHBZ#2316271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316271"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47554",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47554"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1",
"url": "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1"
}
],
"release_date": "2024-10-03T11:32:48.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T16:21:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader"
}
]
}
RHSA-2024:9571
Vulnerability from csaf_redhat
Published
2024-11-13 16:21
Modified
2025-10-29 12:12
Summary
Red Hat Security Advisory: Streams for Apache Kafka 2.8.0 release and security update
Notes
Topic
Streams for Apache Kafka 2.8.0 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Streams for Apache Kafka, based on the Apache Kafka project, offers a distributed
backbone that allows microservices and other applications to share data with
extremely high throughput and extremely low latency.
This release of Red Hat AMQ Streams 2.8.0 serves as a replacement for Red Hat
AMQ Streams 2.7.0, and includes security and bug fixes, and enhancements.
Security Fix(es):
* Zookeeper, Kafka, Cruise Control: org.eclipse.jetty/jetty-server: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks [amq-st-2]
"(CVE-2024-8184)"
* Zookeeper, Kafka : org.eclipse.jetty/jetty-servlets: Jetty DOS vulnerability on DosFilter [amq-st-2] "(CVE-2024-9823)"
* Zookeeper, Kafka, Drain Cleaner, Cruise Control: Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader "(CVE-2024-47554)"
* Kafka: (com.google.protobuf:protobuf-java@3.23.4). Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users "(CVE-2024-7254)"
"Drain Cleaner: Awaiting Analysis(CVE-2024-29025)"
* Kroxylicoius: When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server's hostname, resulting in an insecure connection. For a successful attack to be performed, the attacker needs to perform a Man-in-the-Middle attack or compromise any external systems, such as DNS or network routing configuration. "(CVE-2024-8285)"
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Streams for Apache Kafka 2.8.0 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Streams for Apache Kafka, based on the Apache Kafka project, offers a distributed\nbackbone that allows microservices and other applications to share data with\nextremely high throughput and extremely low latency.\n\nThis release of Red Hat AMQ Streams 2.8.0 serves as a replacement for Red Hat\nAMQ Streams 2.7.0, and includes security and bug fixes, and enhancements.\n\nSecurity Fix(es):\n* Zookeeper, Kafka, Cruise Control: org.eclipse.jetty/jetty-server: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks [amq-st-2] \n\"(CVE-2024-8184)\"\n\n* Zookeeper, Kafka : org.eclipse.jetty/jetty-servlets: Jetty DOS vulnerability on DosFilter [amq-st-2] \"(CVE-2024-9823)\"\n\n* Zookeeper, Kafka, Drain Cleaner, Cruise Control: Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader \"(CVE-2024-47554)\"\n\n* Kafka: (com.google.protobuf:protobuf-java@3.23.4). Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users \"(CVE-2024-7254)\"\n\n\"Drain Cleaner: Awaiting Analysis(CVE-2024-29025)\"\n\n* Kroxylicoius: When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server\u0027s hostname, resulting in an insecure connection. For a successful attack to be performed, the attacker needs to perform a Man-in-the-Middle attack or compromise any external systems, such as DNS or network routing configuration. \"(CVE-2024-8285)\"",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:9571",
"url": "https://access.redhat.com/errata/RHSA-2024:9571"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2272907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907"
},
{
"category": "external",
"summary": "2308606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308606"
},
{
"category": "external",
"summary": "2313454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313454"
},
{
"category": "external",
"summary": "2316271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316271"
},
{
"category": "external",
"summary": "2318564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318564"
},
{
"category": "external",
"summary": "2318565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318565"
},
{
"category": "external",
"summary": "ASUI-91",
"url": "https://issues.redhat.com/browse/ASUI-91"
},
{
"category": "external",
"summary": "ENTMQST-2632",
"url": "https://issues.redhat.com/browse/ENTMQST-2632"
},
{
"category": "external",
"summary": "ENTMQST-3288",
"url": "https://issues.redhat.com/browse/ENTMQST-3288"
},
{
"category": "external",
"summary": "ENTMQST-4019",
"url": "https://issues.redhat.com/browse/ENTMQST-4019"
},
{
"category": "external",
"summary": "ENTMQST-5199",
"url": "https://issues.redhat.com/browse/ENTMQST-5199"
},
{
"category": "external",
"summary": "ENTMQST-5669",
"url": "https://issues.redhat.com/browse/ENTMQST-5669"
},
{
"category": "external",
"summary": "ENTMQST-5674",
"url": "https://issues.redhat.com/browse/ENTMQST-5674"
},
{
"category": "external",
"summary": "ENTMQST-5740",
"url": "https://issues.redhat.com/browse/ENTMQST-5740"
},
{
"category": "external",
"summary": "ENTMQST-5789",
"url": "https://issues.redhat.com/browse/ENTMQST-5789"
},
{
"category": "external",
"summary": "ENTMQST-5843",
"url": "https://issues.redhat.com/browse/ENTMQST-5843"
},
{
"category": "external",
"summary": "ENTMQST-5850",
"url": "https://issues.redhat.com/browse/ENTMQST-5850"
},
{
"category": "external",
"summary": "ENTMQST-5863",
"url": "https://issues.redhat.com/browse/ENTMQST-5863"
},
{
"category": "external",
"summary": "ENTMQST-5865",
"url": "https://issues.redhat.com/browse/ENTMQST-5865"
},
{
"category": "external",
"summary": "ENTMQST-5915",
"url": "https://issues.redhat.com/browse/ENTMQST-5915"
},
{
"category": "external",
"summary": "ENTMQST-6028",
"url": "https://issues.redhat.com/browse/ENTMQST-6028"
},
{
"category": "external",
"summary": "ENTMQST-6032",
"url": "https://issues.redhat.com/browse/ENTMQST-6032"
},
{
"category": "external",
"summary": "ENTMQST-6129",
"url": "https://issues.redhat.com/browse/ENTMQST-6129"
},
{
"category": "external",
"summary": "ENTMQST-6183",
"url": "https://issues.redhat.com/browse/ENTMQST-6183"
},
{
"category": "external",
"summary": "ENTMQST-6205",
"url": "https://issues.redhat.com/browse/ENTMQST-6205"
},
{
"category": "external",
"summary": "ENTMQST-6225",
"url": "https://issues.redhat.com/browse/ENTMQST-6225"
},
{
"category": "external",
"summary": "ENTMQST-6341",
"url": "https://issues.redhat.com/browse/ENTMQST-6341"
},
{
"category": "external",
"summary": "ENTMQST-6421",
"url": "https://issues.redhat.com/browse/ENTMQST-6421"
},
{
"category": "external",
"summary": "ENTMQST-6422",
"url": "https://issues.redhat.com/browse/ENTMQST-6422"
},
{
"category": "external",
"summary": "ENTMQSTPR-43",
"url": "https://issues.redhat.com/browse/ENTMQSTPR-43"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9571.json"
}
],
"title": "Red Hat Security Advisory: Streams for Apache Kafka 2.8.0 release and security update",
"tracking": {
"current_release_date": "2025-10-29T12:12:26+00:00",
"generator": {
"date": "2025-10-29T12:12:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.10"
}
},
"id": "RHSA-2024:9571",
"initial_release_date": "2024-11-13T16:21:03+00:00",
"revision_history": [
{
"date": "2024-11-13T16:21:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-13T16:21:03+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-29T12:12:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Streams for Apache Kafka 2.8.0",
"product": {
"name": "Streams for Apache Kafka 2.8.0",
"product_id": "Streams for Apache Kafka 2.8.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_streams:2"
}
}
}
],
"category": "product_family",
"name": "Streams for Apache Kafka"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-7254",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-09-19T01:20:29.981665+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2313454"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Protocol Buffers (protobuf). This issue can allows an attacker to cause a StackOverflow via parsing untrusted Protocol Buffers data containing arbitrarily nested SGROUP tags, leading to unbounded recursion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "protobuf: StackOverflow vulnerability in Protocol Buffers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue represents a significant severity risk because unbounded recursion in Protocol Buffers parsing can be exploited to trigger stack overflows, leading to Denial of Service (DoS). When parsers, such as `DiscardUnknownFieldsParser` or the Java Protobuf Lite parser, encounter arbitrarily nested groups or deeply recursive map fields, the lack of recursion depth limits can result in uncontrolled stack growth. Attackers can craft malicious protobuf messages that deliberately exceed the stack\u0027s capacity, causing the application to crash or become unresponsive.\n\nThe protobuf package as shipped in RHEL does not include the affected java or kotlin bindings, therefore RHEL is Not Affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.8.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-7254"
},
{
"category": "external",
"summary": "RHBZ#2313454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7254",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7254"
},
{
"category": "external",
"summary": "https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa",
"url": "https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa"
}
],
"release_date": "2024-09-19T01:15:10.963000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T16:21:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "protobuf: StackOverflow vulnerability in Protocol Buffers"
},
{
"cve": "CVE-2024-8184",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-10-14T16:01:01.239238+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2318564"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jetty\u0027s ThreadLimitHandler.getRemote(). This flaw allows unauthorized users to cause remote denial of service (DoS) attacks. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as moderate rather than important because it requires specific conditions to be met, including continuous, crafted requests that deliberately target memory allocation to exhaust resources. While it can cause a denial of service, it does not lead to direct compromise of sensitive data, unauthorized access, or code execution.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-400: Uncontrolled Resource Consumption vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat restricts access to all platform information by default, granting access only after successful hard token-based multi-factor authentication (MFA) and enforcing least privilege to ensure only authorized roles can execute or modify code. The environment employs malicious code protections, including IDS/IPS and antimalware tools to detect threats and monitor resource usage, helping prevent uncontrolled consumption that could lead to system failure. Additional safeguards, such as web application firewalls and load-balancing strategies, protect against resource exhaustion and performance degradation. Event logs are centrally collected, correlated, and analyzed to support monitoring, alerting, and retention, aiding in the detection of abnormal behavior and potential denial-of-service (DoS) conditions. Static code analysis and peer reviews enforce strong input validation and error handling, reducing the likelihood of input-based DoS attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.8.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8184"
},
{
"category": "external",
"summary": "RHBZ#2318564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318564"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8184",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8184"
},
{
"category": "external",
"summary": "https://github.com/jetty/jetty.project/pull/11723",
"url": "https://github.com/jetty/jetty.project/pull/11723"
},
{
"category": "external",
"summary": "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq",
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq"
},
{
"category": "external",
"summary": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30",
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30"
}
],
"release_date": "2024-10-14T15:09:37.861000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T16:21:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks"
},
{
"cve": "CVE-2024-8285",
"cwe": {
"id": "CWE-297",
"name": "Improper Validation of Certificate with Host Mismatch"
},
"discovery_date": "2024-08-29T22:39:10.882000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308606"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Kroxylicious. When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server\u0027s hostname, resulting in an insecure connection. For a successful attack to be performed, the attacker needs to perform a Man-in-the-Middle attack or compromise any external systems, such as DNS or network routing configuration. This issue is considered a high complexity attack, with additional high privileges required, as the attack would need access to the Kroxylicious configuration or a peer system. The result of a successful attack impacts both data integrity and confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kroxylicious: Missing upstream Kafka TLS hostname verification",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat have considered this vulnerability as a \u0027Moderate\u0027 severity given the complexity and the permission level required to perform a successful attacker.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.8.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8285"
},
{
"category": "external",
"summary": "RHBZ#2308606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8285",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8285"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8285",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8285"
}
],
"release_date": "2024-08-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T16:21:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kroxylicious: Missing upstream Kafka TLS hostname verification"
},
{
"cve": "CVE-2024-9823",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-10-14T16:01:06.545771+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2318565"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jetty. The DosFilter can be exploited remotely by unauthorized users to trigger an out-of-memory condition by repeatedly sending specially crafted requests. This issue may cause a crash, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.eclipse.jetty:jetty-servlets: jetty: Jetty DOS vulnerability on DosFilter",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-400: Uncontrolled Resource Consumption vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat restricts access to all platform information by default, granting access only after successful hard token-based multi-factor authentication (MFA) and enforcing least privilege to ensure only authorized roles can execute or modify code. The environment employs malicious code protections, including IDS/IPS and antimalware tools to detect threats and monitor resource usage, helping prevent uncontrolled consumption that could lead to system failure. Additional safeguards, such as web application firewalls and load-balancing strategies, protect against resource exhaustion and performance degradation. Event logs are centrally collected, correlated, and analyzed to support monitoring, alerting, and retention, aiding in the detection of abnormal behavior and potential denial-of-service (DoS) conditions. Static code analysis and peer reviews enforce strong input validation and error handling, reducing the likelihood of input-based DoS attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.8.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-9823"
},
{
"category": "external",
"summary": "RHBZ#2318565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318565"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-9823",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9823"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-9823",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9823"
},
{
"category": "external",
"summary": "https://github.com/jetty/jetty.project/issues/1256",
"url": "https://github.com/jetty/jetty.project/issues/1256"
},
{
"category": "external",
"summary": "https://github.com/jetty/jetty.project/security/advisories/GHSA-7hcf-ppf8-5w5h",
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-7hcf-ppf8-5w5h"
},
{
"category": "external",
"summary": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/39",
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/39"
}
],
"release_date": "2024-10-14T15:03:02.293000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T16:21:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.eclipse.jetty:jetty-servlets: jetty: Jetty DOS vulnerability on DosFilter"
},
{
"cve": "CVE-2024-29025",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2272907"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the io.netty:netty-codec-http package. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling issues due to the accumulation of data in the HttpPostRequestDecoder. The decoder cumulates bytes in the undecodedChunk buffer until it can decode a field, allowing data to accumulate without limits. This flaw allows an attacker to cause a denial of service by sending a chunked post consisting of many small fields that will be accumulated in the bodyListHttpData list.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http: Allocation of Resources Without Limits or Throttling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in io.netty:netty-codec-http, allowing for Allocation of Resources Without Limits or Throttling issues, is assessed as moderate severity due to its potential impact on system availability and performance. By exploiting the flaw in HttpPostRequestDecoder, an attacker can craft chunked POST requests with numerous small fields, causing excessive accumulation of data in memory buffers. This unrestricted accumulation can lead to significant memory consumption on the server, potentially exhausting available resources and resulting in denial of service (DoS) conditions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.8.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29025"
},
{
"category": "external",
"summary": "RHBZ#2272907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025"
},
{
"category": "external",
"summary": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3",
"url": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c",
"url": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812",
"url": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812"
}
],
"release_date": "2024-03-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T16:21:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec-http: Allocation of Resources Without Limits or Throttling"
},
{
"cve": "CVE-2024-47554",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-10-03T12:00:40.921058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2316271"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Apache Commons IO component in the org.apache.commons.io.input.XmlStreamReader class. Excessive CPU resource consumption can lead to a denial of service when an untrusted input is processed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-400: Uncontrolled Resource Consumption vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat restricts access to all platform information by default, granting access only after successful hard token-based multi-factor authentication (MFA) and enforcing least privilege to ensure only authorized roles can execute or modify code. The environment employs malicious code protections, including IDS/IPS and antimalware tools to detect threats and monitor resource usage, helping prevent uncontrolled consumption that could lead to system failure. Additional safeguards, such as web application firewalls and load-balancing strategies, protect against resource exhaustion and performance degradation. Event logs are centrally collected, correlated, and analyzed to support monitoring, alerting, and retention, aiding in the detection of abnormal behavior and potential denial-of-service (DoS) conditions. Static code analysis and peer reviews enforce strong input validation and error handling, reducing the likelihood of input-based DoS attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.8.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47554"
},
{
"category": "external",
"summary": "RHBZ#2316271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316271"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47554",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47554"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1",
"url": "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1"
}
],
"release_date": "2024-10-03T11:32:48.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T16:21:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader"
}
]
}
rhsa-2024_9571
Vulnerability from csaf_redhat
Published
2024-11-13 16:21
Modified
2025-01-06 18:07
Summary
Red Hat Security Advisory: Streams for Apache Kafka 2.8.0 release and security update
Notes
Topic
Streams for Apache Kafka 2.8.0 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Streams for Apache Kafka, based on the Apache Kafka project, offers a distributed
backbone that allows microservices and other applications to share data with
extremely high throughput and extremely low latency.
This release of Red Hat AMQ Streams 2.8.0 serves as a replacement for Red Hat
AMQ Streams 2.7.0, and includes security and bug fixes, and enhancements.
Security Fix(es):
* Zookeeper, Kafka, Cruise Control: org.eclipse.jetty/jetty-server: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks [amq-st-2]
"(CVE-2024-8184)"
* Zookeeper, Kafka : org.eclipse.jetty/jetty-servlets: Jetty DOS vulnerability on DosFilter [amq-st-2] "(CVE-2024-9823)"
* Zookeeper, Kafka, Drain Cleaner, Cruise Control: Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader "(CVE-2024-47554)"
* Kafka: (com.google.protobuf:protobuf-java@3.23.4). Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users "(CVE-2024-7254)"
"Drain Cleaner: Awaiting Analysis(CVE-2024-29025)"
* Kroxylicoius: When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server's hostname, resulting in an insecure connection. For a successful attack to be performed, the attacker needs to perform a Man-in-the-Middle attack or compromise any external systems, such as DNS or network routing configuration. "(CVE-2024-8285)"
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Streams for Apache Kafka 2.8.0 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Streams for Apache Kafka, based on the Apache Kafka project, offers a distributed\nbackbone that allows microservices and other applications to share data with\nextremely high throughput and extremely low latency.\n\nThis release of Red Hat AMQ Streams 2.8.0 serves as a replacement for Red Hat\nAMQ Streams 2.7.0, and includes security and bug fixes, and enhancements.\n\nSecurity Fix(es):\n* Zookeeper, Kafka, Cruise Control: org.eclipse.jetty/jetty-server: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks [amq-st-2] \n\"(CVE-2024-8184)\"\n\n* Zookeeper, Kafka : org.eclipse.jetty/jetty-servlets: Jetty DOS vulnerability on DosFilter [amq-st-2] \"(CVE-2024-9823)\"\n\n* Zookeeper, Kafka, Drain Cleaner, Cruise Control: Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader \"(CVE-2024-47554)\"\n\n* Kafka: (com.google.protobuf:protobuf-java@3.23.4). Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users \"(CVE-2024-7254)\"\n\n\"Drain Cleaner: Awaiting Analysis(CVE-2024-29025)\"\n\n* Kroxylicoius: When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server\u0027s hostname, resulting in an insecure connection. For a successful attack to be performed, the attacker needs to perform a Man-in-the-Middle attack or compromise any external systems, such as DNS or network routing configuration. \"(CVE-2024-8285)\"",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:9571",
"url": "https://access.redhat.com/errata/RHSA-2024:9571"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2272907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907"
},
{
"category": "external",
"summary": "2308606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308606"
},
{
"category": "external",
"summary": "2313454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313454"
},
{
"category": "external",
"summary": "2316271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316271"
},
{
"category": "external",
"summary": "2318564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318564"
},
{
"category": "external",
"summary": "2318565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318565"
},
{
"category": "external",
"summary": "ASUI-91",
"url": "https://issues.redhat.com/browse/ASUI-91"
},
{
"category": "external",
"summary": "ENTMQST-2632",
"url": "https://issues.redhat.com/browse/ENTMQST-2632"
},
{
"category": "external",
"summary": "ENTMQST-3288",
"url": "https://issues.redhat.com/browse/ENTMQST-3288"
},
{
"category": "external",
"summary": "ENTMQST-4019",
"url": "https://issues.redhat.com/browse/ENTMQST-4019"
},
{
"category": "external",
"summary": "ENTMQST-5199",
"url": "https://issues.redhat.com/browse/ENTMQST-5199"
},
{
"category": "external",
"summary": "ENTMQST-5669",
"url": "https://issues.redhat.com/browse/ENTMQST-5669"
},
{
"category": "external",
"summary": "ENTMQST-5674",
"url": "https://issues.redhat.com/browse/ENTMQST-5674"
},
{
"category": "external",
"summary": "ENTMQST-5740",
"url": "https://issues.redhat.com/browse/ENTMQST-5740"
},
{
"category": "external",
"summary": "ENTMQST-5789",
"url": "https://issues.redhat.com/browse/ENTMQST-5789"
},
{
"category": "external",
"summary": "ENTMQST-5843",
"url": "https://issues.redhat.com/browse/ENTMQST-5843"
},
{
"category": "external",
"summary": "ENTMQST-5850",
"url": "https://issues.redhat.com/browse/ENTMQST-5850"
},
{
"category": "external",
"summary": "ENTMQST-5863",
"url": "https://issues.redhat.com/browse/ENTMQST-5863"
},
{
"category": "external",
"summary": "ENTMQST-5865",
"url": "https://issues.redhat.com/browse/ENTMQST-5865"
},
{
"category": "external",
"summary": "ENTMQST-5915",
"url": "https://issues.redhat.com/browse/ENTMQST-5915"
},
{
"category": "external",
"summary": "ENTMQST-6028",
"url": "https://issues.redhat.com/browse/ENTMQST-6028"
},
{
"category": "external",
"summary": "ENTMQST-6032",
"url": "https://issues.redhat.com/browse/ENTMQST-6032"
},
{
"category": "external",
"summary": "ENTMQST-6129",
"url": "https://issues.redhat.com/browse/ENTMQST-6129"
},
{
"category": "external",
"summary": "ENTMQST-6183",
"url": "https://issues.redhat.com/browse/ENTMQST-6183"
},
{
"category": "external",
"summary": "ENTMQST-6205",
"url": "https://issues.redhat.com/browse/ENTMQST-6205"
},
{
"category": "external",
"summary": "ENTMQST-6225",
"url": "https://issues.redhat.com/browse/ENTMQST-6225"
},
{
"category": "external",
"summary": "ENTMQST-6341",
"url": "https://issues.redhat.com/browse/ENTMQST-6341"
},
{
"category": "external",
"summary": "ENTMQST-6421",
"url": "https://issues.redhat.com/browse/ENTMQST-6421"
},
{
"category": "external",
"summary": "ENTMQST-6422",
"url": "https://issues.redhat.com/browse/ENTMQST-6422"
},
{
"category": "external",
"summary": "ENTMQSTPR-43",
"url": "https://issues.redhat.com/browse/ENTMQSTPR-43"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9571.json"
}
],
"title": "Red Hat Security Advisory: Streams for Apache Kafka 2.8.0 release and security update",
"tracking": {
"current_release_date": "2025-01-06T18:07:18+00:00",
"generator": {
"date": "2025-01-06T18:07:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.5"
}
},
"id": "RHSA-2024:9571",
"initial_release_date": "2024-11-13T16:21:03+00:00",
"revision_history": [
{
"date": "2024-11-13T16:21:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-13T16:21:03+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-06T18:07:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Streams for Apache Kafka 2.8.0",
"product": {
"name": "Streams for Apache Kafka 2.8.0",
"product_id": "Streams for Apache Kafka 2.8.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_streams:2"
}
}
}
],
"category": "product_family",
"name": "Streams for Apache Kafka"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-7254",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-09-19T01:20:29.981665+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2313454"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Protocol Buffers (protobuf). This issue can allows an attacker to cause a StackOverflow via parsing untrusted Protocol Buffers data containing arbitrarily nested SGROUP tags, leading to unbounded recursion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "protobuf: StackOverflow vulnerability in Protocol Buffers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue represents a significant severity risk because unbounded recursion in Protocol Buffers parsing can be exploited to trigger stack overflows, leading to Denial of Service (DoS). When parsers, such as `DiscardUnknownFieldsParser` or the Java Protobuf Lite parser, encounter arbitrarily nested groups or deeply recursive map fields, the lack of recursion depth limits can result in uncontrolled stack growth. Attackers can craft malicious protobuf messages that deliberately exceed the stack\u0027s capacity, causing the application to crash or become unresponsive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.8.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-7254"
},
{
"category": "external",
"summary": "RHBZ#2313454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7254",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7254"
},
{
"category": "external",
"summary": "https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa",
"url": "https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa"
}
],
"release_date": "2024-09-19T01:15:10.963000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T16:21:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "protobuf: StackOverflow vulnerability in Protocol Buffers"
},
{
"cve": "CVE-2024-8184",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-10-14T16:01:01.239238+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2318564"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jetty\u0027s ThreadLimitHandler.getRemote(). This flaw allows unauthorized users to cause remote denial of service (DoS) attacks. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server\u0027s memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as moderate rather than important because it requires specific conditions to be met, including continuous, crafted requests that deliberately target memory allocation to exhaust resources. While it can cause a denial of service, it does not lead to direct compromise of sensitive data, unauthorized access, or code execution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.8.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8184"
},
{
"category": "external",
"summary": "RHBZ#2318564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318564"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8184",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8184"
},
{
"category": "external",
"summary": "https://github.com/jetty/jetty.project/pull/11723",
"url": "https://github.com/jetty/jetty.project/pull/11723"
},
{
"category": "external",
"summary": "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq",
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq"
},
{
"category": "external",
"summary": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30",
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30"
}
],
"release_date": "2024-10-14T15:09:37.861000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T16:21:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks"
},
{
"cve": "CVE-2024-8285",
"cwe": {
"id": "CWE-297",
"name": "Improper Validation of Certificate with Host Mismatch"
},
"discovery_date": "2024-08-29T22:39:10.882000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308606"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Kroxylicious. When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server\u0027s hostname, resulting in an insecure connection. For a successful attack to be performed, the attacker needs to perform a Man-in-the-Middle attack or compromise any external systems, such as DNS or network routing configuration. This issue is considered a high complexity attack, with additional high privileges required, as the attack would need access to the Kroxylicious configuration or a peer system. The result of a successful attack impacts both data integrity and confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kroxylicious: Missing upstream Kafka TLS hostname verification",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat have considered this vulnerability as a \u0027Moderate\u0027 severity given the complexity and the permission level required to perform a successful attacker.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.8.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8285"
},
{
"category": "external",
"summary": "RHBZ#2308606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8285",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8285"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8285",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8285"
}
],
"release_date": "2024-08-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T16:21:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kroxylicious: Missing upstream Kafka TLS hostname verification"
},
{
"cve": "CVE-2024-9823",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-10-14T16:01:06.545771+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2318565"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jetty. The DosFilter can be exploited remotely by unauthorized users to trigger an out-of-memory condition by repeatedly sending specially crafted requests. This issue may cause a crash, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.eclipse.jetty:jetty-servlets: jetty: Jetty DOS vulnerability on DosFilter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.8.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-9823"
},
{
"category": "external",
"summary": "RHBZ#2318565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318565"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-9823",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9823"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-9823",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9823"
},
{
"category": "external",
"summary": "https://github.com/jetty/jetty.project/issues/1256",
"url": "https://github.com/jetty/jetty.project/issues/1256"
},
{
"category": "external",
"summary": "https://github.com/jetty/jetty.project/security/advisories/GHSA-7hcf-ppf8-5w5h",
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-7hcf-ppf8-5w5h"
},
{
"category": "external",
"summary": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/39",
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/39"
}
],
"release_date": "2024-10-14T15:03:02.293000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T16:21:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.eclipse.jetty:jetty-servlets: jetty: Jetty DOS vulnerability on DosFilter"
},
{
"cve": "CVE-2024-29025",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2272907"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the io.netty:netty-codec-http package. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling issues due to the accumulation of data in the HttpPostRequestDecoder. The decoder cumulates bytes in the undecodedChunk buffer until it can decode a field, allowing data to accumulate without limits. This flaw allows an attacker to cause a denial of service by sending a chunked post consisting of many small fields that will be accumulated in the bodyListHttpData list.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http: Allocation of Resources Without Limits or Throttling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in io.netty:netty-codec-http, allowing for Allocation of Resources Without Limits or Throttling issues, is assessed as moderate severity due to its potential impact on system availability and performance. By exploiting the flaw in HttpPostRequestDecoder, an attacker can craft chunked POST requests with numerous small fields, causing excessive accumulation of data in memory buffers. This unrestricted accumulation can lead to significant memory consumption on the server, potentially exhausting available resources and resulting in denial of service (DoS) conditions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.8.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29025"
},
{
"category": "external",
"summary": "RHBZ#2272907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272907"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025"
},
{
"category": "external",
"summary": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3",
"url": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c",
"url": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812",
"url": "https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-6483812"
}
],
"release_date": "2024-03-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T16:21:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec-http: Allocation of Resources Without Limits or Throttling"
},
{
"cve": "CVE-2024-47554",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-10-03T12:00:40.921058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2316271"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Apache Commons IO component in the org.apache.commons.io.input.XmlStreamReader class. Excessive CPU resource consumption can lead to a denial of service when an untrusted input is processed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.8.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47554"
},
{
"category": "external",
"summary": "RHBZ#2316271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316271"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47554",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47554"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1",
"url": "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1"
}
],
"release_date": "2024-10-03T11:32:48.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T16:21:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.8.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.8.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader"
}
]
}
msrc_cve-2024-47554
Vulnerability from csaf_microsoft
Published
2024-10-01 07:00
Modified
2024-12-07 00:00
Summary
Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47554 Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-47554.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader",
"tracking": {
"current_release_date": "2024-12-07T00:00:00.000Z",
"generator": {
"date": "2025-10-20T02:22:00.557Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2024-47554",
"initial_release_date": "2024-10-01T07:00:00.000Z",
"revision_history": [
{
"date": "2024-11-09T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2024-12-07T00:00:00.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added apache-commons-io to CBL-Mariner 2.0\nAdded apache-commons-io to Azure Linux 3.0"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 apache-commons-io 2.14.0-1",
"product": {
"name": "\u003ccbl2 apache-commons-io 2.14.0-1",
"product_id": "4"
}
},
{
"category": "product_version",
"name": "cbl2 apache-commons-io 2.14.0-1",
"product": {
"name": "cbl2 apache-commons-io 2.14.0-1",
"product_id": "17229"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 apache-commons-io 2.14.0-1",
"product": {
"name": "\u003cazl3 apache-commons-io 2.14.0-1",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "azl3 apache-commons-io 2.14.0-1",
"product": {
"name": "azl3 apache-commons-io 2.14.0-1",
"product_id": "17615"
}
}
],
"category": "product_name",
"name": "apache-commons-io"
},
{
"branches": [
{
"category": "product_version_range",
"name": "cbl2 javapackages-bootstrap 1.5.0-6",
"product": {
"name": "cbl2 javapackages-bootstrap 1.5.0-6",
"product_id": "2"
}
},
{
"category": "product_version_range",
"name": "azl3 javapackages-bootstrap 1.14.0-3",
"product": {
"name": "azl3 javapackages-bootstrap 1.14.0-3",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "javapackages-bootstrap"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 apache-commons-io 2.14.0-1 as a component of CBL Mariner 2.0",
"product_id": "17086-4"
},
"product_reference": "4",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 apache-commons-io 2.14.0-1 as a component of CBL Mariner 2.0",
"product_id": "17229-17086"
},
"product_reference": "17229",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 apache-commons-io 2.14.0-1 as a component of Azure Linux 3.0",
"product_id": "17084-3"
},
"product_reference": "3",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 apache-commons-io 2.14.0-1 as a component of Azure Linux 3.0",
"product_id": "17615-17084"
},
"product_reference": "17615",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 javapackages-bootstrap 1.5.0-6 as a component of CBL Mariner 2.0",
"product_id": "17086-2"
},
"product_reference": "2",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 javapackages-bootstrap 1.14.0-3 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-47554",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "general",
"text": "apache",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"17229-17086",
"17615-17084"
],
"known_affected": [
"17086-4",
"17084-3",
"17086-2",
"17084-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47554 Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-47554.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-09T00:00:00.000Z",
"details": "2.14.0-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-4",
"17084-3"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 4.3,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"17086-4",
"17084-3",
"17086-2",
"17084-1"
]
}
],
"title": "Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader"
}
]
}
wid-sec-w-2024-3082
Vulnerability from csaf_certbund
Published
2024-10-03 22:00
Modified
2025-07-10 22:00
Summary
Apache Commons IO: Schwachstelle ermöglicht Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Apache Commons ist ein Apache-Projekt, das alle Aspekte der wiederverwendbaren Java-Komponenten behandelt.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Apache Commons IO ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
- UNIX
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Apache Commons ist ein Apache-Projekt, das alle Aspekte der wiederverwendbaren Java-Komponenten behandelt.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Apache Commons IO ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3082 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3082.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3082 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3082"
},
{
"category": "external",
"summary": "GitHub Advisory Database vom 2024-10-03",
"url": "https://github.com/advisories/GHSA-78wr-2p64-hpwj"
},
{
"category": "external",
"summary": "Red Hat Bugtracker #2316271 vom 2024-10-03",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316271"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-5D581B2365 vom 2024-10-04",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-5d581b2365"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7172522 vom 2024-10-08",
"url": "https://www.ibm.com/support/pages/node/7172522"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2024:14387-1 vom 2024-10-09",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/JRY5QEEISAVBMYG363PQWMMY2EMLEE5E/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3596-1 vom 2024-10-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019590.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:9571 vom 2024-11-13",
"url": "https://access.redhat.com/errata/RHSA-2024:9571"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7176463 vom 2024-11-19",
"url": "https://www.ibm.com/support/pages/node/7176463"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7176963 vom 2024-11-22",
"url": "https://www.ibm.com/support/pages/node/7176963"
},
{
"category": "external",
"summary": "HCL Article KB0117576 vom 2024-12-04",
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0117576"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7176903 vom 2024-12-05",
"url": "https://www.ibm.com/support/pages/node/7176903"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7178253 vom 2024-12-09",
"url": "https://www.ibm.com/support/pages/node/7178253"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7179125 vom 2024-12-17",
"url": "https://www.ibm.com/support/pages/node/7179125"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7181897 vom 2025-01-29",
"url": "https://www.ibm.com/support/pages/node/7181897"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20250131-0010 vom 2025-01-31",
"url": "https://security.netapp.com/advisory/ntap-20250131-0010/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7182808 vom 2025-02-07",
"url": "https://www.ibm.com/support/pages/node/7182808"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7183676 vom 2025-02-27",
"url": "https://www.ibm.com/support/pages/node/7183676"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:2416 vom 2025-03-05",
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7230121 vom 2025-04-04",
"url": "https://www.ibm.com/support/pages/node/7230121"
},
{
"category": "external",
"summary": "Trellix 2025 Update 5 Release Notes vom 2025-06-25",
"url": "https://docs.trellix.com/bundle/epolicy-orchestrator-saas-release-notes/page/UUID-bdfa33f8-426e-ec2b-a46a-a50c7743b530.html"
},
{
"category": "external",
"summary": "Trellix 2025 Update 5 Release Notes vom 2025-06-25",
"url": "https://docs.trellix.com/bundle/epolicy-orchestrator-saas-release-notes/page/UUID-bdfa33f8-426e-ec2b-a46a-a50c7743b530.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-2927 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2927.html"
}
],
"source_lang": "en-US",
"title": "Apache Commons IO: Schwachstelle erm\u00f6glicht Denial of Service",
"tracking": {
"current_release_date": "2025-07-10T22:00:00.000+00:00",
"generator": {
"date": "2025-07-11T08:50:40.306+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2024-3082",
"initial_release_date": "2024-10-03T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-10-03T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-10-07T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-10-09T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2024-10-13T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-11-13T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-18T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-11-24T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-12-04T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von HCL aufgenommen"
},
{
"date": "2024-12-05T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-12-09T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-12-16T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-01-28T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-02-02T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von NetApp aufgenommen"
},
{
"date": "2025-02-09T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von IBM und IBM-APAR aufgenommen"
},
{
"date": "2025-02-27T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-03-05T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-04-03T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-06-24T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-07-10T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Amazon aufgenommen"
}
],
"status": "final",
"version": "19"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "IO \u003c2.14.0",
"product": {
"name": "Apache Commons IO \u003c2.14.0",
"product_id": "T037949"
}
},
{
"category": "product_version",
"name": "IO 2.14.0",
"product": {
"name": "Apache Commons IO 2.14.0",
"product_id": "T037949-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:apache:commons:io__2.14.0"
}
}
},
{
"category": "product_version_range",
"name": "IO \u003e=2.0",
"product": {
"name": "Apache Commons IO \u003e=2.0",
"product_id": "T037950"
}
},
{
"category": "product_version_range",
"name": "IO \u003e=2.0",
"product": {
"name": "Apache Commons IO \u003e=2.0",
"product_id": "T037950-fixed"
}
}
],
"category": "product_name",
"name": "Commons"
}
],
"category": "vendor",
"name": "Apache"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.1.17.0",
"product": {
"name": "HCL Commerce \u003c9.1.17.0",
"product_id": "T039584"
}
},
{
"category": "product_version",
"name": "9.1.17.0",
"product": {
"name": "HCL Commerce 9.1.17.0",
"product_id": "T039584-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:hcltechsw:commerce:9.1.17.0"
}
}
}
],
"category": "product_name",
"name": "Commerce"
}
],
"category": "vendor",
"name": "HCL"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM App Connect Enterprise",
"product": {
"name": "IBM App Connect Enterprise",
"product_id": "T032495",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c24.0.0-IF004",
"product": {
"name": "IBM Business Automation Workflow \u003c24.0.0-IF004",
"product_id": "T040915"
}
},
{
"category": "product_version",
"name": "24.0.0-IF004",
"product": {
"name": "IBM Business Automation Workflow 24.0.0-IF004",
"product_id": "T040915-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:24.0.0-if004"
}
}
},
{
"category": "product_version_range",
"name": "\u003c21.0.3-IF039",
"product": {
"name": "IBM Business Automation Workflow \u003c21.0.3-IF039",
"product_id": "T040916"
}
},
{
"category": "product_version",
"name": "21.0.3-IF039",
"product": {
"name": "IBM Business Automation Workflow 21.0.3-IF039",
"product_id": "T040916-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:21.0.3-if039"
}
}
}
],
"category": "product_name",
"name": "Business Automation Workflow"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c12.0.4 IF2",
"product": {
"name": "IBM Cognos Analytics \u003c12.0.4 IF2",
"product_id": "T041469"
}
},
{
"category": "product_version",
"name": "12.0.4 IF2",
"product": {
"name": "IBM Cognos Analytics 12.0.4 IF2",
"product_id": "T041469-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:cognos_analytics:12.0.4_if2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.2.4 IF4",
"product": {
"name": "IBM Cognos Analytics \u003c11.2.4 IF4",
"product_id": "T041470"
}
},
{
"category": "product_version",
"name": "11.2.4 IF4",
"product": {
"name": "IBM Cognos Analytics 11.2.4 IF4",
"product_id": "T041470-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:cognos_analytics:11.2.4_if4"
}
}
}
],
"category": "product_name",
"name": "Cognos Analytics"
},
{
"branches": [
{
"category": "product_version",
"name": "9",
"product": {
"name": "IBM InfoSphere Identity Insight 9.0",
"product_id": "723109",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_identity_insight:9.0"
}
}
},
{
"category": "product_version",
"name": "9.1",
"product": {
"name": "IBM InfoSphere Identity Insight 9.1",
"product_id": "T024310",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_identity_insight:9.1"
}
}
},
{
"category": "product_version",
"name": "10",
"product": {
"name": "IBM InfoSphere Identity Insight 10.0",
"product_id": "T024311",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_identity_insight:10.0"
}
}
}
],
"category": "product_name",
"name": "InfoSphere Identity Insight"
},
{
"branches": [
{
"category": "product_version",
"name": "11.7",
"product": {
"name": "IBM InfoSphere Information Server 11.7",
"product_id": "444803",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_information_server:11.7"
}
}
}
],
"category": "product_name",
"name": "InfoSphere Information Server"
},
{
"category": "product_name",
"name": "IBM Integration Bus",
"product": {
"name": "IBM Integration Bus",
"product_id": "T039654",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:integration_bus:for_zos"
}
}
},
{
"category": "product_name",
"name": "IBM Operational Decision Manager",
"product": {
"name": "IBM Operational Decision Manager",
"product_id": "T005180",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:operational_decision_manager:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "8.5",
"product": {
"name": "IBM SPSS 8.5",
"product_id": "T038507",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spss:8.5"
}
}
}
],
"category": "product_name",
"name": "SPSS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "WebGUI \u003c8.1.0 Fix Pack 34",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus WebGUI \u003c8.1.0 Fix Pack 34",
"product_id": "T039247"
}
},
{
"category": "product_version",
"name": "WebGUI 8.1.0 Fix Pack 34",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus WebGUI 8.1.0 Fix Pack 34",
"product_id": "T039247-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_netcool%2fomnibus:webgui__8.1.0_fix_pack_34"
}
}
}
],
"category": "product_name",
"name": "Tivoli Netcool/OMNIbus"
},
{
"category": "product_name",
"name": "IBM Tivoli Network Manager",
"product": {
"name": "IBM Tivoli Network Manager",
"product_id": "T012578",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp ActiveIQ Unified Manager",
"product": {
"name": "NetApp ActiveIQ Unified Manager",
"product_id": "T016960",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:-"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Streams 2",
"product": {
"name": "Red Hat JBoss A-MQ Streams 2",
"product_id": "T041596",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_amq:streams_2"
}
}
}
],
"category": "product_name",
"name": "JBoss A-MQ"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2025 Update 5",
"product": {
"name": "Trellix ePolicy Orchestrator \u003c2025 Update 5",
"product_id": "T044835"
}
},
{
"category": "product_version",
"name": "2025 Update 5",
"product": {
"name": "Trellix ePolicy Orchestrator 2025 Update 5",
"product_id": "T044835-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:trellix:epolicy_orchestrator:2025_update_5"
}
}
}
],
"category": "product_name",
"name": "ePolicy Orchestrator"
}
],
"category": "vendor",
"name": "Trellix"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-47554",
"product_status": {
"known_affected": [
"T040916",
"T040915",
"T037949",
"67646",
"T012578",
"T038507",
"T016960",
"74185",
"T039247",
"T039654",
"T032495",
"723109",
"T039584",
"T041470",
"T002207",
"444803",
"T044835",
"T024311",
"T027843",
"T005180",
"T024310",
"T041469",
"398363",
"T041596"
]
},
"release_date": "2024-10-03T22:00:00.000+00:00",
"title": "CVE-2024-47554"
}
]
}
WID-SEC-W-2024-3082
Vulnerability from csaf_certbund
Published
2024-10-03 22:00
Modified
2025-07-10 22:00
Summary
Apache Commons IO: Schwachstelle ermöglicht Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Apache Commons ist ein Apache-Projekt, das alle Aspekte der wiederverwendbaren Java-Komponenten behandelt.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Apache Commons IO ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
- UNIX
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Apache Commons ist ein Apache-Projekt, das alle Aspekte der wiederverwendbaren Java-Komponenten behandelt.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Apache Commons IO ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3082 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3082.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3082 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3082"
},
{
"category": "external",
"summary": "GitHub Advisory Database vom 2024-10-03",
"url": "https://github.com/advisories/GHSA-78wr-2p64-hpwj"
},
{
"category": "external",
"summary": "Red Hat Bugtracker #2316271 vom 2024-10-03",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316271"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-5D581B2365 vom 2024-10-04",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-5d581b2365"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7172522 vom 2024-10-08",
"url": "https://www.ibm.com/support/pages/node/7172522"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2024:14387-1 vom 2024-10-09",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/JRY5QEEISAVBMYG363PQWMMY2EMLEE5E/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3596-1 vom 2024-10-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019590.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:9571 vom 2024-11-13",
"url": "https://access.redhat.com/errata/RHSA-2024:9571"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7176463 vom 2024-11-19",
"url": "https://www.ibm.com/support/pages/node/7176463"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7176963 vom 2024-11-22",
"url": "https://www.ibm.com/support/pages/node/7176963"
},
{
"category": "external",
"summary": "HCL Article KB0117576 vom 2024-12-04",
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0117576"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7176903 vom 2024-12-05",
"url": "https://www.ibm.com/support/pages/node/7176903"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7178253 vom 2024-12-09",
"url": "https://www.ibm.com/support/pages/node/7178253"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7179125 vom 2024-12-17",
"url": "https://www.ibm.com/support/pages/node/7179125"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7181897 vom 2025-01-29",
"url": "https://www.ibm.com/support/pages/node/7181897"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20250131-0010 vom 2025-01-31",
"url": "https://security.netapp.com/advisory/ntap-20250131-0010/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7182808 vom 2025-02-07",
"url": "https://www.ibm.com/support/pages/node/7182808"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7183676 vom 2025-02-27",
"url": "https://www.ibm.com/support/pages/node/7183676"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:2416 vom 2025-03-05",
"url": "https://access.redhat.com/errata/RHSA-2025:2416"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7230121 vom 2025-04-04",
"url": "https://www.ibm.com/support/pages/node/7230121"
},
{
"category": "external",
"summary": "Trellix 2025 Update 5 Release Notes vom 2025-06-25",
"url": "https://docs.trellix.com/bundle/epolicy-orchestrator-saas-release-notes/page/UUID-bdfa33f8-426e-ec2b-a46a-a50c7743b530.html"
},
{
"category": "external",
"summary": "Trellix 2025 Update 5 Release Notes vom 2025-06-25",
"url": "https://docs.trellix.com/bundle/epolicy-orchestrator-saas-release-notes/page/UUID-bdfa33f8-426e-ec2b-a46a-a50c7743b530.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-2927 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2927.html"
}
],
"source_lang": "en-US",
"title": "Apache Commons IO: Schwachstelle erm\u00f6glicht Denial of Service",
"tracking": {
"current_release_date": "2025-07-10T22:00:00.000+00:00",
"generator": {
"date": "2025-07-11T08:50:40.306+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2024-3082",
"initial_release_date": "2024-10-03T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-10-03T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-10-07T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-10-09T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2024-10-13T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-11-13T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-18T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-11-24T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-12-04T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von HCL aufgenommen"
},
{
"date": "2024-12-05T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-12-09T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-12-16T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-01-28T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-02-02T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von NetApp aufgenommen"
},
{
"date": "2025-02-09T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von IBM und IBM-APAR aufgenommen"
},
{
"date": "2025-02-27T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-03-05T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-04-03T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-06-24T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-07-10T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Amazon aufgenommen"
}
],
"status": "final",
"version": "19"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "IO \u003c2.14.0",
"product": {
"name": "Apache Commons IO \u003c2.14.0",
"product_id": "T037949"
}
},
{
"category": "product_version",
"name": "IO 2.14.0",
"product": {
"name": "Apache Commons IO 2.14.0",
"product_id": "T037949-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:apache:commons:io__2.14.0"
}
}
},
{
"category": "product_version_range",
"name": "IO \u003e=2.0",
"product": {
"name": "Apache Commons IO \u003e=2.0",
"product_id": "T037950"
}
},
{
"category": "product_version_range",
"name": "IO \u003e=2.0",
"product": {
"name": "Apache Commons IO \u003e=2.0",
"product_id": "T037950-fixed"
}
}
],
"category": "product_name",
"name": "Commons"
}
],
"category": "vendor",
"name": "Apache"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.1.17.0",
"product": {
"name": "HCL Commerce \u003c9.1.17.0",
"product_id": "T039584"
}
},
{
"category": "product_version",
"name": "9.1.17.0",
"product": {
"name": "HCL Commerce 9.1.17.0",
"product_id": "T039584-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:hcltechsw:commerce:9.1.17.0"
}
}
}
],
"category": "product_name",
"name": "Commerce"
}
],
"category": "vendor",
"name": "HCL"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM App Connect Enterprise",
"product": {
"name": "IBM App Connect Enterprise",
"product_id": "T032495",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c24.0.0-IF004",
"product": {
"name": "IBM Business Automation Workflow \u003c24.0.0-IF004",
"product_id": "T040915"
}
},
{
"category": "product_version",
"name": "24.0.0-IF004",
"product": {
"name": "IBM Business Automation Workflow 24.0.0-IF004",
"product_id": "T040915-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:24.0.0-if004"
}
}
},
{
"category": "product_version_range",
"name": "\u003c21.0.3-IF039",
"product": {
"name": "IBM Business Automation Workflow \u003c21.0.3-IF039",
"product_id": "T040916"
}
},
{
"category": "product_version",
"name": "21.0.3-IF039",
"product": {
"name": "IBM Business Automation Workflow 21.0.3-IF039",
"product_id": "T040916-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:21.0.3-if039"
}
}
}
],
"category": "product_name",
"name": "Business Automation Workflow"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c12.0.4 IF2",
"product": {
"name": "IBM Cognos Analytics \u003c12.0.4 IF2",
"product_id": "T041469"
}
},
{
"category": "product_version",
"name": "12.0.4 IF2",
"product": {
"name": "IBM Cognos Analytics 12.0.4 IF2",
"product_id": "T041469-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:cognos_analytics:12.0.4_if2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.2.4 IF4",
"product": {
"name": "IBM Cognos Analytics \u003c11.2.4 IF4",
"product_id": "T041470"
}
},
{
"category": "product_version",
"name": "11.2.4 IF4",
"product": {
"name": "IBM Cognos Analytics 11.2.4 IF4",
"product_id": "T041470-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:cognos_analytics:11.2.4_if4"
}
}
}
],
"category": "product_name",
"name": "Cognos Analytics"
},
{
"branches": [
{
"category": "product_version",
"name": "9",
"product": {
"name": "IBM InfoSphere Identity Insight 9.0",
"product_id": "723109",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_identity_insight:9.0"
}
}
},
{
"category": "product_version",
"name": "9.1",
"product": {
"name": "IBM InfoSphere Identity Insight 9.1",
"product_id": "T024310",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_identity_insight:9.1"
}
}
},
{
"category": "product_version",
"name": "10",
"product": {
"name": "IBM InfoSphere Identity Insight 10.0",
"product_id": "T024311",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_identity_insight:10.0"
}
}
}
],
"category": "product_name",
"name": "InfoSphere Identity Insight"
},
{
"branches": [
{
"category": "product_version",
"name": "11.7",
"product": {
"name": "IBM InfoSphere Information Server 11.7",
"product_id": "444803",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_information_server:11.7"
}
}
}
],
"category": "product_name",
"name": "InfoSphere Information Server"
},
{
"category": "product_name",
"name": "IBM Integration Bus",
"product": {
"name": "IBM Integration Bus",
"product_id": "T039654",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:integration_bus:for_zos"
}
}
},
{
"category": "product_name",
"name": "IBM Operational Decision Manager",
"product": {
"name": "IBM Operational Decision Manager",
"product_id": "T005180",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:operational_decision_manager:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "8.5",
"product": {
"name": "IBM SPSS 8.5",
"product_id": "T038507",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spss:8.5"
}
}
}
],
"category": "product_name",
"name": "SPSS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "WebGUI \u003c8.1.0 Fix Pack 34",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus WebGUI \u003c8.1.0 Fix Pack 34",
"product_id": "T039247"
}
},
{
"category": "product_version",
"name": "WebGUI 8.1.0 Fix Pack 34",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus WebGUI 8.1.0 Fix Pack 34",
"product_id": "T039247-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_netcool%2fomnibus:webgui__8.1.0_fix_pack_34"
}
}
}
],
"category": "product_name",
"name": "Tivoli Netcool/OMNIbus"
},
{
"category": "product_name",
"name": "IBM Tivoli Network Manager",
"product": {
"name": "IBM Tivoli Network Manager",
"product_id": "T012578",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp ActiveIQ Unified Manager",
"product": {
"name": "NetApp ActiveIQ Unified Manager",
"product_id": "T016960",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:-"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Streams 2",
"product": {
"name": "Red Hat JBoss A-MQ Streams 2",
"product_id": "T041596",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_amq:streams_2"
}
}
}
],
"category": "product_name",
"name": "JBoss A-MQ"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2025 Update 5",
"product": {
"name": "Trellix ePolicy Orchestrator \u003c2025 Update 5",
"product_id": "T044835"
}
},
{
"category": "product_version",
"name": "2025 Update 5",
"product": {
"name": "Trellix ePolicy Orchestrator 2025 Update 5",
"product_id": "T044835-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:trellix:epolicy_orchestrator:2025_update_5"
}
}
}
],
"category": "product_name",
"name": "ePolicy Orchestrator"
}
],
"category": "vendor",
"name": "Trellix"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-47554",
"product_status": {
"known_affected": [
"T040916",
"T040915",
"T037949",
"67646",
"T012578",
"T038507",
"T016960",
"74185",
"T039247",
"T039654",
"T032495",
"723109",
"T039584",
"T041470",
"T002207",
"444803",
"T044835",
"T024311",
"T027843",
"T005180",
"T024310",
"T041469",
"398363",
"T041596"
]
},
"release_date": "2024-10-03T22:00:00.000+00:00",
"title": "CVE-2024-47554"
}
]
}
wid-sec-w-2025-0001
Vulnerability from csaf_certbund
Published
2025-01-01 23:00
Modified
2025-01-06 23:00
Summary
IBM DB2: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM DB2 ist ein relationales Datenbanksystem (RDBS) von IBM.
Angriff
Ein entfernter oder lokaler Angreifer kann mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data ausnutzen, um seine Privilegien zu erhöhen, beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, Sicherheitsmaßnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen.
Betroffene Betriebssysteme
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM DB2 ist ein relationales Datenbanksystem (RDBS) von IBM.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter oder lokaler Angreifer kann mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0001 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0001.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0001 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0001"
},
{
"category": "external",
"summary": "IBM Security Bulletin vom 2025-01-01",
"url": "https://www.ibm.com/support/pages/node/7180105"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7180361 vom 2025-01-07",
"url": "https://www.ibm.com/support/pages/node/7180361"
}
],
"source_lang": "en-US",
"title": "IBM DB2: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-01-06T23:00:00.000+00:00",
"generator": {
"date": "2025-01-07T11:42:20.646+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2025-0001",
"initial_release_date": "2025-01-01T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-01-01T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-01-06T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c5.1.0",
"product": {
"name": "IBM DB2 \u003c5.1.0",
"product_id": "T039987"
}
},
{
"category": "product_version",
"name": "5.1.0",
"product": {
"name": "IBM DB2 5.1.0",
"product_id": "T039987-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:5.1.0"
}
}
},
{
"category": "product_version_range",
"name": "Warehouse \u003c5.1.0",
"product": {
"name": "IBM DB2 Warehouse \u003c5.1.0",
"product_id": "T039988"
}
},
{
"category": "product_version",
"name": "Warehouse 5.1.0",
"product": {
"name": "IBM DB2 Warehouse 5.1.0",
"product_id": "T039988-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:warehouse__5.1.0"
}
}
}
],
"category": "product_name",
"name": "DB2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.1.6.4",
"product": {
"name": "IBM Spectrum Protect Plus \u003c10.1.6.4",
"product_id": "T040030"
}
},
{
"category": "product_version",
"name": "10.1.6.4",
"product": {
"name": "IBM Spectrum Protect Plus 10.1.6.4",
"product_id": "T040030-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect_plus:10.1.6.4"
}
}
}
],
"category": "product_name",
"name": "Spectrum Protect Plus"
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-32740",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2021-32740"
},
{
"cve": "CVE-2021-41186",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2021-41186"
},
{
"cve": "CVE-2022-0759",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2022-0759"
},
{
"cve": "CVE-2022-24795",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2022-24795"
},
{
"cve": "CVE-2022-31163",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2022-31163"
},
{
"cve": "CVE-2023-39325",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2023-39325"
},
{
"cve": "CVE-2023-41993",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2023-41993"
},
{
"cve": "CVE-2023-45283",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2023-45283"
},
{
"cve": "CVE-2023-45288",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2023-45288"
},
{
"cve": "CVE-2023-6597",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2023-6597"
},
{
"cve": "CVE-2024-0406",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-0406"
},
{
"cve": "CVE-2024-20918",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-20918"
},
{
"cve": "CVE-2024-20952",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-20952"
},
{
"cve": "CVE-2024-2398",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-2398"
},
{
"cve": "CVE-2024-24786",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-24786"
},
{
"cve": "CVE-2024-27281",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-27281"
},
{
"cve": "CVE-2024-2961",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-2961"
},
{
"cve": "CVE-2024-29857",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-29857"
},
{
"cve": "CVE-2024-33599",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-33599"
},
{
"cve": "CVE-2024-33883",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-33883"
},
{
"cve": "CVE-2024-37370",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-37370"
},
{
"cve": "CVE-2024-37371",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-37371"
},
{
"cve": "CVE-2024-37890",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-37890"
},
{
"cve": "CVE-2024-39338",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-39338"
},
{
"cve": "CVE-2024-4068",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-4068"
},
{
"cve": "CVE-2024-41110",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-41110"
},
{
"cve": "CVE-2024-41123",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-41123"
},
{
"cve": "CVE-2024-41946",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-41946"
},
{
"cve": "CVE-2024-45296",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-45296"
},
{
"cve": "CVE-2024-45491",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-45491"
},
{
"cve": "CVE-2024-45590",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-45590"
},
{
"cve": "CVE-2024-47220",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-47220"
},
{
"cve": "CVE-2024-47554",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-47554"
},
{
"cve": "CVE-2024-6119",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-6119"
},
{
"cve": "CVE-2024-6345",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data. Diese existieren wegen unsachgem\u00e4\u00dfer \u00dcberpr\u00fcfungen, sowie Fehlern in der Speicherbehandlung, Eingabevalidierung und Berechtigungsverwaltung bez\u00fcglich der genutzten Komponenten, wie z.B. Java SE, cURL, Bouncy Castle, Kerberos und expat. Ein entfernter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T040030",
"T039988",
"T039987"
]
},
"release_date": "2025-01-01T23:00:00.000+00:00",
"title": "CVE-2024-6345"
}
]
}
fkie_cve-2024-47554
Vulnerability from fkie_nvd
Published
2024-10-03 12:15
Modified
2025-07-10 21:10
Severity ?
Summary
Uncontrolled Resource Consumption vulnerability in Apache Commons IO.
The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input.
This issue affects Apache Commons IO: from 2.0 before 2.14.0.
Users are recommended to upgrade to version 2.14.0 or later, which fixes the issue.
References
| URL | Tags | ||
|---|---|---|---|
| security@apache.org | https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1 | Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2024/10/03/2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20250131-0010/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | commons_io | * | |
| netapp | active_iq_unified_manager | - | |
| netapp | active_iq_unified_manager | - | |
| netapp | active_iq_unified_manager | - | |
| netapp | bluexp | - | |
| netapp | e-series_santricity_unified_manager | - | |
| netapp | e-series_santricity_web_services_proxy | - | |
| netapp | ontap_tools | 9 | |
| netapp | ontap_tools | 10 | |
| netapp | santricity_storage_plugin | - | |
| netapp | snapcenter | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:commons_io:*:*:*:*:*:*:*:*",
"matchCriteriaId": "133FC9D6-82C4-40E3-AB39-FE04E5A0BF4D",
"versionEndExcluding": "2.14.0",
"versionStartIncluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*",
"matchCriteriaId": "F3E0B672-3E06-4422-B2A4-0BD073AEC2A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*",
"matchCriteriaId": "B55E8D50-99B4-47EC-86F9-699B67D473CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:bluexp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC1AE8BD-EE3F-494C-9F03-D4B2B7233106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_unified_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB695329-036B-447D-BEB0-AA4D89D1D99C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_web_services_proxy:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F148EC-6D6D-4C4F-B57C-CFBCD3D32B41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:ontap_tools:9:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "C2D814BE-93EC-42EF-88C5-EA7E7DF07BE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:ontap_tools:10:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "5333B745-F7A3-46CB-8437-8668DB08CD6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:santricity_storage_plugin:-:*:*:*:*:vcenter:*:*",
"matchCriteriaId": "82E94B87-065E-475F-815C-F49978CE22FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled Resource Consumption vulnerability in Apache Commons IO.\n\nThe org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input.\n\n\nThis issue affects Apache Commons IO: from 2.0 before 2.14.0.\n\nUsers are recommended to upgrade to version 2.14.0 or later, which fixes the issue."
},
{
"lang": "es",
"value": "Vulnerabilidad de consumo descontrolado de recursos en Apache Commons IO. La clase org.apache.commons.io.input.XmlStreamReader puede consumir recursos de CPU en exceso al procesar una entrada manipulada con fines malintencionados. Este problema afecta a Apache Commons IO: desde la versi\u00f3n 2.0 hasta la 2.14.0. Se recomienda a los usuarios que actualicen a la versi\u00f3n 2.14.0 o posterior, que soluciona el problema."
}
],
"id": "CVE-2024-47554",
"lastModified": "2025-07-10T21:10:32.113",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-10-03T12:15:02.613",
"references": [
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2024/10/03/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20250131-0010/"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "security@apache.org",
"type": "Secondary"
}
]
}
ghsa-78wr-2p64-hpwj
Vulnerability from github
Published
2024-10-03 12:30
Modified
2025-01-31 15:30
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
VLAI Severity ?
Summary
Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader
Details
Uncontrolled Resource Consumption vulnerability in Apache Commons IO.
The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input.
This issue affects Apache Commons IO: from 2.0 before 2.14.0.
Users are recommended to upgrade to version 2.14.0 or later, which fixes the issue.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "commons-io:commons-io"
},
"ranges": [
{
"events": [
{
"introduced": "2.0"
},
{
"fixed": "2.14.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-47554"
],
"database_specific": {
"cwe_ids": [
"CWE-400"
],
"github_reviewed": true,
"github_reviewed_at": "2024-10-03T16:52:23Z",
"nvd_published_at": "2024-10-03T12:15:02Z",
"severity": "HIGH"
},
"details": "Uncontrolled Resource Consumption vulnerability in Apache Commons IO.\n\nThe `org.apache.commons.io.input.XmlStreamReader` class may excessively consume CPU resources when processing maliciously crafted input.\n\n\nThis issue affects Apache Commons IO: from 2.0 before 2.14.0.\n\nUsers are recommended to upgrade to version 2.14.0 or later, which fixes the issue.",
"id": "GHSA-78wr-2p64-hpwj",
"modified": "2025-01-31T15:30:42Z",
"published": "2024-10-03T12:30:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47554"
},
{
"type": "PACKAGE",
"url": "https://github.com/apache/commons-io"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20250131-0010"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2024/10/03/2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader"
}
opensuse-su-2024:14387-1
Vulnerability from csaf_opensuse
Published
2024-10-08 00:00
Modified
2024-10-08 00:00
Summary
apache-commons-io-2.17.0-2.1 on GA media
Notes
Title of the patch
apache-commons-io-2.17.0-2.1 on GA media
Description of the patch
These are all security issues fixed in the apache-commons-io-2.17.0-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-14387
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "apache-commons-io-2.17.0-2.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the apache-commons-io-2.17.0-2.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-14387",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14387-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2024:14387-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JRY5QEEISAVBMYG363PQWMMY2EMLEE5E/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2024:14387-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JRY5QEEISAVBMYG363PQWMMY2EMLEE5E/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47554 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47554/"
}
],
"title": "apache-commons-io-2.17.0-2.1 on GA media",
"tracking": {
"current_release_date": "2024-10-08T00:00:00Z",
"generator": {
"date": "2024-10-08T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:14387-1",
"initial_release_date": "2024-10-08T00:00:00Z",
"revision_history": [
{
"date": "2024-10-08T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "apache-commons-io-2.17.0-2.1.aarch64",
"product": {
"name": "apache-commons-io-2.17.0-2.1.aarch64",
"product_id": "apache-commons-io-2.17.0-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache-commons-io-javadoc-2.17.0-2.1.aarch64",
"product": {
"name": "apache-commons-io-javadoc-2.17.0-2.1.aarch64",
"product_id": "apache-commons-io-javadoc-2.17.0-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "apache-commons-io-2.17.0-2.1.ppc64le",
"product": {
"name": "apache-commons-io-2.17.0-2.1.ppc64le",
"product_id": "apache-commons-io-2.17.0-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache-commons-io-javadoc-2.17.0-2.1.ppc64le",
"product": {
"name": "apache-commons-io-javadoc-2.17.0-2.1.ppc64le",
"product_id": "apache-commons-io-javadoc-2.17.0-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "apache-commons-io-2.17.0-2.1.s390x",
"product": {
"name": "apache-commons-io-2.17.0-2.1.s390x",
"product_id": "apache-commons-io-2.17.0-2.1.s390x"
}
},
{
"category": "product_version",
"name": "apache-commons-io-javadoc-2.17.0-2.1.s390x",
"product": {
"name": "apache-commons-io-javadoc-2.17.0-2.1.s390x",
"product_id": "apache-commons-io-javadoc-2.17.0-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "apache-commons-io-2.17.0-2.1.x86_64",
"product": {
"name": "apache-commons-io-2.17.0-2.1.x86_64",
"product_id": "apache-commons-io-2.17.0-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache-commons-io-javadoc-2.17.0-2.1.x86_64",
"product": {
"name": "apache-commons-io-javadoc-2.17.0-2.1.x86_64",
"product_id": "apache-commons-io-javadoc-2.17.0-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-io-2.17.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache-commons-io-2.17.0-2.1.aarch64"
},
"product_reference": "apache-commons-io-2.17.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-io-2.17.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache-commons-io-2.17.0-2.1.ppc64le"
},
"product_reference": "apache-commons-io-2.17.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-io-2.17.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache-commons-io-2.17.0-2.1.s390x"
},
"product_reference": "apache-commons-io-2.17.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-io-2.17.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache-commons-io-2.17.0-2.1.x86_64"
},
"product_reference": "apache-commons-io-2.17.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-io-javadoc-2.17.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache-commons-io-javadoc-2.17.0-2.1.aarch64"
},
"product_reference": "apache-commons-io-javadoc-2.17.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-io-javadoc-2.17.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache-commons-io-javadoc-2.17.0-2.1.ppc64le"
},
"product_reference": "apache-commons-io-javadoc-2.17.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-io-javadoc-2.17.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache-commons-io-javadoc-2.17.0-2.1.s390x"
},
"product_reference": "apache-commons-io-javadoc-2.17.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-io-javadoc-2.17.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache-commons-io-javadoc-2.17.0-2.1.x86_64"
},
"product_reference": "apache-commons-io-javadoc-2.17.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-47554",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47554"
}
],
"notes": [
{
"category": "general",
"text": "Uncontrolled Resource Consumption vulnerability in Apache Commons IO.\n\nThe org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input.\n\n\nThis issue affects Apache Commons IO: from 2.0 before 2.14.0.\n\nUsers are recommended to upgrade to version 2.14.0 or later, which fixes the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache-commons-io-2.17.0-2.1.aarch64",
"openSUSE Tumbleweed:apache-commons-io-2.17.0-2.1.ppc64le",
"openSUSE Tumbleweed:apache-commons-io-2.17.0-2.1.s390x",
"openSUSE Tumbleweed:apache-commons-io-2.17.0-2.1.x86_64",
"openSUSE Tumbleweed:apache-commons-io-javadoc-2.17.0-2.1.aarch64",
"openSUSE Tumbleweed:apache-commons-io-javadoc-2.17.0-2.1.ppc64le",
"openSUSE Tumbleweed:apache-commons-io-javadoc-2.17.0-2.1.s390x",
"openSUSE Tumbleweed:apache-commons-io-javadoc-2.17.0-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47554",
"url": "https://www.suse.com/security/cve/CVE-2024-47554"
},
{
"category": "external",
"summary": "SUSE Bug 1231298 for CVE-2024-47554",
"url": "https://bugzilla.suse.com/1231298"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache-commons-io-2.17.0-2.1.aarch64",
"openSUSE Tumbleweed:apache-commons-io-2.17.0-2.1.ppc64le",
"openSUSE Tumbleweed:apache-commons-io-2.17.0-2.1.s390x",
"openSUSE Tumbleweed:apache-commons-io-2.17.0-2.1.x86_64",
"openSUSE Tumbleweed:apache-commons-io-javadoc-2.17.0-2.1.aarch64",
"openSUSE Tumbleweed:apache-commons-io-javadoc-2.17.0-2.1.ppc64le",
"openSUSE Tumbleweed:apache-commons-io-javadoc-2.17.0-2.1.s390x",
"openSUSE Tumbleweed:apache-commons-io-javadoc-2.17.0-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:apache-commons-io-2.17.0-2.1.aarch64",
"openSUSE Tumbleweed:apache-commons-io-2.17.0-2.1.ppc64le",
"openSUSE Tumbleweed:apache-commons-io-2.17.0-2.1.s390x",
"openSUSE Tumbleweed:apache-commons-io-2.17.0-2.1.x86_64",
"openSUSE Tumbleweed:apache-commons-io-javadoc-2.17.0-2.1.aarch64",
"openSUSE Tumbleweed:apache-commons-io-javadoc-2.17.0-2.1.ppc64le",
"openSUSE Tumbleweed:apache-commons-io-javadoc-2.17.0-2.1.s390x",
"openSUSE Tumbleweed:apache-commons-io-javadoc-2.17.0-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-47554"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…